Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer takes a LONG time to boot/printer driver messed up?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » December 30th, 2009, 10:34 pm

I am not sure my system is infected...but it takes a long time to boot and yesterday my printer (HP) doesn't allow me to check ink levels anymore with its toolbox function. Please check the information out for me....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:26:52 PM, on 12/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Thots Utilities\First To Find\First To Find.exe
C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Chromium\Application\chrome.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Documents and Settings\Power User\Desktop\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thederrick.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O3 - Toolbar: Pictures - {8E929F51-5914-11D6-971F-0050FC3F9161} - C:\Program Files\Diodia Software\Pictures Toolbar\Pictures.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SystemGuardAlerter] "C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe"
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [System Shield Alerter] C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [X1FileMonitor.exe] C:\Program Files\X1\X1FileMonitor.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Power User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Xmarks] C:\Program Files\Xmarks\IE Extension\xmarkssync.exe -q
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Start First to Find.lnk = C:\Program Files\Thots Utilities\First To Find\First To Find.exe
O4 - Global Startup: First To Find.lnk = C:\Program Files\Thots Utilities\First To Find\First To Find.exe
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O4 - Global Startup: Net.Medic.lnk = C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O8 - Extra context menu item: &Subscribe with ArchosLink - file://C:\Program Files\Archos\ArchosLink\\script.js
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6. ... ontrol.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0777417080
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1138865453
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {8646A6AF-0AE4-4BF8-B716-DB1513803972} (SFImageUpload1_8.ImageUpload) - http://riteaid.storefront.com/images/gl ... oad1_8.CAB
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/seri ... /gwCID.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{72AE48BF-6751-481F-9BC9-143EB29E8983}: NameServer = 166.102.165.13,207.41.5.20
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Google Update Service (gupdate1c9cadf7dba697a) (gupdate1c9cadf7dba697a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional\IoloSGCtrl.exe
O23 - Service: ZoneAlarm ForceField IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Unknown owner - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 15439 bytes

Acronis Disk Director Suite
Acronis True Image Home
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
AI RoboForm (All Users)
Amazon MP3 Downloader 1.0.9
ArchosLink
ArchoSoft V3.0
AVSDK5
CCleaner (remove only)
Choice Guard
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
DeLorme Topo USA 6.0
DriverAgent by eSupport.com
dynastree - Home Edition 1.02
EndItAll 2.0
EPSON Copy Utility 3
EPSON Scan
EVEREST Ultimate Edition v4.60
Everything 1.2.1.371
FileHippo.com Update Checker
FirmTools Duplicate Photo Finder 1
FirstToFind
Free RAR Extract Frog
Garmin Communicator Plugin
Garmin POI Loader
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
Gateway Drivers and Applications Recovery
GenSmarts
GoodSync
Google Earth
Google Update Helper
Google Updater
GSAK 7.6.2.45 (Final)
HashOnClick
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
hp deskjet 930c series (Remove only)
HP Photosmart Essential
HP Product Detection
iolo technologies' System Mechanic Professional
Java(TM) 6 Update 17
JDownloader
Junk Mail filter update
Legacy 7.0
Legacy Charting 7.0
Logitech MouseWare 9.80
MediaMonkey 3.2
MediaMonkey Script: MiniLyrics Embedder v1.4b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4
Microsoft Office XP Small Business
Microsoft OLE DB Provider for Visual FoxPro
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
Minilyrics(remove only)
Mozilla Firefox (3.5.6)
Mozilla Firefox (3.6b5)
MozyHome Remote Backup
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Magic
North Carolina Topo Map
NVIDIA Drivers
OziExplorer 3.95
Palm Desktop
PandoraRecovery (Remove Only)
PathWiz! V8 Multi Language Version
PDFCreator
pdfforge Toolbar v1.1
PDF-Viewer
Picasa 3
Pictures Toolbar
Quicken 2008
Rapport
SAT10 Pennsylvania Data
SE USA Topo Map
Second Site 3
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
System Requirements Lab
Tagrunner
The Master Genealogist v7 (for All Users)
TurboTax ItsDeductible 2005
TurboTax Premier 2005
UBCD4Win 3.50
Uniblue DriverScanner 2009
Uniblue DriverScanner 2009
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
VC 9.0 Runtime
VersionTracker Pro Windows
VideoReady V0.5
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VitalSigns Software's Net.Medic
WebEx Support Manager for Internet Explorer
Windows 7 Upgrade Advisor Beta
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WOT for Internet Explorer
X1
xImage
Xmarks for IE
ZoneAlarm Extreme Security
ZPoC 2.05
Zune
Zune
Zune Language Pack (ES)
Zune Language Pack (FR)
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm
Advertisement
Register to Remove

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby MWR 3 day Mod » January 4th, 2010, 1:18 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 6th, 2010, 1:18 pm

Hello & Welcome to Malware Removal

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this ensure Notify me when a reply is postedis ticked on the POST A REPLY page.

In the meantime please note the following:
  • Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.
  • Any recommendations made are for your computer problems only and should NOT be used on any other computer.
  • Please DO NOT run any scans/tools or other fixes unless I ask you to. This is very important for several reasons. Here are just two of them:
    1. The tools that we use are very powerful and can cause >>irreparable damage<< to your computer if not used correctly.
    2. Commercial scanners, for the most part can not completely remove some of the more "resistant" infections. This makes it much more difficult to get rid of completely.
  • If you get stuck or are unsure of something please ask for a further explanation, do not guess.
  • It will require more than one round to properly clean your system. Continue to respond to this thread until I give you the All Clean! even if symptoms seemingly abate.
Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave & if there is no contact for that amount of time I will have to assume you have abandoned your topic.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Thanks

DDS
Download DDS.scr by sUBs from one of the following links & save it to your desktop.
Link 1
Link 2
  • Double-Click on dds.scr and a command window will appear. This is normal
  • Shortly after two logs will appear, DDS.txt & Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply
Gmer
Download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO

    Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.

To post in next reply:
Contents of DDS log
Contents of Attach.txt
Contents of Gmer log
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 8th, 2010, 12:53 pm

I have in-laws this week and it may take awhile to attempt these steps I will keep you posted as the situation changes.
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 10th, 2010, 1:21 am

Thanks for the heads up.

Please bare in mind that as volunteers with real life to contend with, we can only take on so many topics at a time. This means that holding open a topic that is not active potentially means someone else is missing out on help. I'll hold this for another three days, however after that it may have to be closed.

Hope you understand
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 12th, 2010, 8:29 am

When I try to open dds.scr it opens in notepad. I don't think you want me to post the info from there. How do I make it run?
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 12th, 2010, 10:05 am

Hi

Sorry... do you mean the logs open in Notepad or the application itself? When you double click on it do you get the Open File - Security Warning dialogue box, with the option to Run or Cancel?
Could you explain in detail what is happening when you click to run DDS please.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 12th, 2010, 11:02 pm

I get a Open file - security warning box with the options of run or cancel and a checkbox for always ask before opening this file. When I click run I gen a notepad window with mostly gibberish but the first line says "genMZ   ÿÿ ¸ @ € º ´ Í!¸LÍ!This program cannot be run in DOS mode."

Gmer takes a long time to run. I tried to let it run last night but the system rebooted before I could get a log from it. I will let it run tonight and try to catch it before I go to bed.
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 13th, 2010, 2:30 am

Hi

See if this helps the DDS issue:
  • Right-click the DDS icon on your desktop
  • From the list choose Rename & rename DDS.scr to DDS.com
  • Click Yes when prompted
Try running it now.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 13th, 2010, 11:04 am

That worked. Here are the contents of BOTH logs from DDS.COM.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/31/2008 7:02:51 PM
System Uptime: 1/13/2010 12:12:55 AM (9 hours ago)

Motherboard: Intel Corporation | | D850EMV2
Processor: Intel(R) Pentium(R) 4 CPU 2.53GHz | J1E1 | 2519/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 279 GiB total, 51.062 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 12.24 GiB free.
E: is FIXED (NTFS) - 19 GiB total, 4.833 GiB free.
F: is FIXED (NTFS) - 19 GiB total, 12.198 GiB free.
G: is FIXED (NTFS) - 19 GiB total, 3.441 GiB free.
H: is FIXED (NTFS) - 19 GiB total, 4.658 GiB free.
I: is FIXED (NTFS) - 17 GiB total, 2.734 GiB free.
J: is CDROM (CDFS)
K: is CDROM (CDFS)
L: is Removable
M: is Removable
T: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acronis Disk Director Suite
Acronis True Image Home
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
AI RoboForm (All Users)
Amazon MP3 Downloader 1.0.9
ArchosLink
ArchoSoft V3.0
AVSDK5
BufferChm
CCleaner
Choice Guard
Chromium
Cisco Network Magic
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
D5400
DeLorme Topo USA 6.0
DeLorme Topo USA 6.0 Merge Modules
DeviceDiscovery
DriverAgent by eSupport.com
dynastree - Home Edition 1.02
EndItAll 2.0
EPSON Copy Utility 3
EPSON Scan
EVEREST Ultimate Edition v4.60
Everything 1.2.1.371
FileHippo.com Update Checker
FirmTools Duplicate Photo Finder 1
FirstToFind
Free RAR Extract Frog
Garmin Communicator Plugin
Garmin POI Loader
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
Gateway Drivers and Applications Recovery
GenSmarts
Geocaching Combo
GoodSync
Google Chrome
Google Earth
Google Update Helper
Google Updater
GPBaseService2
GSAK 7.6.2.45 (Final)
HashOnClick
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP Customer Participation Program 12.0
hp deskjet 930c series (Remove only)
HP Imaging Device Functions 12.0
HP Photosmart D5400 Printer Driver Software 12.0 Rel .3
HP Photosmart Essential 3.5
HP Product Detection
HP Smart Web Printing
HP Solution Center 13.0
HP Update
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotosmartEssential
HPProductAssistant
iolo technologies' System Mechanic Professional
Java(TM) 6 Update 17
JDownloader
Junk Mail filter update
Legacy 7.0
Legacy Charting 7.0
Logitech MouseWare 9.80
MarketResearch
MediaMonkey 3.2
MediaMonkey Script: MiniLyrics Embedder v1.4b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4
Microsoft Office XP Small Business
Microsoft OLE DB Provider for Visual FoxPro
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
Minilyrics(remove only)
Mozilla Firefox (3.5.6)
Mozilla Firefox (3.6b5)
MozyHome Remote Backup
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Magic
North Carolina Topo Map
NVIDIA Drivers
O&O Defrag Professional Edition
OziExplorer 3.95
Palm Desktop
PandoraRecovery (Remove Only)
PathWiz! V8 Multi Language Version
PDF-Viewer
PDFCreator
pdfforge Toolbar v1.1
Picasa 3
Pictures Toolbar
PS_SF_03_D5400_Software_Min
Pure Networks Platform
Quicken 2008
Rapport
SAT10 Pennsylvania Data
SE USA Topo Map
Second Site 3
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
SmartWebPrinting
SolutionCenter
SpywareBlaster 4.2
Status
System Requirements Lab
Tagrunner
The Master Genealogist v7 (for All Users)
Toolbox
TrayApp
TurboTax ItsDeductible 2005
TurboTax Premier 2005
UBCD4Win 3.50
Uniblue DriverScanner 2009
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
VersionTracker Pro Windows
VideoReady V0.5
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VitalSigns Software's Net.Medic
WebEx Support Manager for Internet Explorer
WebFldrs XP
WebReg
Windows 7 Upgrade Advisor Beta
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WOT for Internet Explorer
X1
xImage
Xmarks for IE
ZoneAlarm Extreme Security
ZPoC 2.05
Zune
Zune Language Pack (ES)
Zune Language Pack (FR)

==== Event Viewer Messages From Past Week ========

1/9/2010 7:32:56 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
1/9/2010 7:32:56 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/9/2010 7:32:55 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/9/2010 7:32:42 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
1/9/2010 7:16:30 PM, error: Service Control Manager [7034] - The O&O Defrag service terminated unexpectedly. It has done this 1 time(s).
1/13/2010 12:07:43 AM, error: Service Control Manager [7000] - The ZoneAlarm ForceField IswSvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/12/2010 11:57:55 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
1/12/2010 11:57:55 PM, error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/12/2010 11:57:15 PM, error: Service Control Manager [7034] - The TrueVector Internet Monitor service terminated unexpectedly. It has done this 1 time(s).
1/12/2010 11:36:15 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/12/2010 11:35:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.
1/12/2010 11:34:40 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ALG service.
1/12/2010 11:29:54 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the ZoneAlarm ForceField IswSvc service to connect.
1/12/2010 11:28:35 PM, error: Service Control Manager [7031] - The ZoneAlarm ForceField IswSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
1/12/2010 11:26:49 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
1/12/2010 11:26:47 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/12/2010 11:26:46 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Zune Bus Enumerator service to connect.
1/12/2010 11:26:16 PM, error: Service Control Manager [7031] - The Zune Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
1/12/2010 10:05:45 PM, error: Service Control Manager [7034] - The MozyHome Backup Service service terminated unexpectedly. It has done this 1 time(s).
1/11/2010 11:24:57 PM, error: Service Control Manager [7034] - The iolo System Guard service terminated unexpectedly. It has done this 2 time(s).
1/10/2010 10:17:47 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iolo System Service service to connect.
1/10/2010 10:17:47 PM, error: Service Control Manager [7000] - The iolo System Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/10/2010 10:17:46 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service ioloSystemService with arguments "" in order to run the server: {C8C3CC37-0CEC-41F2-ADA6-D0DB4C0342B0}
1/10/2010 10:17:36 PM, error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 2 time(s).
1/10/2010 10:17:34 PM, error: Service Control Manager [7034] - The iolo System Guard service terminated unexpectedly. It has done this 1 time(s).
1/10/2010 10:15:20 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/10/2010 10:14:10 PM, error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).
1/10/2010 10:14:09 PM, error: Service Control Manager [7034] - The iolo FileInfoList Service service terminated unexpectedly. It has done this 1 time(s).
1/10/2010 10:14:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
1/10/2010 10:14:09 PM, error: Service Control Manager [7022] - The Windows Search service hung on starting.

==== End Of File ===========================


DDS (Ver_09-12-01.01) - NTFSx86
Run by Power User at 9:34:38.98 on Wed 01/13/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.27 [GMT -5:00]

AV: ZoneAlarm Extreme Security Antivirus *On-access scanning enabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
AV: iolo System Shield *On-access scanning enabled* (Updated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
FW: ZoneAlarm Extreme Security Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\X1\X1FileMonitor.exe
C:\Program Files\Xmarks\IE Extension\xmarkssync.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Thots Utilities\First To Find\First To Find.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\VitalSigns\Net.Medic\Program\netMedic.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\PROGRA~1\VITALS~1\Net.Medic\Program\syshook.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Chromium\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Power User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Power User\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.thederrick.com/
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\pdfforge toolbar\SearchSettings.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\pdfforgeToolbarIE.dll
BHO: PDF-XChange Viewer IE-Plugin: {c5d07eb6-bbce-4dae-acbb-d13a8d28cb1f} - c:\program files\tracker software\pdf-xchange viewer\pdf-viewer\PDFXCviewIEPlugin.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\pdfforge toolbar\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: Pictures: {8e929f51-5914-11d6-971f-0050fc3f9161} - c:\program files\diodia software\pictures toolbar\Pictures.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\pdfforgeToolbarIE.dll
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [X1FileMonitor.exe] c:\program files\x1\X1FileMonitor.exe
uRun: [Xmarks] c:\program files\xmarks\ie extension\xmarkssync.exe -q
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [System Shield Alerter] c:\program files\iolo\system mechanic professional\system shield\ioloSSTray.exe
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [<NO NAME>]
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\poweru~1\startm~1\programs\startup\startf~1.lnk - c:\program files\thots utilities\first to find\First To Find.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\firstt~1.lnk - c:\program files\thots utilities\first to find\First To Find.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mozyho~1.lnk - c:\program files\mozyhome\mozystat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netmed~1.lnk - c:\program files\vitalsigns\net.medic\program\netMedic.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pdfcre~1.lnk - c:\program files\pdfcreator\PDFCreator.exe
IE: &Subscribe with ArchosLink - file://c:\program files\archos\archoslink\\script.js
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\iavlsp.dll
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6. ... ontrol.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windows ... 0777417080
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 1138865453
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
DPF: {8646A6AF-0AE4-4BF8-B716-DB1513803972} - hxxp://riteaid.storefront.com/images/gl ... oad1_8.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/seri ... /gwCID.CAB
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdat ... /opuc4.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
TCP: {72AE48BF-6751-481F-9BC9-143EB29E8983} = 166.102.165.13,207.41.5.20
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\poweru~1\applic~1\mozilla\firefox\profiles\sleq0s5c.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.windstream.net/wind/portal/index.aspx
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\MozillaDownload.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\MozillaExtensions.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\power user\application data\mozilla\firefox\profiles\sleq0s5c.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\documents and settings\power user\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\tracker software\pdf-xchange viewer\pdf-viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2009-11-4 128016]
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2009-12-7 17792]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-11-4 317072]
R1 RapportKELL;RapportKELL;c:\program files\trusteer\rapport\bin\RapportKELL.sys [2009-11-1 58984]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2009-11-1 334440]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-11-4 486280]
R2 AMP;AMP;c:\windows\system32\drivers\amp.sys [2009-10-28 122408]
R2 AMPSE;AMPSE;c:\windows\system32\drivers\ampse.sys [2009-10-28 1117224]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-1-24 55136]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-1-11 650160]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-1-11 650160]
R2 ISWKL;ZoneAlarm ForceField ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm ForceField IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2009-10-14 476528]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2009-11-1 972008]
R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2009-10-28 92712]
R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2009-10-28 117288]
R2 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2009-10-28 113192]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 icsak;icsak;c:\program files\checkpoint\zaforcefield\ak\icsak.sys [2009-10-14 35448]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 gupdate1c9cadf7dba697a;Google Update Service (gupdate1c9cadf7dba697a);c:\program files\google\update\GoogleUpdate.exe [2009-5-1 133104]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2008-12-8 533344]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
scrfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
vbefile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*
vbsfile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*
jsefile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*

=============== Created Last 30 ================

2010-01-11 03:12:25 448 ----a-w- c:\windows\system32\iolo.ini
2010-01-11 03:06:51 4958588 ----a-w- c:\windows\{00000002-00000000-0000000C-00001102-00000004-00581102}.BAK
2010-01-10 00:29:36 0 d-----w- c:\windows\system32\store
2010-01-05 15:36:46 77377 ----a-w- c:\windows\hpqins05.dat
2010-01-05 15:11:56 0 d-----w- c:\docume~1\poweru~1\applic~1\HpUpdate
2010-01-05 15:10:36 0 d-----w- c:\windows\Hewlett-Packard
2010-01-04 14:03:40 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2010-01-04 14:03:20 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2010-01-04 14:02:45 271704 ----a-r- c:\windows\system32\hpzids01.dll
2010-01-04 14:02:37 118272 ----a-w- c:\windows\system32\hpz3l696.dll
2010-01-04 14:01:22 309760 ----a-r- c:\windows\system32\difxapi.dll
2010-01-04 14:01:21 372736 ----a-r- c:\windows\system32\hppldcoi.dll
2010-01-04 14:01:20 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2010-01-04 13:42:09 939 ------w- c:\windows\hphmdl28.dat
2010-01-04 13:42:09 150160 ----a-w- c:\windows\hphins28.dat
2010-01-02 01:12:38 3584 ----a-w- c:\windows\system32\eswiaml.dll
2010-01-01 02:34:10 17878 ----a-w- c:\windows\system32\oodbs.lor
2010-01-01 01:10:19 0 ----a-w- c:\windows\OODCNT.INI
2009-12-31 13:29:46 0 d-----w- c:\windows\system32\oodag
2009-12-31 03:55:37 0 d-----w- c:\program files\OO Software
2009-12-31 03:08:07 0 d-----w- c:\program files\SpywareBlaster
2009-12-28 13:17:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-12-28 06:04:35 0 d-----w- c:\docume~1\poweru~1\applic~1\Printer Info Cache
2009-12-28 06:04:18 0 d-----w- c:\program files\common files\HP
2009-12-23 17:43:38 176640 ----a-w- c:\windows\system32\LXSYSUI.DLL
2009-12-23 17:26:23 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-12-23 17:26:23 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-12-23 07:57:54 0 d-----w- c:\program files\JDownloader
2009-12-23 06:19:40 0 d-----w- C:\swsetup
2009-12-23 04:50:06 0 d-----w- c:\program files\Uniblue
2009-12-23 04:38:16 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-12-14 19:15:14 2146304 ----a-w- c:\windows\system32\GPhotos.scr

==================== Find3M ====================

2010-01-13 05:16:02 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-12-28 13:16:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-18 01:08:02 93096 ----a-w- c:\windows\system32\IncContxMenu.dll
2009-12-18 01:07:52 2169256 ----a-w- c:\windows\system32\Incinerator.dll
2009-12-01 04:18:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2009-12-01 04:18:17 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01009.Wdf
2009-12-01 04:13:26 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2009-12-01 04:00:23 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_zumbus_01009.Wdf
2009-12-01 04:00:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2009-11-11 23:46:58 118784 ----a-w- c:\windows\system32\iavlsp.dll
2009-10-29 07:45:38 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-17 06:39:40 72584 ----a-w- c:\windows\zllsputility.exe
2009-10-17 06:39:32 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-15 16:28:26 119808 ----a-w- c:\windows\system32\t2embed.dll

============= FINISH: 9:36:48.34 ===============
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 13th, 2010, 11:28 am

Hi

How did you go with Gmer? If your having problems with it, we'll try something else.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 13th, 2010, 11:59 am

I haven't had any luck using GMER...it seems to reboot my computer at the end.
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby jmw3 » January 13th, 2010, 12:23 pm

Hi

OK... try this one:

RootRepeal
Download RootRepeal.zip from here & unzip it to your Desktop.
  • Double click RootRepeal.exe to start the program
  • Click the Report tab at the bottom of the program window
  • Click the Scan button
  • In the Select Scan dialog, check:
      Drivers
      Files
      Processes
      SSDT
      Stealth Objects
      Hidden Services
  • Click the OK button
  • In the next dialog, select all drives showing
  • Click OK to start the scan
Note: The scan can take some time. DO NOT run any other programs while the scan is running
  • When the scan is complete, the Save Report button will become available
  • Click this and save the report to your Desktop as RootRepeal.txt
  • Go to File then Exit to close the program
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 13th, 2010, 6:03 pm

Well RootRepeal runs for awhile. Then it seems to get stuck with a message saying Please Wait initializing. It stayed on that screen for 3 hours. I had to force the window closed.
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm

Re: Computer takes a LONG time to boot/printer driver messed up?

Unread postby Milkman71 » January 13th, 2010, 6:14 pm

I just realized the tabs on the bottom correspond to where in the scan the program is at. I am running the scan now and will report where it gets stuck at.
Milkman71
Regular Member
 
Posts: 24
Joined: December 30th, 2009, 10:21 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware