Windows, Operating System, Security, Networking, Malware, Support, Forum, Help Site Check Our Facebook Page!


Notices

Register your FREE account to unlock additional features at WindowsBBS.com
 
 
LinkBack Thread Tools
Old 16th March 2010   #1
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

[Resolved] Slow PC


Help
PC very slow
Ran AVG no virus
Malwarebytes no spyware
Super antispyware clean

Hijack Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:38:52 AM, on 3/16/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photogize.com/bponet/Phot...eUploader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup162.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Update Service (gupdate1c9c3951be7f6a0) (gupdate1c9c3951be7f6a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7598 bytes


Thanks
Dave

dave1234 is offline  
Old 16th March 2010   #2
Administrator
 
Admin.'s Avatar
 
Profile:
Join Date: Dec 2001
Location: 35⁰ 53'55.1" N, 14⁰ 28'37.5" E
Posts: 6,238
Computer Experience:
***
Admin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation LevelAdmin. Reputation Level

My System
Hi,

Read this post as indicated at the top of this forum & follow the instructions.

Admin. is offline  
Old 17th March 2010   #3
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Slow PC


Admin,

Logs


DDS (Ver_09-12-01.01) - NTFSx86
Run by David Peters at 20:51:45.93 on Tue 03/16/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.133 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\David Peters\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll
TB: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
Trusted Zone: musicmatch.com\online
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.photogize.com/bponet/PhotogizeImageUploader4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-15 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-26 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-1-23 28424]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-6-26 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-4 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-4 74480]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-1-30 353672]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-2-26 285392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 gupdate1c9c3951be7f6a0;Google Update Service (gupdate1c9c3951be7f6a0);c:\program files\google\update\GoogleUpdate.exe [2009-4-22 133104]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-4 7408]

=============== Created Last 30 ================

2010-02-26 10:22:29 0 d--h--w- C:\$AVG
2010-02-26 10:20:35 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2010-02-26 10:11:56 891208 ----a-w- C:\avg_free_stb_en_9_40.exe
2010-02-19 10:12:32 0 d-----w- C:\DVDVideoSoft

==================== Find3M ====================

2010-02-26 10:21:49 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-26 10:21:49 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-26 10:21:30 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-30 11:16:04 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-06 02:55:37 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys
2009-12-26 18:50:03 20 ---h--w- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2009-12-21 13:19:18 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-12-17 22:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2007-03-06 11:27:44 215535 -c--a-w- c:\program files\hijackthis.zip
2004-08-04 11:00:00 94784 -csh--w- c:\windows\twain.dll
2008-04-14 00:12:07 50688 -csh--w- c:\windows\twain_32.dll
2008-04-14 00:11:56 1028096 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12:01 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll
2008-04-14 00:12:01 343040 --sha-w- c:\windows\system32\msvcrt.dll
2008-04-14 00:12:02 551936 --sh--w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12:02 84992 --sh--w- c:\windows\system32\olepro32.dll
2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe

============= FINISH: 20:52:59.42 ===============




UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/14/2005 10:50:12 AM
System Uptime: 3/16/2010 7:01:50 PM (1 hours ago)

Motherboard: Dell Inc. | | 0RD203
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 42.494 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1199: 12/14/2009 9:22:08 AM - System Checkpoint
RP1200: 12/15/2009 7:29:37 PM - System Checkpoint
RP1201: 12/16/2009 8:00:26 PM - System Checkpoint
RP1202: 12/17/2009 8:22:29 PM - System Checkpoint
RP1203: 12/19/2009 10:09:54 AM - System Checkpoint
RP1204: 12/20/2009 10:32:30 AM - System Checkpoint
RP1205: 12/21/2009 10:33:32 AM - System Checkpoint
RP1206: 12/22/2009 9:05:29 PM - System Checkpoint
RP1207: 12/23/2009 9:31:36 PM - System Checkpoint
RP1208: 12/24/2009 9:52:05 AM - Avg8 Update
RP1209: 12/25/2009 10:09:07 AM - System Checkpoint
RP1210: 12/26/2009 10:40:48 AM - System Checkpoint
RP1211: 12/27/2009 11:06:21 AM - System Checkpoint
RP1212: 12/29/2009 8:29:47 AM - Avg8 Update
RP1213: 12/30/2009 8:30:53 AM - System Checkpoint
RP1214: 12/31/2009 10:34:33 AM - System Checkpoint
RP1215: 1/1/2010 11:21:43 AM - System Checkpoint
RP1216: 1/2/2010 11:44:33 AM - System Checkpoint
RP1217: 1/3/2010 2:20:33 PM - System Checkpoint
RP1218: 1/4/2010 9:02:46 AM - Avg8 Update
RP1219: 1/5/2010 6:32:04 PM - System Checkpoint
RP1220: 1/5/2010 10:34:44 PM - Installed Microsoft Office Professional 2007 Trial
RP1221: 1/5/2010 11:04:01 PM - Installed Microsoft .NET Framework 2.0
RP1222: 1/6/2010 3:00:24 AM - Software Distribution Service 3.0
RP1223: 1/6/2010 9:33:58 PM - Software Distribution Service 3.0
RP1224: 1/6/2010 11:39:18 PM - Software Distribution Service 3.0
RP1225: 1/7/2010 5:25:09 AM - Software Distribution Service 3.0
RP1226: 1/7/2010 10:36:34 PM - Software Distribution Service 3.0
RP1227: 1/9/2010 8:42:55 AM - System Checkpoint
RP1228: 1/10/2010 10:55:26 AM - System Checkpoint
RP1229: 1/11/2010 11:09:40 AM - System Checkpoint
RP1230: 1/12/2010 9:19:16 PM - System Checkpoint
RP1231: 1/13/2010 9:45:07 PM - System Checkpoint
RP1232: 1/13/2010 10:40:25 PM - Software Distribution Service 3.0
RP1233: 1/15/2010 7:45:31 AM - System Checkpoint
RP1234: 1/16/2010 1:59:32 PM - System Checkpoint
RP1235: 1/17/2010 8:47:36 PM - System Checkpoint
RP1236: 1/19/2010 5:05:40 AM - System Checkpoint
RP1237: 1/20/2010 5:02:38 AM - Installed Java(TM) 6 Update 17
RP1238: 1/21/2010 5:37:25 AM - System Checkpoint
RP1239: 1/21/2010 9:55:27 PM - Software Distribution Service 3.0
RP1240: 1/22/2010 10:45:41 PM - System Checkpoint
RP1241: 1/24/2010 10:00:34 AM - System Checkpoint
RP1242: 1/25/2010 10:03:57 AM - System Checkpoint
RP1243: 1/26/2010 8:47:42 PM - System Checkpoint
RP1244: 1/27/2010 7:16:34 PM - Installed Java(TM) 6 Update 18
RP1245: 1/27/2010 8:24:40 PM - Installed Java(TM) 6 Update 16
RP1246: 1/29/2010 8:16:13 AM - System Checkpoint
RP1247: 1/30/2010 10:15:38 AM - System Checkpoint
RP1248: 1/31/2010 10:30:06 AM - System Checkpoint
RP1249: 2/1/2010 11:15:53 AM - System Checkpoint
RP1250: 2/3/2010 5:42:50 AM - System Checkpoint
RP1251: 2/3/2010 8:50:02 AM - Avg8 Update
RP1252: 2/4/2010 3:10:45 PM - System Checkpoint
RP1253: 2/5/2010 3:45:09 PM - System Checkpoint
RP1254: 2/6/2010 6:21:08 PM - System Checkpoint
RP1255: 2/8/2010 8:28:43 AM - System Checkpoint
RP1256: 2/9/2010 10:12:44 PM - System Checkpoint
RP1257: 2/10/2010 10:26:06 PM - System Checkpoint
RP1258: 2/11/2010 3:00:38 AM - Software Distribution Service 3.0
RP1259: 2/12/2010 3:42:59 AM - System Checkpoint
RP1260: 2/13/2010 4:42:57 AM - System Checkpoint
RP1261: 2/14/2010 5:04:21 AM - System Checkpoint
RP1262: 2/15/2010 5:27:05 AM - System Checkpoint
RP1263: 2/16/2010 5:54:32 AM - System Checkpoint
RP1264: 2/17/2010 6:51:04 AM - System Checkpoint
RP1265: 2/18/2010 7:15:04 AM - System Checkpoint
RP1266: 2/19/2010 8:27:06 AM - System Checkpoint
RP1267: 2/20/2010 9:27:06 AM - System Checkpoint
RP1268: 2/21/2010 10:51:05 AM - System Checkpoint
RP1269: 2/22/2010 9:01:58 PM - System Checkpoint
RP1270: 2/23/2010 10:34:35 PM - Software Distribution Service 3.0
RP1271: 2/24/2010 11:05:35 PM - System Checkpoint
RP1272: 2/26/2010 5:19:15 AM - Installed AVG Free 9.0
RP1273: 2/27/2010 8:57:32 AM - Avg8 Update
RP1274: 2/28/2010 11:10:46 AM - System Checkpoint
RP1275: 3/1/2010 11:24:35 AM - System Checkpoint
RP1276: 3/3/2010 8:49:43 AM - System Checkpoint
RP1277: 3/4/2010 6:34:28 PM - System Checkpoint
RP1278: 3/5/2010 6:57:27 PM - System Checkpoint
RP1279: 3/6/2010 7:34:11 PM - System Checkpoint
RP1280: 3/7/2010 8:42:41 PM - System Checkpoint
RP1281: 3/8/2010 8:52:08 PM - System Checkpoint
RP1282: 3/10/2010 10:16:26 AM - System Checkpoint
RP1283: 3/10/2010 9:22:56 PM - Software Distribution Service 3.0
RP1284: 3/12/2010 5:44:10 AM - System Checkpoint
RP1285: 3/13/2010 9:18:03 AM - System Checkpoint
RP1286: 3/16/2010 8:10:53 PM - System Checkpoint

==== Installed Programs ======================

7-Zip 4.65
Abacast Client
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
AdsGone Popup Killer Spyware Blocker by A1Tech.com
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 4
AutoUpdate
AVG Free 9.0
BlackBerry Desktop Software 4.3
Bonjour
Critical Update for Windows Media Player 11 (KB959772)
Cucusoft iPod Movie/Video Converter 2.00
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support Center (Support Software)
Dell System Restore
DellSupport
Digital Content Portal
DivX
DivX Player
DVDVideoSoft Toolbar
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.2
Google Earth
Google Update Helper
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
hp deskjet 5550 series
hp deskjet 5550 series (Remove only)
HP Photo Imaging Software
HP Photo Printing Software
hp print screen utility
HP Share-to-Web
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iPod for Windows 2005-10-12
iTunes
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 18
Java(TM) 6 Update 3
LimeWire 5.4.6
Macromedia Flash Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
Nikon Message Center
Nikon Transfer
Options 360™
Photo Viewer 2.4
PowerDVD 5.5
Qualxserve Service Agreement
Quick Startup 2.7.0.686
QuickBooks Simple Start Special Edition
QuickTime
RealPlayer
Roxio Media Manager
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Sonic RecordNow Copy
Sonic RecordNow Data
Spybot - Search & Destroy 1.3
STC Series 7 Q&& A Final Exams
SUPERAntiSpyware Free Edition
Tracks Eraser Pro v7.0
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB977724)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb979895)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinZip Self-Extractor
WordPerfect Office 12
ZoneAlarm

==== Event Viewer Messages From Past Week ========

3/13/2010 8:48:32 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
3/13/2010 6:33:00 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
3/13/2010 6:33:00 AM, error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================


Thanks
Dave

dave1234 is offline  
Old 17th March 2010   #4
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
  • Go to Start > Control Panel double-click on the Software icon > add/remove programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
  • Select it and click Remove.
  • Then Download and install the newest version from here:
  • http://www.java.com/en/download/manual.jsp

==

When was the last time you defragged?

==

Download and Run ATF Cleaner
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache

*The other boxes are optional*
Then click the Empty Selected button.

Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

==

Please use the Internet Explorer browser (or FireFox with IETab), and do an online scan with Kaspersky Online Scanner

Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

Click Yes, when prompted to install its ActiveX component.
(Note.. for Internet Explorer 7 users: If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
The program launches and downloads the latest definition files.
  • Once the files are downloaded click on Next
  • Click on Scan Settings and configure as follows:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK and, under select a target to scan, select My Computer
When the scan is done, in the Scan is completed window (below), any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.


To obtain the report:
Click on: Save Report As (above - red blinking arrow)
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar
In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.

===========

Please post the last MBA-M log.

crunchie is offline  
Old 18th March 2010   #5
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Kaspersky does not run on my computer. It hangs up when it starts scanning.
A warning message appears that says "Virtual memory minimum too low"

I was overdue for Defrag, now computer seems a little bit faster.

Do I have a memory issue? Speed slows when several applications are open.

Thanks
Dave

dave1234 is offline  
Old 18th March 2010   #6
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
How much physical RAM and how much virtual memory do you have?

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
  • You will need to use Internet Explorer to complete this scan.
  • You will need to temporarily Disable your current Anti-virus program.
  • Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
  • When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.
NOTE: If you are unable to complete the ESET scan, please try another from the list below:
Kaspersky Online Scanner
Panda Active Scan
Trend Micro HouseCall
F-Secure Online Virus Scanner

crunchie is offline  
Old 19th March 2010   #7
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Crunchie,
I have 504 MB RAM with 2000MB Virtual memory ( I increased from 1500).

ESET Scanner did not run.

F Secure ran and found four spyware There is no option for log.

Here they are:

Tracking cookie. Advertising
Tracking cookie. Atdmt
Tracking cookie.Yield Manager
BFU.EXE

Dave

dave1234 is offline  
Old 19th March 2010   #8
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
I would probably like to see more physical RAM, but it's not too bad for XP.

Please download ComboFix by sUBs from HERE or HERE
  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

crunchie is offline  
Old 19th March 2010   #9
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Combofix Log

ComboFix 10-03-18.01 - David Peters 03/18/2010 20:59:57.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.187 [GMT -4:00]
Running from: c:\documents and settings\David Peters\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\jestertb.dll
c:\windows\twain_16.dll

.
((((((((((((((((((((((((( Files Created from 2010-02-19 to 2010-03-19 )))))))))))))))))))))))))))))))
.

2010-03-18 23:08 . 2010-03-18 23:08 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2010-03-18 23:01 . 2009-06-30 13:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-03-18 23:01 . 2010-03-18 23:01 -------- d-----w- c:\program files\Panda Security
2010-03-18 23:01 . 2010-03-18 23:01 -------- d-----w- c:\windows\LastGood
2010-03-18 02:48 . 2010-03-18 02:48 -------- d-----w- c:\program files\ESET
2010-02-27 13:57 . 2010-02-26 10:21 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-02-27 13:57 . 2010-02-26 10:21 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-02-26 10:22 . 2010-02-26 10:29 -------- d-----w- C:\$AVG
2010-02-26 10:20 . 2010-02-26 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-26 10:11 . 2010-02-26 10:12 891208 ----a-w- C:\avg_free_stb_en_9_40.exe
2010-02-19 10:12 . 2010-02-19 10:47 -------- d-----w- C:\DVDVideoSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-17 02:02 . 2009-01-10 15:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-17 01:49 . 2005-11-02 08:24 -------- d-----w- c:\program files\Java
2010-03-13 22:00 . 2010-03-13 22:17 2912768 ----a-w- c:\windows\Internet Logs\xDB27.tmp
2010-03-13 15:42 . 2009-09-12 22:57 117760 ----a-w- c:\documents and settings\David Peters\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-13 11:29 . 2010-03-13 11:38 2910720 ----a-w- c:\windows\Internet Logs\xDB9.tmp
2010-03-11 02:31 . 2009-09-01 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-07 18:36 . 2010-03-07 18:56 2902016 ----a-w- c:\windows\Internet Logs\xDB8.tmp
2010-03-06 23:34 . 2010-03-06 23:37 2898432 ----a-w- c:\windows\Internet Logs\xDB7.tmp
2010-02-26 10:21 . 2008-06-27 00:43 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-26 10:21 . 2008-06-27 00:43 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-26 10:21 . 2007-01-23 11:43 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-26 10:21 . 2008-06-27 00:43 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-26 10:20 . 2008-06-27 00:43 -------- d-----w- c:\program files\AVG
2010-02-25 10:15 . 2006-02-23 07:06 312629 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-02-14 19:29 . 2005-12-01 16:57 -------- d-----w- c:\program files\Google
2010-02-14 19:09 . 2010-02-14 19:22 2871296 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-01-31 18:09 . 2010-01-31 18:11 2841088 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-01-30 11:16 . 2005-11-25 11:07 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-29 10:50 . 2006-01-05 17:58 -------- d-----w- c:\documents and settings\David Peters\Application Data\Apple Computer
2010-01-29 00:36 . 2010-01-29 00:36 -------- d-----w- c:\program files\Conduit
2010-01-29 00:36 . 2010-01-29 00:35 -------- d-----w- c:\program files\DVDVideoSoft
2010-01-29 00:36 . 2010-01-29 00:35 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-01-28 01:16 . 2005-11-24 23:26 -------- d-----w- c:\program files\LimeWire
2010-01-28 00:20 . 2005-11-02 08:24 -------- d-----w- c:\program files\Common Files\Java
2010-01-28 00:19 . 2010-01-28 00:19 348160 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-28347759-n\msvcr71.dll
2010-01-28 00:19 . 2010-01-28 00:19 61440 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-42634842-n\decora-sse.dll
2010-01-28 00:19 . 2010-01-28 00:19 503808 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-28347759-n\msvcp71.dll
2010-01-28 00:19 . 2010-01-28 00:19 499712 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-28347759-n\jmc.dll
2010-01-28 00:19 . 2010-01-28 00:19 12800 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-42634842-n\decora-d3d.dll
2010-01-20 10:01 . 2010-01-20 10:01 152576 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-20 10:01 . 2010-01-20 10:01 79488 ----a-w- c:\documents and settings\David Peters\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-18 21:07 . 2005-11-19 11:50 116008 ----a-w- c:\documents and settings\David Peters\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-06 02:55 . 2006-02-05 17:42 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-01 18:19 . 2010-01-01 18:19 52224 ----a-w- c:\documents and settings\David Peters\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-31 16:50 . 2005-11-02 08:07 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-26 18:50 . 2008-12-20 20:21 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-12-21 19:14 . 2004-08-10 18:51 916480 ----a-w- c:\windows\system32\wininet.dll
2007-03-06 11:27 . 2006-03-11 17:54 215535 -c--a-w- c:\program files\hijackthis.zip
2004-08-04 11:00 . 2004-08-10 18:51 94784 -csh--w- c:\windows\twain.dll
2008-04-14 00:12 . 2004-08-10 18:51 50688 -csh--w- c:\windows\twain_32.dll
2008-04-14 00:11 . 2004-08-10 18:51 1028096 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12 . 2004-08-10 18:51 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12 . 2004-08-10 18:51 413696 --sha-w- c:\windows\system32\msvcp60.dll
2008-04-14 00:12 . 2004-08-10 18:51 343040 --sha-w- c:\windows\system32\msvcrt.dll
2008-04-14 00:12 . 2004-08-10 18:51 551936 --sh--w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12 . 2004-08-10 18:51 84992 --sh--w- c:\windows\system32\olepro32.dll
2008-04-14 00:12 . 2004-08-10 18:51 11776 --sh--w- c:\windows\system32\regsvr32.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-12-31 16:53 2349080 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-26 10:21 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavaso ft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Share-to-Web Namespace Daemon"=c:\program files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
"MimBoot"=c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe"
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/15/2009 2:07 PM 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/26/2008 8:43 PM 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/26/2008 8:43 PM 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [9/4/2009 2:50 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [9/4/2009 2:49 PM 74480]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2/26/2010 6:20 AM 285392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
S2 gupdate1c9c3951be7f6a0;Google Update Service (gupdate1c9c3951be7f6a0);c:\program files\Google\Update\GoogleUpdate.exe [4/22/2009 5:55 PM 133104]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [9/4/2009 2:50 PM 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-03-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 00:49]

2010-03-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 21:55]

2010-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 21:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: musicmatch.com\online
.
- - - - ORPHANS REMOVED - - - -

AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe
AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe
AddRemove-STC Series 7 Q&& A Final Exams - c:\progra~1\STC\ILQA_0~1\UNWISE.EXE
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-18 21:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-03-18 21:15:59
ComboFix-quarantined-files.txt 2010-03-19 01:15
ComboFix2.txt 2009-09-12 22:16

Pre-Run: 44,965,789,696 bytes free
Post-Run: 45,400,223,744 bytes free

- - End Of File - - 0313915B39FCBC573ACBA00FA36E7680



Hijack Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:38 PM, on 3/18/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photogize.com/bponet/Phot...eUploader4.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup162.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Update Service (gupdate1c9c3951be7f6a0) (gupdate1c9c3951be7f6a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7797 bytes

dave1234 is offline  
Old 20th March 2010   #10
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
It doesn't look like you updated Java as requested earlier? Can you please do so.

Combofix has been run 3 times for some reason. Can you post the logs from the other runs. You should find them in C:\Qoobox.

How is the pc?

crunchie is offline  
Old 20th March 2010   #11
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Quarantine Log



2010-03-19 01:15:09 . 2010-03-19 01:15:09 912 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-WebCyberCoach_wtrb.reg.dat
2010-03-19 01:15:09 . 2010-03-19 01:15:09 726 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-STC Series 7 Q&& A Final Exams.reg.dat
2010-03-19 01:15:09 . 2010-03-19 01:15:09 692 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-RealPlayer 6.0.reg.dat
2010-03-19 01:15:09 . 2010-03-19 01:15:09 504 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-RealJukebox 1.0.reg.dat
2010-03-19 01:06:46 . 2010-03-19 01:06:46 4,968 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2010-03-19 00:58:12 . 2010-03-19 00:59:57 82 ----a-w- C:\Qoobox\Quarantine\catchme.log
2009-09-24 00:04:35 . 2009-09-24 00:04:35 21,504 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\jestertb.dll.vir
1999-12-07 04:00:00 . 1999-12-07 04:00:00 24,976 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\twain_16.dll.vir



Other file wouldnt transfer...too big?

I will update Java again. It said successful.

Dave

dave1234 is offline  
Old 20th March 2010   #12
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

PC seems better...

dave1234 is offline  
Old 22nd March 2010   #13
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
Other logs do not seem to be there. Did you have problems running combofix?

Are you happy with the way it is running now?

crunchie is offline  
Old 25th March 2010   #14
Senior Member
THREAD STARTER
 
Profile:
Join Date: Dec 2002
Posts: 190
Computer Experience:
intermediate
dave1234 Reputation Level

Crunchie,
Combofix ran OK
PC seems pretty good.

Thank you.
Dave

dave1234 is offline  
Old 25th March 2010   #15
Inactive
 
Profile:
Join Date: Jan 2010
Location: Australia
Posts: 982
Computer Experience:
intermediate
crunchie Reputation Level

My System
No worries. Do you have Brute Force Uninstaller or Batch File Utility on your PC? Wondering about this file; BFU.EXE

crunchie is offline  


 

THIS THREAD HAS EXPIRED.

Are you having the same problem? Please post a new thread, but first you'll have to join us by Registering (FREE).



Discussion Forums
Operating Systems
Windows 10 Windows 10
Windows 8 Windows 8
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Legacy Windows OS Legacy Windows OS
Internet & Networking
Networking (Hardware & Software) Networking
Internet Explorer Internet Explorer
Microsoft Mail Microsoft Mail
Firefox, Thunderbird & SeaMonkey Firefox, Thunderbird
      & SeaMonkey

Web Applications & Cloud Web Applications & Cloud
General Internet
Security
Malware and Virus Removal Malware and Virus
     Removal

Security and Privacy Security and Privacy

Other
Other PC Software Other PC Software
Test Posts Test Posts
Hardware
PC Hardware PC Hardware
Mobile Devices Mobile Devices
Community
Introductions Introductions
General Discussions General Discussions
Site Comments & Suggestions Site Comments
      & Suggestions

News News @ WindowsBBS

Thread Tools


Find us on Facebook   Web Of Trust Rating

All times are GMT. The time now is 11:44.



Recent Discussions
Missing from All Apps (0)
[Outlook Express - Missin.. (1)
Windows update has trashe.. (12)
Intellimouse Optical lose.. (4)
Want to delete archived f.. (3)
Windows 7 Premium or Pro? (5)
Microsoft Edge Favorites (6)
Outlook fails to send aft.. (0)
Copy and paste functions .. (13)
win 10 - no metro screen .. (5)
Casting with Windows 10 (0)
Lost some of my audio, so.. (7)
Has Windows update gone W.. (3)
Disable WMI Provider Host (2)
bogus emails offering Win.. (3)
The Latest W10 Info (10)
Edit Start Menu (5)
Windows 10 fails on my la.. (8)
Acer aspire one ie not wo.. (13)
Phone crashes completely .. (11)

Donate!
Support Windows BBS!



Powered by vBulletin® Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO
Copyright © 2002 - 2015 WindowsBBS.com. All rights reserved.
FDMA Media LLC
Terms of Use, Legal Information & Privacy Policy
Page generated in 0.52714 seconds with 7 queries