Odd Freezing Problem

Posted by on December 30, 2010 · Leave a Comment 

I have recently got a new laptop to play games and overall it seems to run pretty good. However there is a problem which seems to plague the system. While i can play games like supreme commander 2 on high settings flawlessly, there are times when with any game, even an old game like stronghold crusader (2001), the system go in to a temporary freeze than resume running, a lot of times it freezes right before a trigger to a video cut scene or dialog, or even new music. I can’t figure out why it does this, especially if i can play Supreme Commander 2 with hundreds of units on the battlefield on high settings with no lag what so ever, and than something as simple as a cut scene occurs causes the computer to freeze for like 30 seconds, and than start to run again perfectly fine until whenever a similar situation happens again.

Another problem i have if it helps solve the problem is that there are other times when the game will keep running, but the sound will keep repeating itself at a set moment for a minute till it begins the proper music being played. I don’t know if this has to deal with my sound system to my computer or what since i am really new to understanding computers.

Here are all my specifications to my laptop,
http://www.newegg.com/Product/Produc…82E16834115864

My only guess as others have mentioned is that my HDD is slow only at 5400 rpm, even my ancient dell dimension had faster rpm at 7,200. Can anyone tell me if my slow HDD is causing my computer to lag, and stutter, and if not than is there any other problem, laptop heat maybe? (Problems may occur only 20 minutes after Turing computer on.)

Filed under Games · Tagged with

I did it twice but bsod, iastor, ntfs oh my!!

Posted by on December 30, 2010 · Leave a Comment 

I just signed up sorry for rehashing but i’ve tried al the ones i haven’t heard of and i just uninstalled iastor which worked for a short time but i’ve been getting it again i have a
emachine e725
Intel Pentium Processor T4400
2.20 GHz, 800 MHz Front Side Bus, 1 MB L2 Cache
# 3GB DDR2 system memory RAM is actually DDR3
# 250 GB 5400 RPM SATA hard drive
# SuperMulti 8X DVD+ with Double Layer Support
# 10/100 Wired Ethernet; 802.11b/g/n Wireless WiFi
# 15.6" HD 1366×768 Widescreen High-Brightness LCD Display w/ Intel GMA 4500M

but it seem i cant fix it i used tdsskiller and it say no infection i can still log into windows but after a while i get blue screen and most of the time the dump fails but the most recent crash was with ntfs so i still believe i’m in warranty but if i can fix it with out spending money i would like to try..i do have a dump from the first time if need hope i will attach in zip.. Any help would be appreciated.

Attached Files
File Type: zip Dumpcheck.zip (51.3 KB)

Filed under Windows 7 · Tagged with

Access – Counter

Posted by on December 30, 2010 · Leave a Comment 

I have Items and components in an inventory system. The way it currenlty works is each item or component counted gets a tag #. when entered into db it then takes any item that may have components and does a break out of those items also. But these items do not have a tag # associated to them. I would like for it to take the parent item tag # and add something to it, such as .1, .2, .3.

Example
Apples Tag 1
Oranges Tag 2
Apple slices Tag 3

Apples has slices and seeds so they woud be
Slices Tag 1.1 or 1.A
Seeds Tag 1.2 or 1.B

Does that make sense? I am not sure how to get this to do that in a query….

Filed under Business Applications · Tagged with

Old PC says it can take 2Gb of memory, but only sees 1Gb

Posted by on December 30, 2010 · Leave a Comment 

In Brief: I have an old PC (2006), that says it can support up to 2Gb of memory, but only had 512Mb installed. I put two 1Gb modules in but the POST only "sees" two 512 Mb. I have Flashed the BIOS to the latest version. Have I missed something?

Details:
PC is a shop-bought, low-spec model from PCWorld (UK retail chain), in 2006. The make is a brand exclusive to that chain.
Ei Systems 204
Intel Celeron D 356 (3.33GHz)
512 MB DDR2 memory
80 GB Hard drive storage
Unicrome Pro 3D/2D Graphics & Video integrated
Windows XP SP2 (now SP3)

Motherboard is a Foxconn P4M800P7MB which says in the manual;

Quote:

System Memory
· Two 240-pin DIMM slots
· Supports DDR2 533/400 memory
· Supports 128 Mb/256 Mb/512 Mb/1 Gb technology up to 2GB

The memory modules that I bought were Kingston ValueRam KVR533D2N4/1G, 1Gb PC2 – 4200 CL4 240-pin DIMM, see the specs page here (pdf).

Filed under Hardware · Tagged with

How do I remove a Trojan.gen virus that was detected and quarentined by Norton?

Posted by on December 30, 2010 · Leave a Comment 

My son recently got a netbook for Christmas. Since he has had the computer, it seems to be a bit sluggish. Last night I ran some microsoft updates and this morning Nortron said that it found a Trojan.gen virus. I would like to remove this file and any other potentially harmful or files that may be affecting the operating speed of this computer. I am new to this site and I am hopeful that you can help me. The following is the hijack this file, ark.txt file and dds files. let me know if there is anythin else that I can send or provide.

Thank you

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:37 AM, on 12/30/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ezSharedSvcHost.exe
C:\Program Files\Norton Online\Engine\2.1.0.21\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Online\Engine\2.1.0.21\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\ASUS\Eee Storage\BackupService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jody Hancock\Desktop\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/www.msn.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ezShellStart. exe
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 – BHO: Skype add-on (mastermind) – {22BF413B-C6D2-4d91-82A9-A0F997BA588C} – C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 – BHO: (no name) – {5C255C8A-E604-49b4-9D64-90988571CECB} – (no file)
O2 – BHO: Symantec NCO BHO – {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} – C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 – BHO: Symantec Intrusion Prevention – {6D53EC84-6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 – BHO: Search Helper – {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} – C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Norton Safety Minder BHO – {B8E07826-0971-4f16-B133-047B88034E89} – C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.1.0.37\coIEPlg.dll
O2 – BHO: Windows Live Toolbar Helper – {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} – C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 – Toolbar: &Windows Live Toolbar – {21FA44EF-376D-4D53-9B0F-8A89D3229068} – C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 – Toolbar: Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 – HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 – HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 – HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 – HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 – HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 – HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 – HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 – HKLM\..\Run: [Easybits Parental Control] "C:\Program Files\EasyBits For Kids\ezMDAdmin.exe" /startup
O4 – HKLM\..\Run: [Easybits Desktop Live] "C:\Program Files\EasyBits For Kids\ezLiveDesk.exe" /startup
O4 – HKLM\..\Run: [EeeStorageBackup] C:\Program Files\ASUS\Eee Storage\BackupService.exe
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 – Global Startup: SuperHybridEngine.lnk = ?
O4 – Global Startup: AutoRun OSCleaner.lnk = ?
O9 – Extra button: Blog This – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 – Extra button: Skype – {77BF5300-1474-4EC7-9980-D32B190E9B07} – C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O18 – Protocol: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 – Protocol: symres – {AA1061FE-6C41-421F-9344-69640C9732AB} – C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: Easybits Shared Services for Windows (ezSharedSvc) – Teknum Systems AS – C:\WINDOWS\System32\ezSharedSvcHost.exe
O23 – Service: Hyperdesk Theme Enabler (HdThemeEnabler) – The Skins Factory, Inc. – C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
O23 – Service: Norton Online (NOF) – Symantec Corporation – C:\Program Files\Norton Online\Engine\2.1.0.21\ccSvcHst.exe
O23 – Service: Norton Internet Security – Symantec Corporation – C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

End of file – 8183 bytes

DDS (Ver_10-12-12.02) – NTFSx86
Run by Jody Hancock at 10:51:34.37 on Thu 12/30/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.123 [GMT -5:00]
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\ezSharedSvcHost.exe
C:\Program Files\Norton Online\Engine\2.1.0.21\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton Online\Engine\2.1.0.21\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\ASUS\Eee Storage\BackupService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jody Hancock\Desktop\HijackThis.exe
C:\Documents and Settings\Jody Hancock\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp:/www.msn.com
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\ezShellStart. exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} – c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} – c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} – No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} – c:\program files\norton internet security\norton internet security\engine\16.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} – c:\program files\norton internet security\norton internet security\engine\16.8.0.41\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} – c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} – c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Norton Safety Minder: {b8e07826-0971-4f16-b133-047b88034e89} – c:\program files\norton online\addons\norton safety minder\engine\2.1.0.37\coIEPlg.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} – c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} – c:\program files\windows live\toolbar\wltcore.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} – c:\program files\norton internet security\norton internet security\engine\16.8.0.41\coIEPlg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
mRun: [AsusACPIServer] c:\program files\eeepc\acpi\AsAcpiSvr.exe
mRun: [AsusEPCMonitor] c:\program files\eeepc\acpi\AsEPCMon.exe
mRun: [AsusTray] c:\program files\eeepc\acpi\AsTray.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [Easybits Parental Control] "c:\program files\easybits for kids\ezMDAdmin.exe" /startup
mRun: [Easybits Desktop Live] "c:\program files\easybits for kids\ezLiveDesk.exe" /startup
mRun: [EeeStorageBackup] c:\program files\asus\eee storage\BackupService.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\superh~1.lnk – c:\program files\asus\eeepc\super hybrid engine\SuperHybridEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1.lnk – c:\program files\asus\asus os cleaner\AsOSCleaner.exe
mPolicies-system: HideFastUserSwitching = 0 (0×0)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} – c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – {5F7B1267-94A9-47F5-98DB-E99415F33AEC} – c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} – {48E73304-E1D6-4330-914C-F5F514E3486C} – c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} – {77BF5300-1474-4EC7-9980-D32B190E9B07} – c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} – {FF059E31-CC5A-4E2E-BF3B-96E929D65503} – c:\progra~1\micros~4\office12\REFIEBAR.DLL
Handler: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: symres – {AA1061FE-6C41-421f-9344-69640C9732AB} – c:\program files\norton internet security\norton internet security\engine\16.8.0.41\CoIEPlg.dll
Notify: igfxcui – igfxdev.dll
SSODL: WPDShServiceObj – {AAA288BA-9A4C-45B0-95D7-94D524869DB5} – c:\windows\system32\WPDShServiceObj.dll
SEH: N/A: {e54729e8-bb3d-4270-9d49-7389ea579090} – c:\windows\system32\ezUPBHook.dll
============= SERVICES / DRIVERS ===============
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-12-29 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-12-29 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-12-29 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20101228.001\IDSXpx86.sys [2010-12-29 341944]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\ezSharedSvcHost.exe [2009-7-20 511536]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-7-15 55152]
R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\program files\the skins factory\hyperdesk\common\HDThemeEnabler.exe [2008-7-21 106496]
R2 NOF;Norton Online;c:\program files\norton online\engine\2.1.0.21\ccSvcHst.exe [2010-12-26 126904]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-12-29 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-12-28 102448]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-5-21 39424]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20101229.036\NAVENG.SYS [2010-12-30 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20101229.036\NAVEX15.SYS [2010-12-30 1360760]
R3 NTProcDrv;Process creation detector for NT.;c:\windows\temp\drv1.tmp [2010-12-30 3584]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-7-15 1684736]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 SQTECH9052;Disney Micro;c:\windows\system32\drivers\Capt9052.sys [2009-7-20 38656]
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector – Norton Safety Minder;c:\windows\system32\drivers\nsm\0201000.025\symrdr.sys [2010-12-26 181296]
=============== Created Last 30 ================
2010-12-30 14:29:59 ——– d–h–w- c:\windows\$hf_mig$
2010-12-29 16:59:08 ——– d—–w- c:\docume~1\alluse~1\applic~1\Symantec
2010-12-29 13:54:01 48688 —-a-w- c:\windows\system32\drivers\nis\1008000.029\symndisv.sys
2010-12-29 13:54:01 217136 —-a-w- c:\windows\system32\drivers\nis\1008000.029\symtdi.sys
2010-12-29 13:53:55 36400 —-a-w- c:\windows\system32\drivers\nis\1008000.029\symndis.sys
2010-12-29 13:53:50 89904 —-a-w- c:\windows\system32\drivers\nis\1008000.029\symfw.sys
2010-12-29 13:53:50 33072 —-a-w- c:\windows\system32\drivers\nis\1008000.029\symids.sys
2010-12-29 13:53:50 310320 —-a-w- c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys
2010-12-29 13:53:49 43696 —-a-w- c:\windows\system32\drivers\nis\1008000.029\srtspx.sys
2010-12-29 13:53:47 308272 —-a-w- c:\windows\system32\drivers\nis\1008000.029\srtsp.sys
2010-12-29 13:53:46 259632 —-a-w- c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys
2010-12-29 13:50:04 482432 —-a-w- c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys
2010-12-29 13:33:21 ——– d—–w- c:\windows\system32\drivers\nis\1008000.029
2010-12-29 13:23:32 ——– d—–w- c:\windows\system32\PreInstall
2010-12-27 14:58:03 274288 —-a-w- c:\windows\system32\mucltui.dll
2010-12-27 14:58:03 215920 —-a-w- c:\windows\system32\muweb.dll
2010-12-27 14:58:03 16736 —-a-w- c:\windows\system32\mucltui.dll.mui
2010-12-27 01:14:25 ——– d—–w- c:\docume~1\jodyha~1\applic~1\EasyBits For Kids
2010-12-26 15:59:53 ——– d—–w- c:\docume~1\jodyha~1\locals~1\applic~1\DigitalBlue
2010-12-26 14:56:44 50176 —-a-w- c:\windows\system32\win_utilman.exe
2010-12-26 14:54:29 181296 —-a-r- c:\windows\system32\drivers\nsm\0201000.025\symrdr.sys
2010-12-26 14:54:23 ——– d—–w- c:\windows\system32\drivers\nsm\0201000.025
2010-12-26 14:54:23 ——– d—–w- c:\windows\system32\drivers\NSM
2010-12-26 14:54:09 ——– d—–w- c:\windows\system32\drivers\nof\0201000.015
2010-12-26 14:54:09 ——– d—–w- c:\windows\system32\drivers\NOF
2010-12-26 14:54:09 ——– d—–w- c:\program files\Norton Online
2010-12-26 14:35:01 ——– d—–w- c:\docume~1\jodyha~1\applic~1\Skinux
2010-12-26 14:29:13 2560 —-a-w- c:\docume~1\alluse~1\applic~1\microsoft\usmt\iconlib.dll
2010-12-26 14:10:26 36400 —-a-r- c:\windows\system32\drivers\SymIM.sys
2010-12-26 14:10:23 60808 —-a-w- c:\windows\system32\S32EVNT1.DLL
2010-12-26 14:10:23 126512 —-a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-12-26 14:10:23 ——– d—–w- c:\program files\Symantec
2010-12-26 14:10:23 ——– d—–w- c:\program files\common files\Symantec Shared
2010-12-26 14:09:21 ——– d—–w- c:\windows\system32\drivers\NIS
2010-12-26 14:09:19 ——– d—–w- c:\docume~1\alluse~1\applic~1\Norton
2010-12-26 14:08:45 ——– d—–w- c:\program files\NortonInstaller
2010-12-26 14:08:45 ——– d—–w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-12-26 14:04:12 ——– d—–w- c:\windows\system32\NtmsData
==================== Find3M ====================
2010-12-28 22:15:17 588472 —-a-w- c:\windows\system32\ezsvc7x.dll
2010-11-06 00:34:12 832512 —-a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34:11 78336 —-a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34:11 1830912 —-a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34:11 17408 —-a-w- c:\windows\system32\corpol.dll
2010-10-26 13:25:00 1853312 —-a-w- c:\windows\system32\win32k.sys
2010-10-21 12:12:30 389120 —-a-w- c:\windows\system32\html.iec

GMER 1.0.15.15530 – http://www.gmer.net
Rootkit scan 2010-12-30 11:25:15
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ASUS-JM_ rev.0810
Running: qe5bs2po.exe; Driver: C:\DOCUME~1\JODYHA~1\LOCALS~1\Temp\agloiaod.sys

—- System – GMER 1.0.15 —-
SSDT 85306180 ZwAlertResumeThread
SSDT 85309070 ZwAlertThread
SSDT 8578E228 ZwAllocateVirtualMemory
SSDT 853F01C8 ZwAssignProcessToJobObject
SSDT 85A00210 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0x9DAC9720]
SSDT 853290F8 ZwCreateMutant
SSDT 85A74008 ZwCreateSymbolicLinkObject
SSDT 85469C80 ZwCreateThread
SSDT 853950B8 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0x9DAC99A0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0x9DAC9F00]
SSDT 85A01448 ZwDuplicateObject
SSDT 8579CA78 ZwFreeVirtualMemory
SSDT 853291C8 ZwImpersonateAnonymousToken
SSDT 853060C0 ZwImpersonateThread
SSDT 859DA9E8 ZwLoadDriver
SSDT 8579C998 ZwMapViewOfSection
SSDT 85336008 ZwOpenEvent
SSDT 858BEA68 ZwOpenProcess
SSDT 85457C70 ZwOpenProcessToken
SSDT 85336080 ZwOpenSection
SSDT 858777D0 ZwOpenThread
SSDT 853F00F8 ZwProtectVirtualMemory
SSDT 85AEE218 ZwResumeThread
SSDT 85815628 ZwSetContextThread
SSDT 852FA0E8 ZwSetInformationProcess
SSDT 85336048 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0x9DACA150]
SSDT 85336140 ZwSuspendProcess
SSDT 858BC3E0 ZwSuspendThread
SSDT 854B6030 ZwTerminateProcess
SSDT 857CCB30 ZwTerminateThread
SSDT 858DF218 ZwUnmapViewOfSection
SSDT 8552C890 ZwWriteVirtualMemory
—- Kernel code sections – GMER 1.0.15 —-
.text ntkrnlpa.exe!ZwCallbackReturn + 2D68 80504604 4 Bytes CALL 6CD5E3B2
.text ntkrnlpa.exe!ZwCallbackReturn + 2DCC 80504668 8 Bytes JMP 7C70858B
.text ntkrnlpa.exe!ZwCallbackReturn + 2F74 80504810 4 Bytes CALL 48D577B5
? SYMEFA.SYS The system cannot find the file specified. !
? C:\DOCUME~1\JODYHA~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !
—- User code sections – GMER 1.0.15 —-
.text C:\Program Files\Internet Explorer\iexplore.exe[840] ntdll.dll!RtlValidateUnicodeString + 554 7C9163BE 10 Bytes JMP 0A94003A
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4D9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3527F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E352777 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3527BB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E352703 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E35273D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E352831 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E20178A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[840] ole32.dll!CreateBindCtx + B5F 774FF14F 7 Bytes JMP 0A9400F3
.text C:\Program Files\Internet Explorer\iexplore.exe[840] ole32.dll!CoImpersonateClient + 51 775151F0 7 Bytes JMP 0A9401A9
.text C:\Program Files\Internet Explorer\iexplore.exe[840] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3529F3 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
—- Devices – GMER 1.0.15 —-
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
—- Files – GMER 1.0.15 —-
File C:\Documents and Settings\Jody Hancock\Local Settings\Temporary Internet Files\Content.IE5\GHC4LJ5M\eyeclopsminiprojector_blogspot_com[1].htm 24984 bytes
—- EOF – GMER 1.0.15 —-

Attached Files
File Type: txt Attach_12-30-10.txt (4.2 KB)

Filed under Virus & Other Malware Removal · Tagged with

Kernel Log: Coming in Linux 2.6.37 (Part 1-5)

Posted by on December 30, 2010 · Leave a Comment 

Kernel Log: Coming in 2.6.37 (Part 1) – Graphics.

Quote:

The Nouveau driver now supports power management and can address the GeForce 320M, and the code for Intel graphics cores now supports the video units on Sandy Bridge processors, which are due to be released shortly. A number of changes to the Radeon KMS driver should improve its performance.

Kernel Log: Coming in 2.6.37 (Part 2) – File systems.

Quote:

With the next kernel version, Ext4 will reach new levels of performance and use a trick to increase its storage media formatting speed. Other new features include a discard function that is interesting for slow-trimming SSDs, the "Rados Block Device" for cluster devices, bug fixes and optimisations to Btrfs.

Kernel Log: Coming in 2.6.37 (Part 3) – Network and storage hardware.

Quote:

Numerous changes to the network and storage code are to increase processing speed and improve the system’s hardware support. Among the new additions are a PPTP stack, various drivers for Wi-Fi hardware by Atheros, Broadcom and Realtek, and code for hard disks with a logical sector size of 4 Kbytes.

Kernel Log: Coming in 2.6.37 (Part 4) – Architecture and infrastructure code.

Quote:

The kernel now includes some components for supporting operation as a Xen host (Dom0). Switching into and out of sleep mode should be accelerated by the use of LZO compression. Following years of work, almost all parts of the kernel are now able to run without using the big kernel lock (BKL).

Kernel Log: Coming in 2.6.37 (Part 5) – Drivers.

Quote:

Support for fast USB 3.0 storage devices with USB Attached SCSI Protocol (UASP), an audio loopback driver plus extensions to support Apple’s Magic Trackpad are only some of the advances that improve the hardware support of the forthcoming Linux kernel version 2.6.37; final release is expected in January.

– Tom

Filed under Linux and Unix · Tagged with

Problems connecting wirelessly

Posted by on December 30, 2010 · Leave a Comment 

I just returned home to my parents house for the holidays and was met with them explaining that they no longer can get on the internet wirelessly, thinking that it must be the router I plugged in my computer and it works perfectly. Their computer shows they are getting full bars of coverage but when I go into network sharing it shows it is connected to the router but not the internet. The router is working correctly as other people are using it and it’s working fine. When i try and diagnose problems it says:

Cannot communicate with primary DNS server (168.94.0.15)
(Network diagnostics pinged the remote host but did not receive a response)

Then there is an option to reset the network adaptor and when clicked it trys repairing it and then it says:

Windows tried a repair but a problem still exists. Cannot communicate with primary DNS server(168.94.0.15)

Again there is an option to reset the network adaptor. It just goes round in circles.
I have googled the problem but the solutions I have tried seem not to help.
Any help will be very much appreciated.

Thanks,
Nick

Filed under Windows Vista · Tagged with

Toshiba Satellite L355-S7812 DVD/CD not working

Posted by on December 30, 2010 · Leave a Comment 

I recently got a virus on my computer and resorted to reimaging the computer using the recovery discs that came with my machine. All went fine at first. I was able to use the DVD/CD drive to install several applications. Right after I installed software for my wireless-USB network, my DVD/CD drive disappeared from my drives screen. (I actually discovered this because I realized I installed the wireless-USB software by mistake, and I was trying to install the wireless-N software instead.) Now when I insert a CD, I can hear it turning, but then it stops and does nothing.

I have Windows Vista. Should I uninstall the wireless-USB network software since I don’t need it? What else can I do without reimaging the computer again?

Filed under Hardware · Tagged with

How do i renew the interface Local Area Connection?

Posted by on December 30, 2010 · Leave a Comment 

How do i renew the interface Local Area Connection? When i use ‘Windows IP configuration utility, i do receive the following message:"Unable to contact your DHCP.Server request has timed out’ It looks like i have an invalid IP address and con’t connect my second computer (notebook/lap top) with the main one through an Power Line connection (ethernet cable).

I have cheked the powerlines + cables and connections and they look fine but there might still be a problem linked with the deletion of the ‘Network Connection Drive (Atheros AR8121/AR8113/AR8114 Gigabit/ Fast Ethernet Connection Drivers) (by my error earlier yesterday) which i have reinstolled on my Eee PC 901 again today. I had done also a drive scaner earlier in it was OK (Pased) but i still can’t get any connection through powerline (Devolo dLAN 200 AVeasy)
This message also apears when trying to "repair" Local Area Connection for having no connectivity to the Internet…"Windows could not finish repairing the problem because the following action cannot be completed: Renewing your IP address." Both my PC and Eee PC 901 Notebook are fine. I do have good internet connection on my main PC throught a Netgear Ruter. but can’t link my Notebook from the other room through the power line like i did before yesterday.
Can anyone please provide any clues or help me with this? I really would appretiate any kind of support or assistance you can provide?
Thank you in advance.
Tim

Filed under Networking · Tagged with

Virus or Something Else?

Posted by on December 30, 2010 · Leave a Comment 

Ok well this started a few weeks ago my computer started crashing quite a bit with IRQL less than or equal to, bad pool header, and something like memory management, I ran the memory diagnostics test and it did show errors. Then webroot spy sweeper stopped working so i tried to uninstall it but then it said the uninstall file was missing so i went to their website and looked through the forums and several people said the problem was solved with revo Uninstaller. I downloaded it and removed it but when i go to task manager it is still running but no longer in add/remove programs so i dont know what to do about that.
Now im not sure if that problem caused this or a virus but i cant use system restore because the volume shadow copy service is not working with error 0×81000202 and sometimes says the class is not registered so i cant try a restore point. Also my network says class not registered as well with system update and several other services i guess is what they are. What also happend at the same time was i went to a website and all of a sudden i have some AntiVirus program on my computer saying i was badly infected and i didnt download it.
I’ve also noticed quite a bit of errors in the event log as well mainly
"The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{89115307-8248-448F-ADA0-F3F3718A9B2A}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool."
i went to the registry found that key got the app id and went to dcomcnfg but couldnt find it at all.
I’m running Windows Vista
I tried running GMER 3 times but each time my computer either froze or crash
here is my HJT log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:30 AM, on 12/30/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Owner\Desktop\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY…ion&pf=desktop
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY…ion&pf=desktop
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8074
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 – URLSearchHook: RadarSync2 Toolbar – {6edc3889-b841-4127-a2bf-c5fc48f972c7} – C:\Program Files\RadarSync2\tbRada.dll
O2 – BHO: btorbit.com – {000123B4-9B42-4900-B3F7-F4B073EFC214} – C:\Program Files\Orbitdownloader\orbitcth.dll
O2 – BHO: Yahoo! Toolbar Helper – {02478D38-C3F9-4EFB-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 – BHO: HP Print Enhancer – {0347C33E-8762-4905-BF09-768834316C61} – C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 – BHO: Conduit Engine – {30F9B915-B755-4826-820B-08FBA6BD249D} – C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 – BHO: Spybot-S&D IE Protection – {53707962-6F74-2D53-2644-206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 – BHO: RadarSync2 Toolbar – {6edc3889-b841-4127-a2bf-c5fc48f972c7} – C:\Program Files\RadarSync2\tbRada.dll
O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: CacherBHO – {9B4DF450-DCC7-4B07-935D-0CD757A64583} – C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 – BHO: Search Toolbar – {9D425283-D487-4337-BAB6-AB8354A81457} – C:\Program Files\Search Toolbar\SearchToolbar.dll
O2 – BHO: Windows Live Messenger Companion Helper – {9FDDE16B-836F-4806-AB1F-1455CBEFF289} – C:\Program Files\Windows Live\Companion\companioncore.dll
O2 – BHO: Bing Bar BHO – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} – C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 – BHO: Ask Toolbar BHO – {D4027C7F-154A-4066-A1AD-4243D8127440} – C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: Google Gears Helper – {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} – C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 – BHO: HP Smart BHO Class – {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} – C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 – Toolbar: Grab Pro – {C55BBCD6-41AD-48AD-9953-3609C48EACC7} – C:\Program Files\Orbitdownloader\GrabPro.dll
O3 – Toolbar: Search Toolbar – {9D425283-D487-4337-BAB6-AB8354A81457} – C:\Program Files\Search Toolbar\SearchToolbar.dll
O3 – Toolbar: CocoonSoftware Toolbar – {D4027C7F-154A-4066-A1AD-4243D8127440} – C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 – Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 – {8dcb7100-df86-4384-8842-8fa844297b3f} – C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 – Toolbar: RadarSync2 Toolbar – {6edc3889-b841-4127-a2bf-c5fc48f972c7} – C:\Program Files\RadarSync2\tbRada.dll
O3 – Toolbar: Conduit Engine – {30F9B915-B755-4826-820B-08FBA6BD249D} – C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 – HKLM\..\Run: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
O4 – HKLM\..\Run: [hpsysdrv] "c:\hp\support\hpsysdrv.exe"
O4 – HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 – HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 – HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 – HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 – HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 – HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 – HKUS\S-1-5-21-30635564-1247150029-1877179460-1000\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun (User ‘?’)
O4 – HKUS\S-1-5-21-30635564-1247150029-1877179460-1000\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User ‘?’)
O4 – HKUS\S-1-5-21-30635564-1247150029-1877179460-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘?’)
O4 – HKUS\S-1-5-21-30635564-1247150029-1877179460-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User ‘?’)
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 – Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} – C:\Program Files\Windows Live\Companion\companioncore.dll
O9 – Extra button: (no name) – {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} – C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 – Extra ‘Tools’ menuitem: &Gears Settings – {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} – C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 – Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 – Extra button: Show or hide HP Smart Web Printing – {DDE87865-83C5-48c4-8357-2F5B1AA84522} – C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 – Extra button: (no name) – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 – Extra ‘Tools’ menuitem: Spybot – Search & Destroy Configuration – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 – DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) – http://support.microsoft.com/mats/DiagWebControl.cab
O16 – DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} – http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{DEF4BCBF-9D45-4F69-96BA-0F8953B6B5B3}: NameServer = 208.67.222.222,208.67.220.220
O18 – Protocol: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} – C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\Windows\system32\browseui.dll
O23 – Service: Apple Mobile Device – Apple Inc. – C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 – Service: Bonjour Service – Apple Inc. – C:\Program Files\Bonjour\mDNSResponder.exe
O23 – Service: FLEXnet Licensing Service – Acresso Software Inc. – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 – Service: Google Update Service (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: LightScribeService Direct Disc Labeling Service (LightScribeService) – Hewlett-Packard Company – c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 – Service: MotoConnect Service – Unknown owner – C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
O23 – Service: NVIDIA Display Driver Service (nvsvc) – NVIDIA Corporation – C:\Windows\system32\nvvsvc.exe
O23 – Service: PnkBstrA – Unknown owner – C:\Windows\system32\PnkBstrA.exe
O23 – Service: RoxMediaDB9 – Sonic Solutions – c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 – Service: SBSD Security Center Service (SBSDWSCService) – Safer Networking Ltd. – C:\Program Files\Spybot – Search & Destroy\SDWinSec.exe
O23 – Service: stllssvr – MicroVision Development, Inc. – c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 – Service: Tether – Unknown owner – C:\Program Files\Tether\TBService.exe
O23 – Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) – Webroot Software, Inc. (www.webroot.com) – C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 – Service: XAudioService – Conexant Systems, Inc. – C:\Windows\system32\DRIVERS\xaudio.exe


End of file – 10999 bytes

DDS.txt

DDS (Ver_10-12-12.02) – NTFSx86
Run by Owner at 9:13:55.19 on Thu 12/30/2010
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

============== Running Processes ===============

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uURLSearchHooks: RadarSync2 Toolbar: {6edc3889-b841-4127-a2bf-c5fc48f972c7} – c:\program files\radarsync2\tbRada.dll
mURLSearchHooks: RadarSync2 Toolbar: {6edc3889-b841-4127-a2bf-c5fc48f972c7} – c:\program files\radarsync2\tbRada.dll
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} – c:\program files\orbitdownloader\orbitcth.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} – c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} – c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} – c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} – c:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} – c:\progra~1\spybot~1\SDHelper.dll
BHO: RadarSync2 Toolbar: {6edc3889-b841-4127-a2bf-c5fc48f972c7} – c:\program files\radarsync2\tbRada.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} – c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CatcherBHO Class: {9b4df450-dcc7-4b07-935d-0cd757a64583} – c:\program files\moyea\youtube flv downloader\MoyeaCatcher.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} – c:\program files\search toolbar\SearchToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} – c:\program files\windows live\companion\companioncore.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} – c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: CocoonSoftware Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} – c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} – c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} – c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} – c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} – c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} – c:\program files\orbitdownloader\GrabPro.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} – c:\program files\search toolbar\SearchToolbar.dll
TB: CocoonSoftware Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} – c:\program files\ask.com\GenericAskToolbar.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} – c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: RadarSync2 Toolbar: {6edc3889-b841-4127-a2bf-c5fc48f972c7} – c:\program files\radarsync2\tbRada.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} – c:\program files\conduitengine\ConduitEngine.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} – c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
mRun: [hpsysdrv] "c:\hp\support\hpsysdrv.exe"
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] "RtHDVCpl.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0×0)
mPolicies-system: EnableUIADesktopToggle = 0 (0×0)
IE: E&xport to Microsoft Excel – c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} – {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} – c:\program files\windows live\companion\companioncore.dll
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} – {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} – c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – {5F7B1267-94A9-47F5-98DB-E99415F33AEC} – c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} – {48E73304-E1D6-4330-914C-F5F514E3486C} – c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} – {FF059E31-CC5A-4E2E-BF3B-96E929D65503} – c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} – {DDE87865-83C5-48c4-8357-2F5B1AA84522} – c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – {53707962-6F74-2D53-2644-206D7942484F} – c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} – hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} – hxxp://support.microsoft.com/mats/DiagWebControl.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} – hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} – hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} – hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {DEF4BCBF-9D45-4F69-96BA-0F8953B6B5B3} = 208.67.222.222,208.67.220.220
Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} – c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

================= FIREFOX ===================

FF – ProfilePath – c:\users\owner\appdata\roaming\mozilla\firefox\profiles\gbil2kmp.default\
FF – prefs.js: browser.startup.homepage – hxxp://www.google.com/
FF – prefs.js: network.proxy.type – 0
FF – plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF – plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF – plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF – plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF – plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npicaN.dll
FF – Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} – c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF – Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} – c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

—- FIREFOX POLICIES —-
FF – user.js: yahoo.homepage.dontask – true
============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2010-12-24 23:52:23 ——– d—–w- c:\users\owner\appdata\local\Temp
2010-12-24 09:14:54 6273872 —-a-w- c:\progra~2\microsoft\windows defender\definition updates\{250636e1-85d1-444d-a883-92f31541b902}\mpengine.dll
2010-12-24 01:46:44 ——– d—–w- c:\users\owner\appdata\local\VS Revo Group
2010-12-24 01:46:41 27192 —-a-w- c:\windows\system32\drivers\revoflt.sys
2010-12-24 01:46:40 ——– d—–w- c:\program files\VS Revo Group
2010-12-22 17:24:34 ——– d—–w- c:\progra~2\NVIDIA Corporation
2010-12-22 17:23:19 888424 —-a-w- c:\windows\system32\nvdispco322050.dll
2010-12-22 17:23:19 813672 —-a-w- c:\windows\system32\nvgenco322030.dll
2010-12-22 17:23:19 57960 —-a-w- c:\windows\system32\OpenCL.dll
2010-12-22 17:23:19 4837480 —-a-w- c:\windows\system32\nvcuda.dll
2010-12-22 17:23:19 2912360 —-a-w- c:\windows\system32\nvcuvid.dll
2010-12-22 17:23:19 2666600 —-a-w- c:\windows\system32\nvcuvenc.dll
2010-12-22 17:23:19 14899816 —-a-w- c:\windows\system32\nvoglv32.dll
2010-12-22 17:23:19 13019752 —-a-w- c:\windows\system32\nvcompiler.dll
2010-12-22 17:23:19 10084360 —-a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-12-22 03:55:20 ——– d—–w- c:\program files\TuneUpMedia
2010-12-22 03:55:18 ——– d—–w- c:\users\owner\appdata\roaming\TuneUpMedia
2010-12-22 03:55:16 ——– d—–w- c:\progra~2\TuneUpMedia
2010-12-22 03:48:11 ——– d—–w- c:\users\owner\appdata\local\OpenCandy
2010-12-22 03:48:04 ——– d—–w- c:\users\owner\appdata\roaming\OpenCandy
2010-12-22 03:46:14 ——– d—–w- c:\program files\FileHippo.com
2010-12-22 03:25:17 ——– d—–w- c:\program files\Conduit
2010-12-22 03:25:14 ——– d—–w- c:\program files\ConduitEngine
2010-12-22 03:25:12 ——– d—–w- c:\program files\RadarSync2
2010-12-22 03:24:47 ——– d—–w- c:\program files\RadarSync
2010-12-21 19:31:10 ——– d—–w- c:\users\owner\appdata\local\Windows Live
2010-12-21 17:54:20 ——– d—–w- c:\windows\en
2010-12-21 17:53:31 39272 —-a-w- c:\windows\system32\drivers\fssfltr.sys
2010-12-21 17:51:51 ——– d—–w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-21 17:49:28 69464 —-a-w- c:\windows\system32\XAPOFX1_3.dll
2010-12-21 17:49:28 515416 —-a-w- c:\windows\system32\XAudio2_5.dll
2010-12-21 17:49:28 453456 —-a-w- c:\windows\system32\d3dx10_42.dll
2010-12-21 17:49:26 3426072 —-a-w- c:\windows\system32\d3dx9_32.dll
2010-12-21 16:57:30 ——– d—–w- c:\program files\Bonjour
2010-12-21 15:54:43 108032 —-a-w- c:\windows\system32\ff_vfw.dll
2010-12-21 15:54:42 ——– d—–w- c:\program files\ffdshow
2010-12-20 23:40:17 ——– d—–w- c:\users\owner\appdata\roaming\Webroot
2010-12-20 23:31:13 66048 —-a-w- c:\program files\windows mail\wabmig.exe
2010-12-20 23:31:13 515584 —-a-w- c:\program files\windows mail\wab.exe
2010-12-20 23:31:13 33280 —-a-w- c:\program files\windows mail\wabfind.dll
2010-12-20 23:31:12 7680 —-a-w- c:\program files\internet explorer\iecompat.dll
2010-12-20 23:28:59 71680 —-a-w- c:\windows\system32\iesetup.dll
2010-12-20 23:28:59 43520 —-a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:28:59 197632 —-a-w- c:\program files\internet explorer\IEShims.dll
2010-12-20 23:28:59 1638912 —-a-w- c:\windows\system32\mshtml.tlb
2010-12-20 23:28:56 2048 —-a-w- c:\windows\system32\tzres.dll
2010-12-20 23:28:48 2409784 —-a-w- c:\program files\windows mail\OESpamFilter.dat
2010-12-11 01:16:04 ——– d—–w- c:\progra~2\Webroot(549)
2010-12-01 03:03:11 ——– d—–w- c:\users\owner\appdata\roaming\vlc(658)

==================== Find3M ====================

2010-12-22 03:53:59 472808 —-a-w- c:\windows\system32\deployJava1.dll
2010-11-30 00:38:30 94208 —-a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-30 00:38:30 69632 —-a-w- c:\windows\system32\QuickTime.qts
2010-11-04 18:56:07 345600 —-a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 —-a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 —-a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 —-a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 —-a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 —-a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:27 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 109056 —-a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 —-a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 —-a-w- c:\windows\system32\ieUnatt.exe
2010-10-28 15:44:56 34304 —-a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 —-a-w- c:\windows\system32\atmfd.dll
2010-10-19 17:41:44 222080 ——w- c:\windows\system32\MpSigStub.exe
2010-10-18 13:37:35 81920 —-a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 —-a-w- c:\windows\system32\win32k.sys
2010-10-16 19:42:20 600680 —-a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 19:42:20 110696 —-a-w- c:\windows\system32\nvmctray.dll
2010-10-16 19:42:16 3420776 —-a-w- c:\windows\system32\nvcpl.dll
2010-10-16 19:42:12 2079336 —-a-w- c:\windows\system32\nvsvc.dll
2010-10-16 18:55:00 1719912 —-a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55:00 10023528 —-a-w- c:\windows\system32\nvd3dum.dll
2010-10-07 19:23:02 91424 —-a-w- c:\windows\system32\dnssd.dll
2010-10-07 19:23:02 107808 —-a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 9:14:22.34 ===============

Attached Files
File Type: txt Attach.txt (7.9 KB)

Filed under Virus & Other Malware Removal · Tagged with

Next Page »