Task Manager disabled/System running slow

Posted 1/7/2010 4:59 AM
#81708
User avatar

zanitose Valued member

Date Joined Nov 2016
Total Posts: 17
Hello, <br/> <br/> <br/>Have noticed of late that my Task Manager is disabled (not clickable with CTRL,ALT,DEL). <br/> <br/> <br/> <br/>Also, the system takes over 10 minutes to load on start up and runs noticabley slower. First noticed some warnings after I downloaded some dodgy/infected torrents. AVG went crazy and I assumed it had cleaned it up. <br/> <br/> <br/> <br/> <br/>HJT log <br/> <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 3:31:32 PM, on 1/7/2010 <br/>Platform: Windows XP SP3 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v7.00 (7.00.6000.16945) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\WINDOWS\system32\agrsmsvc.exe <br/>C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>C:\WINDOWS\system32\DVDRAMSV.exe <br/>C:\WINDOWS\eHome\ehRecvr.exe <br/>C:\WINDOWS\eHome\ehSched.exe <br/>C:\PROGRA~1\AVG\AVG8\avgam.exe <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe <br/>C:\WINDOWS\system32\nvsvc32.exe <br/>C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe <br/>C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe <br/>C:\WINDOWS\system32\SearchIndexer.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\system32\dllhost.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\WgaTray.exe <br/>C:\WINDOWS\ehome\ehtray.exe <br/>C:\WINDOWS\system32\00THotkey.exe <br/>C:\WINDOWS\system32\TFNF5.exe <br/>C:\Program Files\TOSHIBA\TouchED\TouchED.Exe <br/>C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe <br/>C:\WINDOWS\system32\TPSMain.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe <br/>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe <br/>C:\Program Files\Protector Suite QL\psqltray.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\WINDOWS\eHome\ehmsas.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe <br/>C:\Program Files\iTunes\iTunesHelper.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe <br/>C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe <br/>C:\Program Files\Microsoft ActiveSync\wcescomm.exe <br/>C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe <br/>C:\Program Files\Codebox\BitMeter\BitMeter2.exe <br/>C:\Program Files\Logitech\SetPoint\SetPoint.exe <br/>C:\Program Files\Synaptics\SynTP\Toshiba.exe <br/>C:\PROGRA~1\MI3AA1~1\rapimgr.exe <br/>C:\WINDOWS\system32\TPSBattM.exe <br/>C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe <br/>C:\WINDOWS\system32\RAMASST.exe <br/>C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE <br/>C:\Program Files\Windows Desktop Search\WindowsSearch.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files\Internet Explorer\IEXPLORE.EXE <br/>C:\Program Files\Windows Live\Toolbar\wltuser.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\WINDOWS\system32\msiexec.exe <br/>C:\Program Files\Java\jre6\bin\jusched.exe <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <br/>C:\WINDOWS\system32\SearchProtocolHost.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 <br/>R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe <br/>O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll <br/>O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll <br/>O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll <br/>O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll <br/>O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: URLHooker2 Class - {93935F7F-9C88-42F8-8445-95251D27FABC} - C:\PROGRA~1\FLASHV~1\URLHOO~1.DLL <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll <br/>O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll <br/>O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll <br/>O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll <br/>O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll <br/>O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll <br/>O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe <br/>O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe <br/>O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe <br/>O4 - HKLM\..\Run: [TFNF5] TFNF5.exe <br/>O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe <br/>O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" <br/>O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe <br/>O4 - HKLM\..\Run: [TPSMain] TPSMain.exe <br/>O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe <br/>O4 - HKLM\..\Run: [Kraidman] C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe <br/>O4 - HKLM\..\Run: [TFncKy] TFncKy.exe <br/>O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup <br/>O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" <br/>O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless <br/>O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup <br/>O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE <br/>O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient <br/>O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE <br/>O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit <br/>O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" <br/>O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" <br/>O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM <br/>O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe <br/>O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent <br/>O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" <br/>O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe <br/>O4 - HKCU\..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /FU "C:\WINDOWS\TEMP\E_S136.tmp" /EF "HKCU" <br/>O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" <br/>O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" <br/>O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') <br/>O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') <br/>O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe <br/>O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe <br/>O4 - Global Startup: Bluetooth Monitor.lnk = ? <br/>O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe <br/>O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe <br/>O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe <br/>O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx <br/>O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html <br/>O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe <br/>O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll <br/>O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll <br/>O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL <br/>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra button: Flash Video Downloader - {df7831dd-a048-4336-8cc8-266a03f00d63} - C:\Program Files\Flash Video Downloader\FlashRunner.exe (file missing) (HKCU) <br/>O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab <br/>O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab <br/>O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll <br/>O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260776877218 <br/>O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab <br/>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260776671406 <br/>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O16 - DPF: {F6676623-8BBD-479C-A51B-05868728708C} (DigitalDM) - http://download.digitaldm.com/plug-in/myebk/c/digitaldm2.cab <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{F448D24E-CB1A-4C35-A441-C9DED2CBD6CE}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CS1\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CS2\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CS3\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CS4\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O17 - HKLM\System\CS5\Services\Tcpip\..\{11C69746-94C8-4357-9672-95CF87AB9B44}: Domain = nsw.bigpond.net.au <br/>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll <br/>O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL <br/>O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll <br/>O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe <br/>O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe <br/>O23 - Service: DVD-RAM_Service - Matsu!!!!a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe <br/>O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>O23 - Service: Google Update Service (gupdate1c9d945d73ba170) (gupdate1c9d945d73ba170) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe <br/>O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe <br/>O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe <br/>O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE <br/>O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe <br/>O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe <br/>O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe <br/>O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe <br/>O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe <br/>O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe <br/> <br/>-- <br/>End of file - 17879 bytes <br/> <br/> <br/> <br/> <br/>MBAM log <br/> <br/> <br/> <br/>Malwarebytes' Anti-Malware 1.43 <br/>Database version: 3504 <br/>Windows 5.1.2600 Service Pack 3 <br/>Internet Explorer 7.0.5730.13 <br/> <br/>1/7/2010 12:09:43 PM <br/>mbam-log-2010-01-07 (12-09-43).txt <br/> <br/>Scan type: Full Scan (C:\|D:\|) <br/>Objects scanned: 222528 <br/>Time elapsed: 1 hour(s), 19 minute(s), 24 second(s) <br/> <br/>Memory Processes Infected: 0 <br/>Memory Modules Infected: 0 <br/>Registry Keys Infected: 0 <br/>Registry Values Infected: 2 <br/>Registry Data Items Infected: 7 <br/>Folders Infected: 0 <br/>Files Infected: 3 <br/> <br/>Memory Processes Infected: <br/>(No malicious items detected) <br/> <br/>Memory Modules Infected: <br/>(No malicious items detected) <br/> <br/>Registry Keys Infected: <br/>(No malicious items detected) <br/> <br/>Registry Values Infected: <br/>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Spyware.Passwords) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Infected: <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. <br/> <br/>Folders Infected: <br/>(No malicious items detected) <br/> <br/>Files Infected: <br/>C:\WINDOWS\system32\kbdsock.dll (Spyware.Passwords) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\AVR10.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\41.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. <br/> <br/> <br/>[color=black><b>DDS][/color] <br/> <br/> <br/> <br/> <br/>DDS (Ver_09-12-01.01) - NTFSx86 <br/>Run by Austin Smith at 15:22:13.75 on Thu 01/07/2010 <br/>Internet Explorer: 7.0.5730.13 <br/>Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2428 [GMT 11:00] <br/> <br/>AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} <br/>AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4} <br/>FW: Norton 360 *disabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3} <br/> <br/>============== Running Processes =============== <br/> <br/>C:\WINDOWS\system32\svchost -k DcomLaunch <br/>svchost.exe <br/>C:\WINDOWS\System32\svchost.exe -k netsvcs <br/>C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>svchost.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>svchost.exe <br/>C:\WINDOWS\system32\agrsmsvc.exe <br/>C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>svchost.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>C:\WINDOWS\system32\DVDRAMSV.exe <br/>C:\WINDOWS\eHome\ehRecvr.exe <br/>C:\WINDOWS\eHome\ehSched.exe <br/>C:\PROGRA~1\AVG\AVG8\avgam.exe <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe <br/>C:\WINDOWS\system32\nvsvc32.exe <br/>C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe <br/>svchost.exe <br/>C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe <br/>C:\WINDOWS\system32\svchost.exe -k imgsvc <br/>C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe <br/>C:\WINDOWS\system32\SearchIndexer.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\system32\dllhost.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\WgaTray.exe <br/>C:\WINDOWS\ehome\ehtray.exe <br/>C:\WINDOWS\system32\00THotkey.exe <br/>C:\WINDOWS\system32\TFNF5.exe <br/>C:\Program Files\TOSHIBA\TouchED\TouchED.Exe <br/>C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe <br/>C:\WINDOWS\system32\TPSMain.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe <br/>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe <br/>C:\Program Files\Protector Suite QL\psqltray.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\WINDOWS\eHome\ehmsas.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe <br/>C:\Program Files\iTunes\iTunesHelper.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe <br/>C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe <br/>C:\Program Files\Microsoft ActiveSync\wcescomm.exe <br/>C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe <br/>C:\Program Files\Codebox\BitMeter\BitMeter2.exe <br/>C:\Program Files\Logitech\SetPoint\SetPoint.exe <br/>C:\Program Files\Synaptics\SynTP\Toshiba.exe <br/>C:\PROGRA~1\MI3AA1~1\rapimgr.exe <br/>C:\WINDOWS\system32\TPSBattM.exe <br/>C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe <br/>C:\WINDOWS\system32\RAMASST.exe <br/>C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE <br/>C:\Program Files\Windows Desktop Search\WindowsSearch.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files\Internet Explorer\IEXPLORE.EXE <br/>C:\Program Files\Windows Live\Toolbar\wltuser.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\Documents and Settings\Austin Smith\Desktop\dds.scr <br/> <br/>============== Pseudo HJT Report =============== <br/> <br/>uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ <br/>uStart Page = hxxp://www.bigpond.com/ <br/>uInternet Settings,ProxyServer = http=127.0.0.1:5555 <br/>uInternet Settings,ProxyOverride = <local> <br/>uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll <br/>mWinlogon: Userinit=c:\windows\system32\userinit.exe <br/>BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll <br/>BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll <br/>BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll <br/>BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll <br/>BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll <br/>BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll <br/>BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll <br/>BHO: URLHooker2 Class: {93935f7f-9c88-42f8-8445-95251d27fabc} - c:\progra~1\flashv~1\URLHOO~1.DLL <br/>BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll <br/>BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll <br/>BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll <br/>TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll <br/>TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll <br/>TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll <br/>TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll <br/>TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File <br/>uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe <br/>uRun: [EPSON Stylus Photo R230 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiaip.exe /fu "c:\windows\temp\E_S136.tmp" /EF "HKCU" <br/>uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe <br/>uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" <br/>uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" <br/>mRun: [ehTray] c:\windows\ehome\ehtray.exe <br/>mRun: [00THotkey] c:\windows\system32\00THotkey.exe <br/>mRun: [000StTHK] 000StTHK.exe <br/>mRun: [TFNF5] TFNF5.exe <br/>mRun: [TouchED] c:\program files\toshiba\touched\TouchED.Exe <br/>mRun: [TosHKCW.exe] "c:\program files\toshiba\wireless hotkey\TosHKCW.exe" <br/>mRun: [NDSTray.exe] NDSTray.exe <br/>mRun: [TPSMain] TPSMain.exe <br/>mRun: [TPSODDCtl] TPSODDCtl.exe <br/>mRun: [Kraidman] c:\program files\toshiba\toshiba raid\console\Kraidman.exe <br/>mRun: [TFncKy] TFncKy.exe <br/>mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup <br/>mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe <br/>mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" <br/>mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless <br/>mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup <br/>mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE <br/>mRun: [CFSServ.exe] CFSServ.exe -NoClient <br/>mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE <br/>mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit <br/>mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" <br/>mRun: [osCheck] "c:\program files\norton 360\osCheck.exe" <br/>mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe <br/>mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM <br/>mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe <br/>mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe <br/>mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime <br/>mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" <br/>mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent <br/>mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k <br/>dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\air mouse.lnk - c:\program files\air mouse\air mouse\Air Mouse.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bitmet~1.lnk - c:\program files\codebox\bitmeter\BitMeter2.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bluetooth monitor.lnk - c:\program files\toshiba\bluetooth monitor\BtMon2.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe <br/>IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx <br/>IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html <br/>IE: {1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\program files\internet radio\Radio.exe <br/>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe <br/>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe <br/>IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll <br/>IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll <br/>IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL <br/>DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab <br/>DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB <br/>DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab <br/>DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab <br/>DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll <br/>DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260776877218 <br/>DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab <br/>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260776671406 <br/>DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab <br/>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab <br/>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>DPF: {F6676623-8BBD-479C-A51B-05868728708C} - hxxp://download.digitaldm.com/plug-in/myebk/c/digitaldm2.cab <br/>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll <br/>Name-Space Handler: ftp\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - <br/>Name-Space Handler: http\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - <br/>Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL <br/>Notify: avgrsstarter - avgrsstx.dll <br/>Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll <br/>Notify: psfus - psqlpwd.dll <br/>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll <br/>SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL <br/>SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll <br/> <br/>============= SERVICES / DRIVERS =============== <br/> <br/>R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-10-13 12552] <br/>R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-13 335240] <br/>R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-13 27784] <br/>R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-13 108552] <br/>R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2006-10-10 9968] <br/>R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 74480] <br/>R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-1-10 908056] <br/>R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-10 297752] <br/>R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-19 149352] <br/>R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-19 149352] <br/>R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-2-24 13568] <br/>R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-2-24 33024] <br/>R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-20 55152] <br/>R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-19 149352] <br/>R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328] <br/>R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-2-24 3456] <br/>R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-4-25 1245064] <br/>R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2006-4-20 66944] <br/>R2 TOS_SPS;TOSHIBA SPS Driver;c:\program files\toshiba\tmp2vdec\tos_sps.sys [2005-12-22 169216] <br/>R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-29 102448] <br/>R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20091227.004\NAVENG.SYS [2009-12-28 84912] <br/>R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20091227.004\NAVEX15.SYS [2009-12-28 1323568] <br/>R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096] <br/>R3 ttv500x;TOSHIBA PCI TV Tuner(x86);c:\windows\system32\drivers\ttv500x.sys [2009-5-31 287360] <br/>S0 szkg5;szkg;c:\windows\system32\drivers\szkg.sys --> c:\windows\system32\drivers\szkg.sys [?] <br/>S2 gupdate1c9d945d73ba170;Google Update Service (gupdate1c9d945d73ba170);c:\program files\google\update\GoogleUpdate.exe [2009-5-20 133104] <br/>S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-13 23888] <br/>S3 ComFiltr;Panda Anti-Dialer;\??\c:\windows\system32\drivers\comfiltr.sys --> c:\windows\system32\drivers\COMFiltr.sys [?] <br/>S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360] <br/>S3 ttv400x;TOSHIBA PCI DVB-T/Analog Hybrid Tuner;c:\windows\system32\drivers\ttv400x.sys [2000-1-1 173696] <br/> <br/>=============== Created Last 30 ================ <br/> <br/>2010-01-06 20:05:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys <br/>2010-01-06 20:05:43 19160 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2010-01-06 20:05:43 0 d-----w- c:\program files\Malwarebytes' Anti-Malware <br/>2010-01-06 19:49:20 0 d-----w- c:\program files\CCleaner <br/>2010-01-06 04:48:54 0 d-----w- C:\lspfix <br/>2009-12-27 19:01:09 0 ----a-w- c:\windows\system32\11942.exe <br/>2009-12-27 18:41:08 0 ----a-w- c:\windows\system32\2995.exe <br/>2009-12-27 18:21:07 0 ----a-w- c:\windows\system32\491.exe <br/>2009-12-27 18:01:06 0 ----a-w- c:\windows\system32\9961.exe <br/>2009-12-27 17:41:05 0 ----a-w- c:\windows\system32\16827.exe <br/>2009-12-27 17:21:04 0 ----a-w- c:\windows\system32\23281.exe <br/>2009-12-27 17:01:03 0 ----a-w- c:\windows\system32\28145.exe <br/>2009-12-27 16:41:02 0 ----a-w- c:\windows\system32\5705.exe <br/>2009-12-27 16:21:02 0 ----a-w- c:\windows\system32\24464.exe <br/>2009-12-27 16:01:01 0 ----a-w- c:\windows\system32\26962.exe <br/>2009-12-27 15:40:59 0 ----a-w- c:\windows\system32\29358.exe <br/>2009-12-27 15:19:55 0 ----a-w- c:\windows\system32\11478.exe <br/>2009-12-27 14:59:54 0 ----a-w- c:\windows\system32\15724.exe <br/>2009-12-27 14:39:53 0 ----a-w- c:\windows\system32\19169.exe <br/>2009-12-27 14:19:52 0 ----a-w- c:\windows\system32\26500.exe <br/>2009-12-27 13:59:51 0 ----a-w- c:\windows\system32\6334.exe <br/>2009-12-27 13:39:50 0 ----a-w- c:\windows\system32\18467.exe <br/>2009-12-27 13:15:39 1 ----a-w- C:\s <br/>2009-12-27 13:15:18 5695 ----a-w- C:\kebjtsx.exe <br/>2009-12-25 23:45:01 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll <br/>2009-12-25 23:45:01 8192 ----a-w- c:\windows\system32\wshirda.dll <br/>2009-12-25 23:45:01 28160 -c--a-w- c:\windows\system32\dllcache\irmon.dll <br/>2009-12-25 23:45:01 28160 ----a-w- c:\windows\system32\irmon.dll <br/>2009-12-25 23:45:00 151552 -c--a-w- c:\windows\system32\dllcache\irftp.exe <br/>2009-12-25 23:45:00 151552 ----a-w- c:\windows\system32\irftp.exe <br/>2009-12-25 21:58:45 49152 ----a-w- c:\windows\system32\TosBthSupport.dll <br/>2009-12-19 10:07:56 795648 ----a-w- c:\windows\system32\xvidcore.dll <br/>2009-12-19 10:07:56 130048 ----a-w- c:\windows\system32\xvidvfw.dll <br/>2009-12-19 10:07:55 684032 ----a-w- c:\windows\system32\divx.dll <br/>2009-12-17 09:01:17 0 d-----w- c:\program files\Air Mouse <br/>2009-12-14 16:05:21 0 d-----w- c:\program files\MSXML 4.0 <br/>2009-12-14 09:15:18 61764 ---ha-w- c:\windows\system32\mlfcache.dat <br/>2009-12-14 09:05:57 49233 ----a-w- C:\fat32format.exe <br/>2009-12-14 08:05:51 0 d-----w- c:\program files\iTunes <br/>2009-12-14 08:05:51 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} <br/>2009-12-14 08:03:24 0 d-----w- c:\program files\Bonjour <br/> <br/>==================== Find3M ==================== <br/> <br/>2009-10-29 07:46:59 832512 ----a-w- c:\windows\system32\wininet.dll <br/>2009-10-29 07:46:52 78336 ----a-w- c:\windows\system32\ieencode.dll <br/>2009-10-29 07:46:50 17408 ----a-w- c:\windows\system32\corpol.dll <br/>2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll <br/>2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll <br/>2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll <br/>2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll <br/>2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll <br/>2007-07-19 05:44:52 31235104 ----a-w- c:\program files\avg75avwt_476a1043.exe <br/>2008-10-26 08:02:57 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102620081027\index.dat <br/> <br/>============= FINISH: 15:22:46.46 =============== <br/> <br/> <br/>DDS ATTACH log <br/> <br/> <br/> <br/> <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/> <br/>DDS (Ver_09-12-01.01) <br/> <br/>Microsoft Windows XP Professional <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 1/1/2000 6:07:30 PM <br/>System Uptime: 1/7/2010 1:58:53 PM (2 hours ago) <br/> <br/>Motherboard: TOSHIBA | | Portable PC <br/>Processor: Genuine Intel(R) CPU T2600 @ 2.16GHz | uFC-PGA Socket | 2161/166mhz <br/> <br/>==== Disk Partitions ========================= <br/> <br/>C: is FIXED (NTFS) - 89 GiB total, 19.622 GiB free. <br/>D: is FIXED (NTFS) - 93 GiB total, 41.36 GiB free. <br/>E: is CDROM (CDFS) <br/> <br/>==== Disabled Device Manager Items ============= <br/> <br/>Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} <br/>Description: 1394 Net Adapter <br/>Device ID: V1394\NIC1394\ABD9DF3900 <br/>Manufacturer: Microsoft <br/>Name: 1394 Net Adapter <br/>PNP Device ID: V1394\NIC1394\ABD9DF3900 <br/>Service: NIC1394 <br/> <br/>==== System Restore Points =================== <br/> <br/>RP1: 12/28/2009 6:22:58 AM - System Checkpoint <br/>RP2: 1/4/2010 10:28:17 PM - System Checkpoint <br/>RP3: 1/5/2010 12:21:17 AM - Avg8 Update <br/>RP4: 1/6/2010 12:23:13 AM - System Checkpoint <br/>RP5: 1/6/2010 4:15:16 PM - Uniblue RegistryBooster 2009 <br/> <br/>==== Installed Programs ====================== <br/> <br/>Acrobat.com <br/>Adobe AIR <br/>Adobe Flash Player 10 ActiveX <br/>Adobe Reader 9.1.2 <br/>Air Mouse Server <br/>AppCore <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>AutoUpdate <br/>Avery Wizard 3.1 <br/>AVG 8.5 <br/>AVI Joiner <br/>Backup <br/>BigPond Broadband ADSL <br/>BigPond Broadband ADSL FAQ <br/>BitMeter <br/>BitTorrent <br/>Bluetooth Monitor 2 <br/>Bonjour <br/>Camera RAW Plug-In for EPSON Creativity Suite <br/>ccCommon <br/>CCleaner <br/>CD/DVD Drive Acoustic Silencer <br/>CDDRV_Installer <br/>Choice Guard <br/>Cool MP3 Splitter 2.2 <br/>Critical Update for Windows Media Player 11 (KB959772) <br/>Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 <br/>DivX Content Uploader <br/>DivX Converter <br/>DivX Player <br/>DivX Web Player <br/>DVD-RAM Driver <br/>EPSON Attach To Email <br/>EPSON Easy Photo Print <br/>EPSON File Manager <br/>EPSON Print CD <br/>EPSON Printer Software <br/>EPSON Scan Assistant <br/>EPSON Web-To-Page <br/>ESPR230 User's Guide <br/>Flash Video Downloader 0.1 <br/>FLV Player 2.0 (build 25) <br/>Free Audio Editor <br/>GearDrvs <br/>Google Earth <br/>Google Update Helper <br/>Governor of Poker <br/>High Definition Audio Driver Package - KB888111 <br/>Highlight Viewer (Windows Live Toolbar) <br/>HijackThis 2.0.2 <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) <br/>Hotfix for Windows Internet Explorer 7 (KB947864) <br/>Hotfix for Windows Media Format 11 SDK (KB929399) <br/>Hotfix for Windows Media Player 10 (KB903157) <br/>Hotfix for Windows Media Player 11 (KB939683) <br/>Hotfix for Windows XP (KB915800-v4) <br/>Hotfix for Windows XP (KB952287) <br/>Hotfix for Windows XP (KB954550-v5) <br/>Hotfix for Windows XP (KB954708) <br/>Hotfix for Windows XP (KB961118) <br/>Hotfix for Windows XP (KB970653-v3) <br/>Hotfix for Windows XP (KB976098-v2) <br/>Intel(R) PRO Network Connections Drivers <br/>Intel(R) PROSet/Wireless Software <br/>Internet Radio <br/>InterVideo WinDVD Creator 2 <br/>InterVideo WinDVD for TOSHIBA <br/>iPod for Windows 2006-01-10 <br/>iTunes <br/>J2SE Runtime Environment 5.0 Update 4 <br/>Junk Mail filter update <br/>K-Lite Mega Codec Pack 4.4.2 <br/>KhalInstallWrapper <br/>LeechGet 2006 Version 2.0 <br/>Live TV Toolbar <br/>LiveUpdate (Symantec Corporation) <br/>LiveUpdate 3.0 (Symantec Corporation) <br/>LiveUpdate Notice (Symantec Corporation) <br/>Logitech Harmony Remote Software 7 <br/>Logitech SetPoint <br/>Magic ISO Maker v5.4 (build 0247) <br/>Malwarebytes' Anti-Malware <br/>mCore <br/>mDrWiFi <br/>mHelp <br/>Microsoft .NET Framework 1.0 Hotfix (KB953295) <br/>Microsoft .NET Framework 1.1 <br/>Microsoft .NET Framework 1.1 Security Update (KB953297) <br/>Microsoft .NET Framework 2.0 Service Pack 2 <br/>Microsoft .NET Framework 3.0 Service Pack 2 <br/>Microsoft .NET Framework 3.5 SP1 <br/>Microsoft ActiveSync <br/>Microsoft Application Error Reporting <br/>Microsoft Base Smart Card Cryptographic Service Provider Package <br/>Microsoft Compression Client Pack 1.0 for Windows XP <br/>Microsoft Internationalized Domain Names Mitigation APIs <br/>Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 <br/>Microsoft National Language Support Downlevel APIs <br/>Microsoft Office 2007 Service Pack 2 (SP2) <br/>Microsoft Office Access MUI (English) 2007 <br/>Microsoft Office Access Setup Metadata MUI (English) 2007 <br/>Microsoft Office Excel MUI (English) 2007 <br/>Microsoft Office InfoPath MUI (English) 2007 <br/>Microsoft Office Live Add-in 1.3 <br/>Microsoft Office OneNote 2003 <br/>Microsoft Office Outlook MUI (English) 2007 <br/>Microsoft Office PowerPoint MUI (English) 2007 <br/>Microsoft Office Professional Plus 2007 <br/>Microsoft Office Proof (English) 2007 <br/>Microsoft Office Proof (French) 2007 <br/>Microsoft Office Proof (Spanish) 2007 <br/>Microsoft Office Proofing (English) 2007 <br/>Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) <br/>Microsoft Office Publisher MUI (English) 2007 <br/>Microsoft Office Shared MUI (English) 2007 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>Microsoft Office Word MUI (English) 2007 <br/>Microsoft Search Enhancement Pack <br/>Microsoft Silverlight <br/>Microsoft Software Update for Web Folders (English) 12 <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Sync Framework Runtime Native v1.0 (x86) <br/>Microsoft Sync Framework Services Native v1.0 (x86) <br/>Microsoft User-Mode Driver Framework Feature Pack 1.0 <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>mIWA <br/>mLogView <br/>mMHouse <br/>MobileMe Control Panel <br/>mPfMgr <br/>mPfWiz <br/>mProSafe <br/>MSN <br/>MSVCRT <br/>MSXML 4.0 SP2 (KB973688) <br/>mWlsSafe <br/>mXML <br/>mZConfig <br/>Nero 7 Ultra Edition <br/>neroxml <br/>Norton 360 <br/>Norton 360 (Symantec Corporation) <br/>Norton 360 HTMLHelp <br/>Norton Confidential Core <br/>NVIDIA Drivers <br/>OGA Notifier 1.7.0105.35.0 <br/>OLYMPUS Master 2 <br/>Protector Suite 5.4 <br/>QuickTime <br/>RealDownload Plus <br/>Remote Control USB Driver <br/>Rocket Pack v1.0 for Pocket Tanks Deluxe <br/>Safari <br/>SD Secure Module <br/>Security Update for 2007 Microsoft Office System (KB969559) <br/>Security Update for 2007 Microsoft Office System (KB973704) <br/>Security Update for Microsoft Office Excel 2007 (KB973593) <br/>Security Update for Microsoft Office Outlook 2007 (KB972363) <br/>Security Update for Microsoft Office PowerPoint 2007 (KB957789) <br/>Security Update for Microsoft Office Publisher 2007 (KB969693) <br/>Security Update for Microsoft Office system 2007 (972581) <br/>Security Update for Microsoft Office system 2007 (KB969613) <br/>Security Update for Microsoft Office system 2007 (KB974234) <br/>Security Update for Microsoft Office Visio Viewer 2007 (KB973709) <br/>Security Update for Microsoft Office Word 2007 (KB969604) <br/>Security Update for Step By Step Interactive Training (KB898458) <br/>Security Update for Step By Step Interactive Training (KB923723) <br/>Security Update for Windows Internet Explorer 7 (KB938127) <br/>Security Update for Windows Internet Explorer 7 (KB950759) <br/>Security Update for Windows Internet Explorer 7 (KB953838) <br/>Security Update for Windows Internet Explorer 7 (KB956390) <br/>Security Update for Windows Internet Explorer 7 (KB958215) <br/>Security Update for Windows Internet Explorer 7 (KB960714) <br/>Security Update for Windows Internet Explorer 7 (KB963027) <br/>Security Update for Windows Internet Explorer 7 (KB969897) <br/>Security Update for Windows Internet Explorer 7 (KB972260) <br/>Security Update for Windows Internet Explorer 7 (KB976325) <br/>Security Update for Windows Media Player (KB952069) <br/>Security Update for Windows Media Player (KB954155) <br/>Security Update for Windows Media Player (KB968816) <br/>Security Update for Windows Media Player (KB973540) <br/>Security Update for Windows Media Player 10 (KB917734) <br/>Security Update for Windows Media Player 11 (KB936782) <br/>Security Update for Windows Media Player 11 (KB954154) <br/>Security Update for Windows Media Player 6.4 (KB925398) <br/>Security Update for Windows Search 4 - KB963093 <br/>Security Update for Windows XP (KB923561) <br/>Security Update for Windows XP (KB923689) <br/>Security Update for Windows XP (KB938464-v2) <br/>Security Update for Windows XP (KB938464) <br/>Security Update for Windows XP (KB941569) <br/>Security Update for Windows XP (KB946648) <br/>Security Update for Windows XP (KB950760) <br/>Security Update for Windows XP (KB950762) <br/>Security Update for Windows XP (KB950974) <br/>Security Update for Windows XP (KB951066) <br/>Security Update for Windows XP (KB951376-v2) <br/>Security Update for Windows XP (KB951698) <br/>Security Update for Windows XP (KB951748) <br/>Security Update for Windows XP (KB952004) <br/>Security Update for Windows XP (KB952954) <br/>Security Update for Windows XP (KB953839) <br/>Security Update for Windows XP (KB954211) <br/>Security Update for Windows XP (KB954459) <br/>Security Update for Windows XP (KB954600) <br/>Security Update for Windows XP (KB955069) <br/>Security Update for Windows XP (KB956391) <br/>Security Update for Windows XP (KB956572) <br/>Security Update for Windows XP (KB956744) <br/>Security Update for Windows XP (KB956802) <br/>Security Update for Windows XP (KB956803) <br/>Security Update for Windows XP (KB956841) <br/>Security Update for Windows XP (KB956844) <br/>Security Update for Windows XP (KB957095) <br/>Security Update for Windows XP (KB957097) <br/>Security Update for Windows XP (KB958644) <br/>Security Update for Windows XP (KB958687) <br/>Security Update for Windows XP (KB958690) <br/>Security Update for Windows XP (KB958869) <br/>Security Update for Windows XP (KB959426) <br/>Security Update for Windows XP (KB960225) <br/>Security Update for Windows XP (KB960715) <br/>Security Update for Windows XP (KB960803) <br/>Security Update for Windows XP (KB960859) <br/>Security Update for Windows XP (KB961371) <br/>Security Update for Windows XP (KB961373) <br/>Security Update for Windows XP (KB961501) <br/>Security Update for Windows XP (KB968537) <br/>Security Update for Windows XP (KB969059) <br/>Security Update for Windows XP (KB969898) <br/>Security Update for Windows XP (KB969947) <br/>Security Update for Windows XP (KB970238) <br/>Security Update for Windows XP (KB970430) <br/>Security Update for Windows XP (KB971486) <br/>Security Update for Windows XP (KB971557) <br/>Security Update for Windows XP (KB971633) <br/>Security Update for Windows XP (KB971657) <br/>Security Update for Windows XP (KB971961) <br/>Security Update for Windows XP (KB973346) <br/>Security Update for Windows XP (KB973354) <br/>Security Update for Windows XP (KB973507) <br/>Security Update for Windows XP (KB973525) <br/>Security Update for Windows XP (KB973869) <br/>Security Update for Windows XP (KB973904) <br/>Security Update for Windows XP (KB974112) <br/>Security Update for Windows XP (KB974318) <br/>Security Update for Windows XP (KB974392) <br/>Security Update for Windows XP (KB974571) <br/>Security Update for Windows XP (KB975025) <br/>Security Update for Windows XP (KB975467) <br/>Segoe UI <br/>SigmaTel Audio <br/>Smart Menus (Windows Live Toolbar) <br/>Sonic Encoders <br/>Sonic RecordNow! <br/>SPBBC 32bit <br/>SUPERAntiSpyware Professional <br/>Symantec Real Time Storage Protection Component <br/>Symantec Technical Support Controls <br/>SymNet <br/>Synaptics Pointing Device Driver <br/>Texas Instruments PCIxx21/x515/xx12 drivers. <br/>TIPCI <br/>TOSHIBA Assist <br/>TOSHIBA ConfigFree <br/>TOSHIBA Controls <br/>TOSHIBA Display Devices Change Utility <br/>TOSHIBA HD DVD PLAYER <br/>TOSHIBA Hotkey Utility for Display Devices <br/>TOSHIBA MPEG-2 Video Decoder <br/>TOSHIBA Password Utility <br/>TOSHIBA PC Diagnostic Tool <br/>TOSHIBA Power Saver <br/>TOSHIBA QosmioPlayer File Copy Utility <br/>TOSHIBA RAID Utility <br/>TOSHIBA SD Memory Card Format <br/>TOSHIBA Software Modem <br/>TOSHIBA Speech System Applications <br/>TOSHIBA Speech System SR Engine(U.S.) Version1.0 <br/>TOSHIBA Speech System TTS Engine(U.S.) Version1.0 <br/>TOSHIBA TouchPad On/Off Utility V2.05.01 <br/>TOSHIBA UDF2.5 Reader File System Driver <br/>TOSHIBA Utilities <br/>TOSHIBA Zooming Utility <br/>TVersity Codec Pack 1.2 <br/>TVersity Media Server 1.6 Beta <br/>Ulead PhotoImpact 8 ESD <br/>Uniblue DriverScanner 2009 <br/>Uniblue PowerSuite 2009 <br/>Uniblue RegistryBooster 2009 <br/>Uniblue SpeedUpMyPC 2009 <br/>Uniblue System Tweaker <br/>Update for 2007 Microsoft Office System (KB967642) <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707) <br/>Update for Microsoft Office InfoPath 2007 (KB976416) <br/>Update for Outlook 2007 Junk Email Filter (kb976884) <br/>Update for Windows Media Player 10 (KB913800) <br/>Update for Windows Media Player 10 (KB926251) <br/>Update for Windows XP (KB943729) <br/>Update for Windows XP (KB951072-v2) <br/>Update for Windows XP (KB951978) <br/>Update for Windows XP (KB955839) <br/>Update for Windows XP (KB961503) <br/>Update for Windows XP (KB967715) <br/>Update for Windows XP (KB968389) <br/>Update for Windows XP (KB971737) <br/>Update for Windows XP (KB973687) <br/>Update for Windows XP (KB973815) <br/>Update Rollup 2 for Windows XP Media Center Edition 2005 <br/>VideoLAN VLC media player 0.8.6c <br/>WebFldrs XP <br/>Windows Driver Package - NETGEAR (W8335XP) Net (02/22/2005 3.1.1.7) <br/>Windows Driver Package - NETGEAR Inc. (RTLWUSB) Net (02/07/2007 5.1283.0207.2007) <br/>Windows Driver Package - Thomson (USB_RNDIS) Net (02/16/2004 1.0.0.3) <br/>Windows Genuine Advantage Notifications (KB905474) <br/>Windows Genuine Advantage Validation Tool (KB892130) <br/>Windows Internet Explorer 7 <br/>Windows Live Call <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live Family Safety <br/>Windows Live Favorites for Windows Live Toolbar <br/>Windows Live Mail <br/>Windows Live Messenger <br/>Windows Live Photo Gallery <br/>Windows Live Sign-in Assistant <br/>Windows Live Sync <br/>Windows Live Toolbar <br/>Windows Live Toolbar Extension (Windows Live Toolbar) <br/>Windows Live Upload Tool <br/>Windows Live Writer <br/>Windows Media Format 11 runtime <br/>Windows Media Player 11 <br/>Windows Mobile® Device Handbook <br/>Windows Search 4.0 <br/>Windows XP Media Center Edition 2005 KB888316 <br/>Windows XP Media Center Edition 2005 KB894553 <br/>Windows XP Media Center Edition 2005 KB895678 <br/>Windows XP Media Center Edition 2005 KB925766 <br/>Windows XP Media Center Edition 2005 KB973768 <br/>Windows XP Service Pack 3 <br/>WinDVD HD for TOSHIBA <br/>WinDVD Launcher <br/>WinRAR archiver <br/>Wireless Hotkey <br/>World Series of Poker: TOC <br/>Yahoo! Install Manager <br/>Yahoo! Toolbar <br/> <br/>==== Event Viewer Messages From Past Week ======== <br/> <br/>1/7/2010 2:53:00 PM, error: System Error [1003] - Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000. <br/>1/6/2010 5:14:53 AM, error: System Error [1003] - Error code 1000007f, parameter1 00000008, parameter2 f771fd70, parameter3 00000000, parameter4 00000000. <br/>1/6/2010 3:32:12 PM, error: Dhcp [1002] - The IP address lease 10.0.0.5 for the Network Card with network address 000E7BEC57E0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). <br/>1/6/2010 3:30:12 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 000E7BEC57E0 has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent a DHCPNACK message). <br/>1/6/2010 2:52:47 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 000E7BEC57E0 has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent a DHCPNACK message). <br/>1/6/2010 2:28:37 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 000E7BEC57E0. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. <br/>1/6/2010 2:24:47 PM, error: Dhcp [1002] - The IP address lease 10.0.0.2 for the Network Card with network address 000E7BEC57E0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). <br/> <br/>==== End Of File =========================== <br/> <br/> <br/> <br/> <br/>Thank you for your support . <br/> <br/> <br/> <br/>Zan
Posted 1/7/2010 5:34 AM
#81712
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB">Please download Combofix from:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-US; mso-bidi-font-size: 11.0pt"><SPAN lang=EN-GB style="COLOR: #222222; mso-ansi-language: EN-GB">Combofix<SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB">And save to the desktop.<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN; mso-bidi-font-size: 11.0pt">Close all other browser windows.<o:p></o:p> <br/> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN; mso-bidi-font-size: 11.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB">Double-click on the combofix icon found on your desktop. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB"> <o:p></o:p> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt">Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.<o:p></o:p></B> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"><SPAN style="mso-spacerun: yes"> When finished, it will produce a logfile located at C:\combofix.txt.<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"><o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"> <SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB">Post the contents of that log in your next reply <o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: Tahoma; mso-ansi-language: EN-GB"> <o:p></o:p> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-family: 'Times New Roman'; mso-ansi-language: EN; mso-fareast-font-family: 'Times New Roman'; mso-bidi-font-size: 12.0pt; mso-fareast-language: DA; mso-bidi-language: AR-SA">The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/7/2010 6:25 AM
#81713
User avatar

zanitose Valued member

Date Joined Nov 2016
Total Posts: 17
Thank you. <br/> <br/>As requested, here is the combofix log. <br/> <br/>ComboFix 10-01-04.01 - 01/07/2010 17:03:44.3.2 - x86 <br/>Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2720 [GMT 11:00] <br/>Running from: c:\documents and settings\Desktop\ComboFix.exe <br/>AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} <br/>AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4} <br/>FW: Norton 360 *disabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3} <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/> <br/>C:\s <br/>c:\windows\kb913800.exe <br/>c:\windows\system32\11478.exe <br/>c:\windows\system32\11942.exe <br/>c:\windows\system32\15724.exe <br/>c:\windows\system32\16827.exe <br/>c:\windows\system32\18467.exe <br/>c:\windows\system32\19169.exe <br/>c:\windows\system32\23281.exe <br/>c:\windows\system32\24464.exe <br/>c:\windows\system32\26500.exe <br/>c:\windows\system32\26962.exe <br/>c:\windows\system32\28145.exe <br/>c:\windows\system32\29358.exe <br/>c:\windows\system32\2995.exe <br/>c:\windows\system32\491.exe <br/>c:\windows\system32\5705.exe <br/>c:\windows\system32\6334.exe <br/>c:\windows\system32\9961.exe <br/>c:\windows\system32\Thumbs.db <br/> <br/>. <br/>((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 ))))))))))))))))))))))))))))))) <br/>. <br/> <br/>2010-01-07 05:56 . 2010-01-07 05:56 389120 ----a-w- c:\windows\system32\CF30868.exe <br/>2010-01-07 04:31 . 2010-01-07 04:31 -------- d-----w- c:\program files\Trend Micro <br/>2010-01-07 04:29 . 2010-01-07 04:29 411368 ----a-w- c:\windows\system32\deploytk.dll <br/>2010-01-07 04:28 . 2010-01-07 04:28 152576 ----a-w- c:\documents and settings\Austin Smith\Application Data\Sun\Java\jre1.6.0_17\lzma.dll <br/>2010-01-07 04:28 . 2010-01-07 04:28 79488 ----a-w- c:\documents and settings\Austin Smith\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll <br/>2010-01-06 20:05 . 2009-12-30 03:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys <br/>2010-01-06 20:05 . 2010-01-06 20:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware <br/>2010-01-06 20:05 . 2009-12-30 03:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2010-01-06 19:49 . 2010-01-06 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion <br/>2010-01-06 19:49 . 2010-01-06 19:49 -------- d-----w- c:\documents and settings\Austin Smith\Application Data\Yahoo! <br/>2010-01-06 19:49 . 2010-01-06 19:49 -------- d-----w- c:\program files\CCleaner <br/>2010-01-06 04:48 . 2010-01-06 04:48 -------- d-----w- C:\lspfix <br/>2009-12-27 13:15 . 2009-12-27 19:11 -------- d-----w- c:\documents and settings\Austin Smith\Local Settings\Application Data\bvqogi <br/>2009-12-27 13:15 . 2009-12-27 13:15 5695 ----a-w- C:\kebjtsx.exe <br/>2009-12-25 23:45 . 2008-04-13 23:12 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll <br/>2009-12-25 23:45 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\wshirda.dll <br/>2009-12-25 23:45 . 2008-04-13 23:11 28160 -c--a-w- c:\windows\system32\dllcache\irmon.dll <br/>2009-12-25 23:45 . 2008-04-13 23:11 28160 ----a-w- c:\windows\system32\irmon.dll <br/>2009-12-25 23:45 . 2008-04-13 23:12 151552 -c--a-w- c:\windows\system32\dllcache\irftp.exe <br/>2009-12-25 23:45 . 2008-04-13 23:12 151552 ----a-w- c:\windows\system32\irftp.exe <br/>2009-12-25 21:58 . 2004-05-26 04:52 49152 ----a-w- c:\windows\system32\TosBthSupport.dll <br/>2009-12-19 10:07 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll <br/>2009-12-19 10:07 . 2008-12-07 18:08 130048 ----a-w- c:\windows\system32\xvidvfw.dll <br/>2009-12-19 10:07 . 2008-10-28 22:35 684032 ----a-w- c:\windows\system32\divx.dll <br/>2009-12-18 01:23 . 2009-12-23 22:56 52224 ----a-w- c:\documents and settings\Austin Smith\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll <br/>2009-12-17 09:01 . 2009-12-17 09:01 -------- d-----w- c:\documents and settings\Austin Smith\Local Settings\Application Data\AirMouse <br/>2009-12-17 09:01 . 2009-12-17 09:01 -------- d-----w- c:\program files\Air Mouse <br/>2009-12-14 16:05 . 2009-12-14 16:05 -------- d-----w- c:\program files\MSXML 4.0 <br/>2009-12-14 09:15 . 2009-12-14 09:15 61764 ---ha-w- c:\windows\system32\mlfcache.dat <br/>2009-12-14 09:05 . 2009-03-02 12:47 49233 ----a-w- C:\fat32format.exe <br/>2009-12-14 08:05 . 2009-12-14 08:06 -------- d-----w- c:\program files\iTunes <br/>2009-12-14 08:05 . 2009-12-14 08:06 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} <br/>2009-12-14 08:03 . 2009-12-14 08:03 -------- d-----w- c:\program files\Bonjour <br/>2009-12-14 08:02 . 2009-12-14 08:03 -------- d-----w- c:\program files\QuickTime <br/>2009-12-14 07:56 . 2009-12-14 07:56 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe <br/>2009-12-14 07:50 . 2009-12-14 07:50 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe <br/>2009-12-14 06:22 . 2009-12-14 06:23 -------- d-----w- c:\program files\DIFX <br/> <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2010-01-07 06:00 . 2007-03-26 09:18 -------- d-----w- c:\program files\Common Files\Symantec Shared <br/>2010-01-07 05:58 . 2008-05-24 22:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Bitmeter2 <br/>2010-01-07 04:29 . 2006-04-05 00:24 -------- d-----w- c:\program files\Java <br/>2010-01-07 01:10 . 2007-04-19 07:43 -------- d-----w- c:\documents and settings\Austin Smith\Application Data\BitTorrent <br/>2010-01-06 19:49 . 2007-05-13 15:10 -------- d-----w- c:\program files\Yahoo! <br/>2010-01-06 07:10 . 2009-05-31 00:56 978832 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat <br/>2009-12-25 21:58 . 2006-04-05 00:33 -------- d--h--w- c:\program files\InstallShield Installation Information <br/>2009-12-25 21:58 . 2006-04-05 00:29 -------- d-----w- c:\program files\Toshiba <br/>2009-12-21 11:34 . 2007-03-26 09:48 -------- d-----w- c:\program files\Google <br/>2009-12-19 10:08 . 2008-12-27 05:30 -------- d-----w- c:\program files\K-Lite Codec Pack <br/>2009-12-19 10:07 . 2007-04-04 03:31 -------- d-----w- c:\program files\DivX <br/>2009-12-19 09:22 . 2009-05-13 08:50 117760 ----a-w- c:\documents and settings\Austin Smith\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL <br/>2009-12-18 05:03 . 2007-05-14 13:50 -------- d-----w- c:\program files\SUPERAntiSpyware <br/>2009-12-14 16:52 . 2008-08-22 04:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec <br/>2009-12-14 16:24 . 2007-03-26 11:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help <br/>2009-12-14 08:18 . 2007-03-26 09:10 -------- d-----w- c:\documents and settings\Austin Smith\Application Data\Apple Computer <br/>2009-12-14 08:05 . 2007-03-26 09:08 -------- d-----w- c:\program files\iPod <br/>2009-12-14 08:05 . 2008-09-02 22:04 -------- d-----w- c:\program files\Common Files\Apple <br/>2009-12-14 07:54 . 2009-08-06 01:38 -------- d-----w- c:\program files\Safari <br/>2009-12-14 06:22 . 2007-06-13 04:33 -------- d-----w- c:\program files\Telstra <br/>2009-11-18 23:03 . 2007-06-16 07:00 664 ----a-w- c:\windows\system32\d3d9caps.dat <br/>2009-10-29 07:46 . 2006-04-04 22:31 832512 ----a-w- c:\windows\system32\wininet.dll <br/>2009-10-29 07:46 . 2008-10-23 13:12 78336 ----a-w- c:\windows\system32\ieencode.dll <br/>2009-10-29 07:46 . 2008-10-23 13:12 17408 ----a-w- c:\windows\system32\corpol.dll <br/>2009-10-21 05:38 . 2008-10-23 13:12 25088 ----a-w- c:\windows\system32\httpapi.dll <br/>2009-10-21 05:38 . 2008-10-23 13:12 75776 ----a-w- c:\windows\system32\strmfilt.dll <br/>2009-10-20 16:20 . 2008-10-23 13:12 265728 ----a-w- c:\windows\system32\drivers\http.sys <br/>2009-10-13 10:30 . 2008-10-23 13:11 270336 ----a-w- c:\windows\system32\oakley.dll <br/>2009-10-12 13:38 . 2008-10-23 13:11 149504 ----a-w- c:\windows\system32\rastls.dll <br/>2009-10-12 13:38 . 2008-10-23 13:11 79872 ----a-w- c:\windows\system32\raschap.dll <br/>2007-07-19 05:44 . 2007-09-16 06:54 31235104 ----a-w- c:\program files\avg75avwt_476a1043.exe <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/> <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-30 65536] <br/>"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-18 2002160] <br/>"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-11-07 95536] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"CFSServ.exe"="CFSServ.exe -NoClient" [X] <br/>"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] <br/>"00THotkey"="c:\windows\system32\00THotkey.exe" [2005-03-01 245760] <br/>"000StTHK"="000StTHK.exe" [2001-06-23 24576] <br/>"TFNF5"="TFNF5.exe" [2005-12-09 581632] <br/>"TouchED"="c:\program files\TOSHIBA\TouchED\TouchED.Exe" [2005-06-29 126976] <br/>"TosHKCW.exe"="c:\program files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2005-05-17 49152] <br/>"NDSTray.exe"="NDSTray.exe" [BU] <br/>"TPSMain"="TPSMain.exe" [2005-12-07 315392] <br/>"TPSODDCtl"="TPSODDCtl.exe" [2005-12-07 110592] <br/>"Kraidman"="c:\program files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe" [2005-09-30 1126484] <br/>"TFncKy"="TFncKy.exe" [BU] <br/>"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-24 7340032] <br/>"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-08 761947] <br/>"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718] <br/>"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182] <br/>"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2006-02-23 30208] <br/>"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-28 76304] <br/>"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-28 76304] <br/>"NvMediaCenter"="NvMCTray.dll" [2006-07-24 86016] <br/>"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048] <br/>"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512] <br/>"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-14 2043160] <br/>"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-11-07 54576] <br/>"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-26 122880] <br/>"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] <br/>"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] <br/>"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] <br/>"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] <br/>"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-07 149280] <br/> <br/>[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] <br/> <br/>c:\documents and settings\All Users\Start Menu\Programs\Startup\ <br/>Air Mouse.lnk - c:\program files\Air Mouse\Air Mouse\Air Mouse.exe [2009-2-16 269824] <br/>Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2008-3-2 1392640] <br/>Bluetooth Monitor.lnk - c:\program files\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2009-12-26 65536] <br/>Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-7 805392] <br/>RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-4-5 155648] <br/>Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] <br/> <br/>[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] <br/>"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824] <br/>"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] <br/>2009-12-18 05:03 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] <br/>2009-07-29 03:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] <br/>2008-05-01 16:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] <br/>2006-02-23 23:49 40448 ----a-w- c:\windows\system32\psqlpwd.dll <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] <br/>@="" <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"c:\\Program Files\\SUPERAntiSpyware\\SUPERANTISPYWARE.EXE"= <br/>"c:\\Program Files\\BitTorrent\\bittorrent.exe"= <br/>"c:\\WINDOWS\\system32\\sessmgr.exe"= <br/>"c:\\WINDOWS\\system32\\winver.exe"= <br/>"c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= <br/>"c:\\Program Files\\Messenger\\msmsgs.exe"= <br/>"%windir%\\system32\\sessmgr.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= <br/>"%windir%\\Network Diagnostic\\xpnetdiag.exe"= <br/>"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager <br/>"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager <br/>"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application <br/>"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= <br/>"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= <br/>"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= <br/>"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"= <br/>"c:\\Documents and Settings\\Austin Smith\\Desktop\\Update_D240_A8P_106-71_a056_v1s.exe"= <br/>"c:\\Program Files\\Bonjour\\mDNSResponder.exe"= <br/>"c:\\Program Files\\iTunes\\iTunes.exe"= <br/>"c:\\Program Files\\Air Mouse\\Air Mouse\\Air Mouse.exe"= <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] <br/>"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service <br/> <br/>R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10/13/2008 10:54 PM 12552] <br/>R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10/13/2008 10:54 PM 335240] <br/>R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10/13/2008 10:54 PM 108552] <br/>R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 2:53 PM 9968] <br/>R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/27/2007 1:39 PM 74480] <br/>R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [1/10/2009 9:23 AM 908056] <br/>R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [1/10/2009 9:23 AM 297752] <br/>R2 FdRedir;FdRedir;c:\program files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2/24/2006 11:01 AM 13568] <br/>R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2/24/2006 11:01 AM 33024] <br/>R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [5/20/2009 4:40 PM 55152] <br/>R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2/19/2008 6:37 AM 149352] <br/>R2 smihlp;SMI helper driver;c:\program files\Protector Suite QL\smihlp.sys [2/24/2006 10:34 AM 3456] <br/>R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [4/20/2006 10:09 AM 66944] <br/>R2 TOS_SPS;TOSHIBA SPS Driver;c:\program files\Toshiba\TMP2VDec\tos_sps.sys [12/22/2005 5:27 AM 169216] <br/>R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/29/2009 6:11 PM 102448] <br/>R3 ttv500x;TOSHIBA PCI TV Tuner(x86);c:\windows\system32\drivers\ttv500x.sys [5/31/2009 11:46 AM 287360] <br/>S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/12/2007 5:43 PM 682232] <br/>S0 szkg5;szkg;c:\windows\system32\DRIVERS\szkg.sys --> c:\windows\system32\DRIVERS\szkg.sys [?] <br/>S2 gupdate1c9d945d73ba170;Google Update Service (gupdate1c9d945d73ba170);c:\program files\Google\Update\GoogleUpdate.exe [5/20/2009 11:23 PM 133104] <br/>S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [1/13/2008 1:32 PM 23888] <br/>S3 ComFiltr;Panda Anti-Dialer;\??\c:\windows\system32\DRIVERS\COMFiltr.sys --> c:\windows\system32\DRIVERS\COMFiltr.sys [?] <br/>S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 7:08 PM 533360] <br/>S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 6:51 PM 4096] <br/>S3 ttv400x;TOSHIBA PCI DVB-T/Analog Hybrid Tuner;c:\windows\system32\drivers\ttv400x.sys [1/1/2000 6:02 PM 173696] <br/> <br/>--- Other Services/Drivers In Memory --- <br/> <br/>*NewlyCreated* - COMHOST <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/> <br/>2009-12-24 c:\windows\Tasks\AppleSoftwareUpdate.job <br/>- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 02:34] <br/> <br/>2010-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-20 12:22] <br/> <br/>2010-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-20 12:22] <br/> <br/>2010-01-06 c:\windows\Tasks\OGADaily.job <br/>- c:\windows\system32\OGAVerify.exe [2008-12-31 06:04] <br/> <br/>2010-01-07 c:\windows\Tasks\OGALogon.job <br/>- c:\windows\system32\OGAVerify.exe [2008-12-31 06:04] <br/> <br/>2010-01-07 c:\windows\Tasks\User_Feed_Synchronization-{CB81F16B-6941-447C-9379-6B4060141828}.job <br/>- c:\windows\system32\msfeedssync.exe [2007-08-13 08:36] <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ <br/>uStart Page = hxxp://www.bigpond.com/ <br/>uInternet Settings,ProxyServer = http=127.0.0.1:5555 <br/>uInternet Settings,ProxyOverride = <local> <br/>IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx <br/>IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html <br/>IE: {{1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\program files\Internet Radio\Radio.exe <br/>Name-Space Handler: ftp\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - <br/>Name-Space Handler: http\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - <br/>DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab <br/>DPF: {F6676623-8BBD-479C-A51B-05868728708C} - hxxp://download.digitaldm.com/plug-in/myebk/c/digitaldm2.cab <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/> <br/>SafeBoot-AVG Anti-Spyware Driver <br/>SafeBoot-AVG Anti-Spyware Guard <br/>AddRemove-Live TV Toolbar - c:\progra~1\Live_TV\UNWISE.EXE <br/> <br/> <br/> <br/>************************************************************************** <br/> <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2010-01-07 17:09 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/> <br/>scanning hidden processes ... <br/> <br/>scanning hidden autostart entries ... <br/> <br/>scanning hidden files ... <br/> <br/>scan completed successfully <br/>hidden files: 0 <br/> <br/>************************************************************************** <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/> <br/>[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\run\OptionalComponents\IMAIL] <br/>@DACL=(02 0000) <br/>"Installed"="1" <br/>@="" <br/> <br/>[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\run\OptionalComponents\MAPI] <br/>@DACL=(02 0000) <br/>"NoChange"="1" <br/>"Installed"="1" <br/>@="" <br/> <br/>[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\run\OptionalComponents\MSFS] <br/>@DACL=(02 0000) <br/>"Installed"="1" <br/>@="" <br/>. <br/>--------------------- DLLs Loaded Under Running Processes --------------------- <br/> <br/>- - - - - - - > 'winlogon.exe'(1320) <br/>c:\program files\SUPERAntiSpyware\SASWINLO.DLL <br/>c:\windows\system32\WININET.dll <br/>c:\documents and settings\Austin Smith\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL <br/>c:\documents and settings\Austin Smith\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll <br/>c:\program files\common files\logitech\bluetooth\LBTWlgn.dll <br/>c:\windows\system32\psqlpwd.dll <br/>c:\program files\Protector Suite QL\infra.dll <br/>c:\program files\common files\logitech\bluetooth\LBTServ.dll <br/>c:\program files\Protector Suite QL\homefus2.dll <br/>c:\windows\system32\biologon.dll <br/>c:\program files\Protector Suite QL\homepass.dll <br/>c:\program files\Protector Suite QL\bio.dll <br/>c:\program files\Protector Suite QL\remote.dll <br/>c:\program files\Protector Suite QL\crypto.dll <br/>. <br/>Completion time: 2010-01-07 17:11:06 <br/>ComboFix-quarantined-files.txt 2010-01-07 06:11 <br/>ComboFix2.txt 2008-05-03 22:09 <br/> <br/>Pre-Run: 20,890,652,672 bytes free <br/>Post-Run: 21,062,664,192 bytes free <br/> <br/>Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5 <br/>- - End Of File - - D9FE081C8ABE672193CC361E548C71D7
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Thursday, December 8, 2016, 7:15 PM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Crawlerz.
There are currently no users on-line.