Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer running much slower than usual

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer running much slower than usual

Unread postby luke08 » September 16th, 2008, 8:46 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:00:25 PM, on 9/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - P>Ñ - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - Ð>Ñ - (no file)
O2 - BHO: (no name) - €>Ñ - (no file)
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: e&xport to microsoft excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.whataboutadog.com
O16 - DPF: Yahoo! Canasta - http://download2.games.yahoo.com/games/ ... /yt2_x.cab
O16 - DPF: Yahoo! Euchre - http://download2.games.yahoo.com/games/ ... /et3_x.cab
O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/c ... /nt1_x.cab
O16 - DPF: Yahoo! Hearts - http://download2.games.yahoo.com/games/ ... /ht1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/c ... poti_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://chill.comcast.net/GameShell/onli ... uncher.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/ ... meHost.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 9089 bytes



RSIT Log

"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe

2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe

2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo!

Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplicat

ions\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

List of files/folders created in the last three months

2008-09-16 08:39:25 ----D---- C:\rsit
2008-09-15 14:12:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-15 12:59:27 ----D---- C:\Program Files\Trend Micro
2008-09-10 23:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 23:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-08-25 11:27:51 ----D---- C:\Documents and Settings\Lonewolf\Application Data\Amazon
2008-08-25 11:23:48 ----D---- C:\Program Files\Amazon
2008-08-19 19:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-18 19:29:19 ----D---- C:\WINDOWS\Prefetch
2008-08-18 19:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-18 19:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-18 19:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-18 19:21:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-18 19:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-18 19:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-08-18 19:21:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-18 19:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-18 19:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-18 19:20:28 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-18 19:12:45 ----D---- C:\WINDOWS\system32\scripting
2008-08-18 19:12:42 ----D---- C:\WINDOWS\l2schemas
2008-08-18 19:12:41 ----D---- C:\WINDOWS\system32\en
2008-08-18 18:46:11 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-18 18:46:08 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-18 18:46:05 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-18 18:46:05 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-18 18:45:54 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-18 18:45:53 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-18 18:45:34 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-18 18:45:29 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-18 18:45:26 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-18 18:45:25 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-18 18:45:24 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-18 18:45:23 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-18 18:45:23 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-18 18:45:21 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-18 18:45:16 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-18 18:44:52 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-18 18:44:51 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-18 18:44:51 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-18 18:44:41 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-18 18:44:41 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-18 18:44:35 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-18 18:44:35 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-18 18:43:58 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-18 18:43:57 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-18 18:43:54 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-18 18:43:54 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-18 18:43:53 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-18 18:43:53 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-18 18:43:22 ----A---- C:\WINDOWS\005794_.tmp
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-18 18:43:12 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-18 18:43:12 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-18 18:43:09 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-18 18:43:09 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-18 18:43:08 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-18 18:43:02 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-18 18:42:45 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-18 18:42:45 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-18 18:42:28 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-13 19:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-13 19:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-13 19:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 19:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-13 19:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 19:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-13 19:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-12 12:03:15 ----A---- C:\WINDOWS\system32\YPcservice.exe
2008-08-12 12:03:15 ----A---- C:\WINDOWS\system32\ypclsp.dll
2008-08-12 11:56:39 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-08-12 11:55:21 ----D---- C:\Program Files\Symantec
2008-08-12 11:55:18 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-12 11:55:04 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-08-12 11:53:52 ----A---- C:\WINDOWS\system32\YCRWin32.dll
2008-07-09 14:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-01 12:00:50 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-07-01 11:56:48 ----D---- C:\Program Files\Common Files\HP
2008-07-01 11:51:59 ----D---- C:\Program Files\Hewlett-Packard
2008-07-01 11:49:50 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2008-07-01 11:46:35 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2008-07-01 11:44:54 ----D---- C:\Program Files\HP
2008-07-01 11:44:01 ----HD---- C:\Config.Msi
2008-07-01 11:39:53 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2008-07-01 11:39:53 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2008-07-01 11:39:52 ----RA---- C:\WINDOWS\system32\hpotiop.dll
2008-07-01 11:39:50 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2008-06-20 15:14:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-09 191544]
R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2007-12-03 8413]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 DM9102;DAVICOM 9102(A) PCI Fast Ethernet Based NT Driver; C:\WINDOWS\System32\DRIVERS\DM9PCI5.SYS [2001-08-17 29696]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

[]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080915.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080915.002\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-09 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-09 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-09 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20080911.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-09 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-09 27576]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13

20608]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\System32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-01-20 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys []
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2007-12-15 23616]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

List of services

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

[2007-09-12 554352]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10

108648]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10

108648]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2003-10-06 81920]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-12 1174664]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec

Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2006-12-13 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

[2007-04-03 310008]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-04-03

166648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

[2004-10-22 73728]
S3 ISPwdSvc;Symantec IS Password Validation; C:\PROGRA~1\Symantec\isPwdSvc.exe [2007-01-14 80504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2006-12-13

57344]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-04-03 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18

913408]
S3 YPCService;YPCService; C:\WINDOWS\system32\YPCSER~1.EXE [2003-05-19 86016]

-----------------EOF-----------------
luke08
Active Member
 
Posts: 2
Joined: September 16th, 2008, 8:33 am
Advertisement
Register to Remove

Re: Computer running much slower than usual

Unread postby Shaba » September 22nd, 2008, 4:19 am

Hi luke08

RSIT log cuts off.

Please re-send it :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Computer running much slower than usual

Unread postby luke08 » September 22nd, 2008, 4:43 pm

RSIT Resend:

Logfile of random's system information tool 1.01 (written by random/random)
Run by Lonewolf at 2008-09-16 08:39:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (65%) free of 38 GB
Total RAM: 511 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:39:54 AM, on 9/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Lonewolf\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lonewolf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - P>Ñ - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - Ð>Ñ - (no file)
O2 - BHO: (no name) - €>Ñ - (no file)
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: e&xport to microsoft excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Canasta - http://download2.games.yahoo.com/games/ ... /yt2_x.cab
O16 - DPF: Yahoo! Euchre - http://download2.games.yahoo.com/games/ ... /et3_x.cab
O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/c ... /nt1_x.cab
O16 - DPF: Yahoo! Hearts - http://download2.games.yahoo.com/games/ ... /ht1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/c ... poti_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://chill.comcast.net/GameShell/onli ... uncher.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/ ... meHost.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 9680 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\Norton Security Online - Run Full System Scan - Lonewolf.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\P>Ñ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-04-15 1470488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Ð>Ñ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\€>Ñ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-04-15 1470488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-10-06 5058560]
"nwiz"=nwiz.exe /install []
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2006-06-18 339968]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-03 155648]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
""=C:\WINDOWS\system32\
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-04-03 232184]
"Logitech Hardware Abstraction Layer"=KHALMNPR.EXE []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152]
"YOP"=C:\PROGRA~1\Yahoo!\YOP\yop.exe [2007-10-26 509224]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"osCheck"=C:\PROGRA~1\Symantec\osCheck.exe [2007-01-14 771704]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\System32\NVMCTRAY.DLL [2003-10-06 49152]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\My Games\Rock & Roll JEOPARDY!\Rock & Roll JEOPARDY!.exe"="C:\My Games\Rock & Roll JEOPARDY!\Rock & Roll JEOPARDY!.exe:*:Enabled:Rock & Roll JEOPARDY!"
"C:\Program Files\Real\RealPlayer\trueplay.exe"="C:\Program Files\Real\RealPlayer\trueplay.exe:*:Disabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

List of files/folders created in the last three months

2008-09-16 08:39:25 ----D---- C:\rsit
2008-09-15 14:12:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-15 12:59:27 ----D---- C:\Program Files\Trend Micro
2008-09-10 23:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 23:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-08-25 11:27:51 ----D---- C:\Documents and Settings\Lonewolf\Application Data\Amazon
2008-08-25 11:23:48 ----D---- C:\Program Files\Amazon
2008-08-19 19:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-18 19:29:19 ----D---- C:\WINDOWS\Prefetch
2008-08-18 19:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-18 19:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-18 19:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-18 19:21:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-18 19:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-18 19:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-08-18 19:21:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-18 19:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-18 19:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-18 19:20:28 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-18 19:12:45 ----D---- C:\WINDOWS\system32\scripting
2008-08-18 19:12:42 ----D---- C:\WINDOWS\l2schemas
2008-08-18 19:12:41 ----D---- C:\WINDOWS\system32\en
2008-08-18 18:46:11 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-18 18:46:08 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-18 18:46:05 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-18 18:46:05 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-18 18:45:54 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-18 18:45:53 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-18 18:45:34 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-18 18:45:29 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-18 18:45:26 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-18 18:45:25 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-18 18:45:24 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-18 18:45:23 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-18 18:45:23 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-18 18:45:21 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-18 18:45:16 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-18 18:44:52 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-18 18:44:51 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-18 18:44:51 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-18 18:44:41 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-18 18:44:41 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-18 18:44:35 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-18 18:44:35 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-18 18:44:15 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-18 18:43:58 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-18 18:43:57 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-18 18:43:54 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-18 18:43:54 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-18 18:43:53 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-18 18:43:53 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-18 18:43:22 ----A---- C:\WINDOWS\005794_.tmp
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-18 18:43:20 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-18 18:43:19 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-18 18:43:13 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-18 18:43:12 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-18 18:43:12 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-18 18:43:09 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-18 18:43:09 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-18 18:43:08 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-18 18:43:02 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-18 18:42:45 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-18 18:42:45 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-18 18:42:28 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-13 19:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-13 19:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-13 19:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 19:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-13 19:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 19:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-13 19:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-12 12:03:15 ----A---- C:\WINDOWS\system32\YPcservice.exe
2008-08-12 12:03:15 ----A---- C:\WINDOWS\system32\ypclsp.dll
2008-08-12 11:56:39 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-08-12 11:55:21 ----D---- C:\Program Files\Symantec
2008-08-12 11:55:18 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-12 11:55:04 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-08-12 11:53:52 ----A---- C:\WINDOWS\system32\YCRWin32.dll
2008-07-09 14:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-01 12:00:50 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-07-01 11:56:48 ----D---- C:\Program Files\Common Files\HP
2008-07-01 11:51:59 ----D---- C:\Program Files\Hewlett-Packard
2008-07-01 11:49:50 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2008-07-01 11:46:36 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2008-07-01 11:46:35 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2008-07-01 11:44:54 ----D---- C:\Program Files\HP
2008-07-01 11:44:01 ----HD---- C:\Config.Msi
2008-07-01 11:39:53 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2008-07-01 11:39:53 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2008-07-01 11:39:52 ----RA---- C:\WINDOWS\system32\hpotiop.dll
2008-07-01 11:39:50 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2008-06-20 15:14:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-09 191544]
R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2007-12-03 8413]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 DM9102;DAVICOM 9102(A) PCI Fast Ethernet Based NT Driver; C:\WINDOWS\System32\DRIVERS\DM9PCI5.SYS [2001-08-17 29696]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080915.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080915.002\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-09 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-09 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-09 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20080911.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-09 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-09 27576]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\System32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-01-20 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys []
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2007-12-15 23616]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

List of services

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2003-10-06 81920]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-12 1174664]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2006-12-13 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-04-03 310008]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-04-03 166648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ISPwdSvc;Symantec IS Password Validation; C:\PROGRA~1\Symantec\isPwdSvc.exe [2007-01-14 80504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2006-12-13 57344]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-04-03 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 YPCService;YPCService; C:\WINDOWS\system32\YPCSER~1.EXE [2003-05-19 86016]

-----------------EOF-----------------
luke08
Active Member
 
Posts: 2
Joined: September 16th, 2008, 8:33 am

Re: Computer running much slower than usual

Unread postby Shaba » September 23rd, 2008, 8:02 am

All I see is some leftovers.

For general slowness, see here and post back if it helped :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Computer running much slower than usual

Unread postby Shaba » September 28th, 2008, 4:43 am

Due to Lack of Response this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware