Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

please help...computer running slow, hanging on me and freez

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

please help...computer running slow, hanging on me and freez

Unread postby cbrgrl2010 » November 18th, 2010, 9:06 am

Hello,
My pc is running slow, programs are hanging and or freezing up all together. Here are the item you asked for....Thanks in advance for any help you can offer.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:01:01 AM, on 11/18/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Program Files\Gamers Unite! Snag Bar\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FamilyCyberAlert] C:\WINDOWS\system32\FCyberAlert\syslogin.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FCACheck] C:\WINDOWS\system32\FCyberAlert\FCACheck.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/ ... 1609083406
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8183005899
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 10777 bytes


32 Bit HP CIO Components Installer
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Scrapbook
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI Parental Control
Bonjour
CCleaner
CDDRV_Installer
Compact Wireless-G USB Adapter
Conexant D850 56K V.9x DFVc Modem
DivX Setup
Easy-WebPrint
erLT
Gamers Unite! Snag Bar
HiJackThis
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Smart Web Printing 4.60
HP Update
Intel(R) PRO Network Connections Drivers
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 22
KhalInstallWrapper
Logitech SetPoint
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Network Magic
OpenOffice.org 3.1
Picasa 3
Quick Screen Capture 3.0
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Segoe UI
Serif PhotoPlus 6.0
SigmaTel Audio
Sonic Encoders
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
VC80CRTRedist - 8.0.50727.4053
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Tray Control
Windows Presentation Foundation
Windows XP Service Pack 3
Zynga Toolbar
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am
Advertisement
Register to Remove

Re: please help...computer running slow, hanging on me and f

Unread postby MWR 3 day Mod » November 22nd, 2010, 1:01 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: please help...computer running slow, hanging on me and f

Unread postby km2357 » November 22nd, 2010, 4:06 pm

Hello and welcome to Malware Removal.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:


Step # 1 Download and run DDS

Download DDS and save it to your desktop from here or here or here
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop. Post them back to your topic.


Step # 2: Download and Run Gmer

Please download gmer.zip from Gmer and save it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst


If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.

If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure that the 'Sections' button is ticked and the 'Show All' button is unticked.
  • Click the Scan button and let the program do its work. GMER will produce a log.
  • Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.

DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

Please post the results from the GMER scan in your reply.


In your next post/reply, I need to see the following:

1. The two DDS Logs (DDS and Attach.txt)
2. The GMER Log

Use multiple posts if you can't fit everything into one post
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 22nd, 2010, 8:17 pm

Thank you for your reply. I will not be able to do your requested tasks until tom morning. I'm not with my computer as I am currently at work. As soon as I get home I will perform them and reply with the results. Thank you for your help
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 24th, 2010, 7:23 am

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/13/2008 6:16:42 PM
System Uptime: 11/23/2010 8:40:32 AM (0 hours ago)

Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 120.853 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: TI Technologies Inc.
Description: RADEON X300 SE 128MB HyperMemory Secondary
Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Manufacturer: ATI Technologies Inc.
Name: RADEON X300 SE 128MB HyperMemory Secondary
PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Service: ati2mtag

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Service: E100B

==== System Restore Points ===================

RP953: 8/24/2010 10:03:15 AM - System Checkpoint
RP954: 8/25/2010 11:38:32 AM - System Checkpoint
RP955: 8/26/2010 11:47:59 AM - System Checkpoint
RP956: 8/27/2010 3:26:47 PM - System Checkpoint
RP957: 8/28/2010 5:38:00 PM - System Checkpoint
RP958: 8/29/2010 10:13:28 PM - System Checkpoint
RP959: 8/31/2010 9:51:56 AM - System Checkpoint
RP960: 9/1/2010 10:05:40 AM - System Checkpoint
RP961: 9/2/2010 10:31:34 AM - System Checkpoint
RP962: 9/3/2010 10:46:30 AM - System Checkpoint
RP963: 9/4/2010 1:10:29 PM - System Checkpoint
RP964: 9/5/2010 4:47:28 PM - System Checkpoint
RP965: 9/6/2010 7:37:07 PM - System Checkpoint
RP966: 9/7/2010 8:32:37 PM - System Checkpoint
RP967: 9/8/2010 10:33:54 PM - System Checkpoint
RP968: 9/9/2010 10:46:35 PM - System Checkpoint
RP969: 9/10/2010 11:00:45 PM - System Checkpoint
RP970: 9/12/2010 12:10:33 AM - System Checkpoint
RP971: 9/13/2010 2:11:01 AM - System Checkpoint
RP972: 9/14/2010 3:21:33 AM - System Checkpoint
RP973: 9/15/2010 3:00:31 AM - Software Distribution Service 3.0
RP974: 9/16/2010 11:30:16 AM - System Checkpoint
RP975: 9/17/2010 11:48:48 AM - System Checkpoint
RP976: 9/18/2010 1:00:18 PM - System Checkpoint
RP977: 9/19/2010 6:16:15 PM - System Checkpoint
RP978: 9/22/2010 3:19:57 PM - System Checkpoint
RP979: 9/23/2010 4:27:58 PM - Removed Comcast Desktop Software (v1.2.0.9)
RP980: 9/23/2010 4:28:37 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP981: 9/23/2010 4:29:37 PM - Removed Desktop Doctor
RP982: 10/9/2010 7:50:25 PM - Installed Compact Wireless-G USB Adapter
RP983: 10/9/2010 8:24:14 PM - Removed Cisco Network Magic
RP984: 10/9/2010 8:24:48 PM - Removed Pure Networks Platform
RP985: 10/9/2010 8:25:46 PM - Removed WebEx Support Manager for Internet Explorer
RP986: 10/10/2010 10:13:25 PM - Software Distribution Service 3.0
RP987: 10/13/2010 12:16:16 PM - SetPoint 4.80
RP988: 10/13/2010 10:01:02 PM - Software Distribution Service 3.0
RP989: 10/15/2010 2:35:33 PM - Installed Java(TM) 6 Update 22
RP990: 10/16/2010 7:38:59 PM - System Checkpoint
RP991: 10/18/2010 3:42:27 PM - System Checkpoint
RP992: 10/20/2010 8:34:40 AM - System Checkpoint
RP993: 10/22/2010 9:08:47 PM - Removed WebEx Support Manager for Internet Explorer
RP994: 10/25/2010 1:38:22 PM - System Checkpoint
RP995: 10/26/2010 5:03:01 PM - System Checkpoint
RP996: 10/28/2010 8:51:09 AM - System Checkpoint
RP997: 10/30/2010 12:04:21 PM - System Checkpoint
RP998: 11/1/2010 8:43:58 AM - System Checkpoint
RP999: 11/3/2010 4:02:59 PM - System Checkpoint
RP1000: 11/4/2010 4:38:38 PM - System Checkpoint
RP1001: 11/5/2010 5:58:49 PM - System Checkpoint
RP1002: 11/7/2010 4:17:20 PM - System Checkpoint
RP1003: 11/7/2010 5:18:17 PM - Installed Connect Service
RP1004: 11/10/2010 5:16:12 AM - System Checkpoint
RP1005: 11/10/2010 10:12:19 PM - Software Distribution Service 3.0
RP1006: 11/12/2010 6:08:49 PM - System Checkpoint
RP1007: 11/13/2010 3:49:39 PM - Removed Media Player Utilities 5.15
RP1008: 11/13/2010 3:54:10 PM - Software Distribution Service 3.0
RP1009: 11/13/2010 4:15:09 PM - Software Distribution Service 3.0
RP1010: 11/13/2010 6:57:25 PM - Microsoft Antimalware Checkpoint
RP1011: 11/14/2010 12:08:54 AM - Software Distribution Service 3.0
RP1012: 11/14/2010 2:10:37 AM - Software Distribution Service 3.0
RP1013: 11/14/2010 12:02:52 PM - Software Distribution Service 3.0
RP1014: 11/14/2010 12:27:58 PM - Installed Windows Media Player 11
RP1015: 11/14/2010 12:30:17 PM - Installed Windows XP MSCompPackV1.
RP1016: 11/14/2010 12:33:37 PM - Installed Windows Media Player 11
RP1017: 11/14/2010 12:35:40 PM - Installed Windows XP MSCompPackV1.
RP1018: 11/15/2010 6:26:16 AM - Software Distribution Service 3.0
RP1019: 11/16/2010 12:43:07 PM - System Checkpoint
RP1020: 11/17/2010 9:58:19 AM - Software Distribution Service 3.0
RP1021: 11/18/2010 7:59:52 AM - Installed HiJackThis
RP1022: 11/18/2010 11:49:29 AM - Software Distribution Service 3.0
RP1023: 11/19/2010 8:38:27 AM - Installed Cisco Network Magic
RP1024: 11/19/2010 10:03:54 AM - Installed Dell Resource CD
RP1025: 11/19/2010 10:09:45 AM - Configured ATI Parental Control
RP1026: 11/19/2010 10:11:55 AM - Installed ATIMCEEPC
RP1027: 11/20/2010 8:22:33 AM - Software Distribution Service 3.0
RP1028: 11/21/2010 8:13:54 AM - Removed Dell Resource CD
RP1029: 11/22/2010 6:08:16 AM - Software Distribution Service 3.0
RP1030: 11/23/2010 8:21:04 AM - Software Distribution Service 3.0

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 24th, 2010, 7:24 am

DDS (Ver_10-11-10.01) - NTFSx86
Run by Brandie at 8:51:54.75 on Tue 11/23/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.431 [GMT -5:00]

AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\FCyberAlert\syslogin.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\system32\FCyberAlert\FCACheck.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Brandie.TIMBERWO-8EA7D3\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - c:\program files\gamers unite! snag bar\Helper.dll
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Gamers Unite! Snag Bar BHO: {26a7ca19-7d58-411d-b2da-f1b0324cbffc} - c:\program files\gamers unite! snag bar\Toolbar.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
TB: Gamers Unite! Snag Bar: {25515a79-c1c7-4b97-97f8-31a711694487} - c:\program files\gamers unite! snag bar\Toolbar.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\brandie.timberwo-8ea7d3\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [FCACheck] c:\windows\system32\fcyberalert\FCACheck.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [FamilyCyberAlert] c:\windows\system32\fcyberalert\syslogin.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
StartupFolder: c:\docume~1\brandi~1.tim\startm~1\programs\startup\logite~1.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\program files\iobit\advanced systemcare 3\SPICtrl.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/ ... 1609083406
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 8183005899
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/200 ... ader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2010-10-13 10384]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-11-23 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2009-11-23 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2009-11-23 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2009-11-23 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2009-11-23 25704]

=============== Created Last 30 ================

2010-11-23 13:21:10 6273872 ----a-w- c:\docume~1\alluse~1.win\applic~1\microsoft\microsoft antimalware\definition updates\{84d294ea-84b9-4d2c-9851-b16e7832fd0e}\mpengine.dll
2010-11-19 15:15:29 -------- d-----w- c:\program files\CONEXANT
2010-11-19 13:38:38 -------- d-----w- c:\program files\Pure Networks
2010-11-19 13:36:52 -------- d-----w- c:\program files\WebEx
2010-11-19 13:36:28 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys
2010-11-19 13:36:23 26672 ----a-w- c:\windows\system32\drivers\purendis.sys
2010-11-19 13:36:09 -------- d-----w- c:\program files\common files\Pure Networks Shared
2010-11-18 13:38:32 22016 ----a-w- c:\windows\system32\AResize.oca
2010-11-18 13:38:32 147456 ----a-w- c:\windows\system32\AbsoluteHttp.dll
2010-11-18 13:38:32 13312 ----a-w- c:\windows\system32\xzipper30.oca
2010-11-18 13:38:32 12288 ----a-w- c:\windows\system32\xunzip30.oca
2010-11-18 13:38:30 267264 ----a-w- c:\windows\system32\xunzip30.ocx
2010-11-18 13:38:27 291328 ----a-w- c:\windows\system32\xzipper30.ocx
2010-11-18 13:38:26 -------- d-----w- c:\windows\system32\FCyberAlert
2010-11-18 12:59:56 388096 ----a-r- c:\docume~1\brandi~1.tim\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-18 12:59:53 -------- d-----w- c:\program files\Trend Micro
2010-11-18 12:10:31 -------- d-----w- c:\docume~1\brandi~1.tim\applic~1\Malwarebytes
2010-11-18 12:10:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-18 12:10:22 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\Malwarebytes
2010-11-18 12:10:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 12:10:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-15 11:42:00 -------- d-----w- c:\docume~1\brandi~1.tim\applic~1\FCTB000062781
2010-11-15 11:40:47 -------- d-----w- c:\program files\Gamers Unite! Snag Bar
2010-11-14 16:25:28 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\NortonInstaller
2010-11-14 07:10:55 6273872 ----a-w- c:\docume~1\alluse~1.win\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2010-11-14 01:52:40 -------- d-----w- c:\program files\Conduit
2010-11-14 01:52:37 -------- d-----w- c:\program files\Zynga
2010-11-13 21:15:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-11-13 21:03:29 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-11-13 21:01:37 -------- d-----w- c:\windows\ie8updates
2010-11-13 20:58:37 -------- dc-h--w- c:\windows\ie8
2010-11-07 19:47:27 -------- d-----w- c:\docume~1\brandi~1.tim\locals~1\applic~1\Real
2010-11-06 16:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

==================== Find3M ====================

2010-11-19 13:36:48 8892928 ----a-w- c:\docume~1\alluse~1.win\applic~1\atscie.msi
2010-11-07 19:46:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-07 19:46:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 22:39:14 2826240 ----a-w- c:\windows\system32\GPhotos.scr
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll

============= FINISH: 8:53:03.42 ===============
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 24th, 2010, 10:27 am

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-24 09:28:02
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 WDC_WD1600AAJS-00PSA0 rev.05.06H05
Running: gmer.exe; Driver: C:\DOCUME~1\BRANDI~1.TIM\LOCALS~1\Temp\pxtdypog.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Real\RealPlayer\update\realsched.exe[3256] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby km2357 » November 24th, 2010, 7:27 pm

It looks like the rest of Attach.txt got cut off. Is there anything beyond Adobe Flash Player 10 Plugin in the ==== Installed Programs ====================== section the Attach.txt log? If there is please post the rest of Attach.txt in your next post/reply.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 25th, 2010, 8:55 am

hmmm not sure why it did that but here is the whole thing.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/13/2008 6:16:42 PM
System Uptime: 11/23/2010 8:40:32 AM (0 hours ago)

Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 120.853 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: TI Technologies Inc.
Description: RADEON X300 SE 128MB HyperMemory Secondary
Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Manufacturer: ATI Technologies Inc.
Name: RADEON X300 SE 128MB HyperMemory Secondary
PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Service: ati2mtag

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Service: E100B

==== System Restore Points ===================

RP953: 8/24/2010 10:03:15 AM - System Checkpoint
RP954: 8/25/2010 11:38:32 AM - System Checkpoint
RP955: 8/26/2010 11:47:59 AM - System Checkpoint
RP956: 8/27/2010 3:26:47 PM - System Checkpoint
RP957: 8/28/2010 5:38:00 PM - System Checkpoint
RP958: 8/29/2010 10:13:28 PM - System Checkpoint
RP959: 8/31/2010 9:51:56 AM - System Checkpoint
RP960: 9/1/2010 10:05:40 AM - System Checkpoint
RP961: 9/2/2010 10:31:34 AM - System Checkpoint
RP962: 9/3/2010 10:46:30 AM - System Checkpoint
RP963: 9/4/2010 1:10:29 PM - System Checkpoint
RP964: 9/5/2010 4:47:28 PM - System Checkpoint
RP965: 9/6/2010 7:37:07 PM - System Checkpoint
RP966: 9/7/2010 8:32:37 PM - System Checkpoint
RP967: 9/8/2010 10:33:54 PM - System Checkpoint
RP968: 9/9/2010 10:46:35 PM - System Checkpoint
RP969: 9/10/2010 11:00:45 PM - System Checkpoint
RP970: 9/12/2010 12:10:33 AM - System Checkpoint
RP971: 9/13/2010 2:11:01 AM - System Checkpoint
RP972: 9/14/2010 3:21:33 AM - System Checkpoint
RP973: 9/15/2010 3:00:31 AM - Software Distribution Service 3.0
RP974: 9/16/2010 11:30:16 AM - System Checkpoint
RP975: 9/17/2010 11:48:48 AM - System Checkpoint
RP976: 9/18/2010 1:00:18 PM - System Checkpoint
RP977: 9/19/2010 6:16:15 PM - System Checkpoint
RP978: 9/22/2010 3:19:57 PM - System Checkpoint
RP979: 9/23/2010 4:27:58 PM - Removed Comcast Desktop Software (v1.2.0.9)
RP980: 9/23/2010 4:28:37 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP981: 9/23/2010 4:29:37 PM - Removed Desktop Doctor
RP982: 10/9/2010 7:50:25 PM - Installed Compact Wireless-G USB Adapter
RP983: 10/9/2010 8:24:14 PM - Removed Cisco Network Magic
RP984: 10/9/2010 8:24:48 PM - Removed Pure Networks Platform
RP985: 10/9/2010 8:25:46 PM - Removed WebEx Support Manager for Internet Explorer
RP986: 10/10/2010 10:13:25 PM - Software Distribution Service 3.0
RP987: 10/13/2010 12:16:16 PM - SetPoint 4.80
RP988: 10/13/2010 10:01:02 PM - Software Distribution Service 3.0
RP989: 10/15/2010 2:35:33 PM - Installed Java(TM) 6 Update 22
RP990: 10/16/2010 7:38:59 PM - System Checkpoint
RP991: 10/18/2010 3:42:27 PM - System Checkpoint
RP992: 10/20/2010 8:34:40 AM - System Checkpoint
RP993: 10/22/2010 9:08:47 PM - Removed WebEx Support Manager for Internet Explorer
RP994: 10/25/2010 1:38:22 PM - System Checkpoint
RP995: 10/26/2010 5:03:01 PM - System Checkpoint
RP996: 10/28/2010 8:51:09 AM - System Checkpoint
RP997: 10/30/2010 12:04:21 PM - System Checkpoint
RP998: 11/1/2010 8:43:58 AM - System Checkpoint
RP999: 11/3/2010 4:02:59 PM - System Checkpoint
RP1000: 11/4/2010 4:38:38 PM - System Checkpoint
RP1001: 11/5/2010 5:58:49 PM - System Checkpoint
RP1002: 11/7/2010 4:17:20 PM - System Checkpoint
RP1003: 11/7/2010 5:18:17 PM - Installed Connect Service
RP1004: 11/10/2010 5:16:12 AM - System Checkpoint
RP1005: 11/10/2010 10:12:19 PM - Software Distribution Service 3.0
RP1006: 11/12/2010 6:08:49 PM - System Checkpoint
RP1007: 11/13/2010 3:49:39 PM - Removed Media Player Utilities 5.15
RP1008: 11/13/2010 3:54:10 PM - Software Distribution Service 3.0
RP1009: 11/13/2010 4:15:09 PM - Software Distribution Service 3.0
RP1010: 11/13/2010 6:57:25 PM - Microsoft Antimalware Checkpoint
RP1011: 11/14/2010 12:08:54 AM - Software Distribution Service 3.0
RP1012: 11/14/2010 2:10:37 AM - Software Distribution Service 3.0
RP1013: 11/14/2010 12:02:52 PM - Software Distribution Service 3.0
RP1014: 11/14/2010 12:27:58 PM - Installed Windows Media Player 11
RP1015: 11/14/2010 12:30:17 PM - Installed Windows XP MSCompPackV1.
RP1016: 11/14/2010 12:33:37 PM - Installed Windows Media Player 11
RP1017: 11/14/2010 12:35:40 PM - Installed Windows XP MSCompPackV1.
RP1018: 11/15/2010 6:26:16 AM - Software Distribution Service 3.0
RP1019: 11/16/2010 12:43:07 PM - System Checkpoint
RP1020: 11/17/2010 9:58:19 AM - Software Distribution Service 3.0
RP1021: 11/18/2010 7:59:52 AM - Installed HiJackThis
RP1022: 11/18/2010 11:49:29 AM - Software Distribution Service 3.0
RP1023: 11/19/2010 8:38:27 AM - Installed Cisco Network Magic
RP1024: 11/19/2010 10:03:54 AM - Installed Dell Resource CD
RP1025: 11/19/2010 10:09:45 AM - Configured ATI Parental Control
RP1026: 11/19/2010 10:11:55 AM - Installed ATIMCEEPC
RP1027: 11/20/2010 8:22:33 AM - Software Distribution Service 3.0
RP1028: 11/21/2010 8:13:54 AM - Removed Dell Resource CD
RP1029: 11/22/2010 6:08:16 AM - Software Distribution Service 3.0
RP1030: 11/23/2010 8:21:04 AM - Software Distribution Service 3.0

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Scrapbook
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI Parental Control
B209a-m
Bonjour
BufferChm
CCleaner
CDDRV_Installer
Cisco Network Magic
Compact Wireless-G USB Adapter
Conexant D850 56K V.9x DFVc Modem
Destinations
DeviceDiscovery
DivX Setup
Easy-WebPrint
erLT
Facebook Plug-In
Gamers Unite! Snag Bar
Google Chrome
GPBaseService2
HiJackThis
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Smart Web Printing 4.60
HP Update
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
Intel(R) PRO Network Connections Drivers
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 22
KhalInstallWrapper
Logitech SetPoint
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
Microsoft XML Parser
Modem Helper
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Network
Network Magic
OpenOffice.org 3.1
Picasa 3
PowerDVD 5.5
PS_AIO_06_B209a-m_SW_Min
Pure Networks Platform
Quick Screen Capture 3.0
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Segoe UI
Serif PhotoPlus 6.0
SigmaTel Audio
SmartWebPrinting
SolutionCenter
Sonic Encoders
Status
Toolbox
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
VC80CRTRedist - 8.0.50727.4053
WebEx Support Manager for Internet Explorer
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Tray Control
Windows Presentation Foundation
Windows XP Service Pack 3
XML Paper Specification Shared Components Pack 1.0
Zynga Toolbar

==== Event Viewer Messages From Past Week ========

11/22/2010 7:07:59 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 001A70A703E1 has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).
11/20/2010 8:10:56 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001A70A703E1. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
11/20/2010 5:32:13 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service helpsvc with arguments "" in order to run the server: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}
11/19/2010 9:56:19 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
11/19/2010 6:42:48 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 001A70A703E1 has been denied by the DHCP server 192.168.33.1 (The DHCP Server sent a DHCPNACK message).
11/19/2010 10:27:07 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
11/17/2010 2:52:46 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
11/17/2010 2:52:46 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
11/17/2010 2:52:46 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
11/16/2010 6:01:29 AM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service HPSLPSVC with arguments "" in order to run the server: {10DA4F3C-CC99-4190-BE4D-58330754E882}
11/16/2010 6:01:29 AM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}

==== End Of File ===========================
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby km2357 » November 25th, 2010, 2:16 pm

programs are hanging and or freezing up all together


What programs are hanging and/or freezing?


Step # 1 Remove old versions of Java

Older Java versions have vulnerabilities and need to be removed.

Go to Start-Settings-Control Panel, click on Add Remove Programs. If any of the following programs are listed there, click on the program to highlight it, and click on remove. Then close the Control Panel.

Java 2 Runtime Environment, SE v1.4.2_03

Reboot your Computer.


Step # 2 Run CCleaner

CCleaner will remove everything from the temp/temporary folders but please note that it will not make back ups!

  • Before first use, select Options > Advanced and UNCHECK Only delete files in Windows Temp folder older than 24 hours
  • Then select the items you wish to clean up.
  • In the Windows Tab:
  • Clean all entries in the Internet Explorer section except Cookies
  • Clean all the entries in the Windows Explorer section
  • Clean all entries in the System section
  • Clean all entries in the Advanced section
  • Clean any others that you choose
  • In the Applications Tab:
  • Clean all except cookies in the Firefox/Mozilla section if you use it
  • Clean all in the Opera section if you use it
  • Clean Sun Java in the Internet Section
  • Clean any others that you choose
  • Click the Run Cleaner button.
  • A pop up box will appear advising this process will permanently delete files from your system.
  • Click OK and it will scan and clean your system.
  • Click exit when done.
  • If it asks you to reboot at the end, click NO



Step # 3 Run Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware.
  • Before running a scan, click the Update tab, next click Check for Updates to download any updates, if available.
  • Next click the Scanner tab and select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • You can also access the log by doing the following:
  • Click on the Malwarebytes' Anti-Malware icon to launch the program.
  • Click on the Logs tab.
  • Click on the log at the bottom of those listed to highlight it.
  • Click Open.


Post the MalwareBytes' Log in your next post/reply
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: please help...computer running slow, hanging on me and f

Unread postby km2357 » November 28th, 2010, 1:46 pm

cbrgrl2010? Do you still need help?
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 30th, 2010, 11:42 am

yes i do. i apologize for not getting back to you yet. ive been in bed sick with the flu. but im up and trying to get back to normal now
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » November 30th, 2010, 12:00 pm

ok the malwareBytes is running now. I run ccleaner as well as advance system care 3 pro on almost a daily basis. The programs that i am currently having problems with are as follows. Every internet browser i use will freeze and stop responding. My mouse and key board will stop responding both are wireless. When i try to open task manager i have to do it several times before it will stay open. my cpu usage will suddenly jump from 3-4% all the way up to 80-100% and then obv the whole computer freezes up.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5214

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/30/2010 11:01:30 AM
mbam-log-2010-11-30 (11-01-30).txt

Scan type: Quick scan
Objects scanned: 140924
Time elapsed: 4 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am

Re: please help...computer running slow, hanging on me and f

Unread postby km2357 » November 30th, 2010, 3:21 pm

Step # 1: Download and Run ComboFix

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

*Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

When finished, it shall produce a log for you. Please post C:\ComboFix.txt in your next reply.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: please help...computer running slow, hanging on me and f

Unread postby cbrgrl2010 » December 3rd, 2010, 3:04 am

ComboFix 10-12-02.04 - Brandie 12/03/2010 1:58.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.607 [GMT -5:00]
Running from: c:\documents and settings\Brandie.TIMBERWO-8EA7D3\My Documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Downloaded Program Files\ODCTOOLS
c:\windows\MailSwitch.ocx
c:\windows\system32\spool\prtprocs\w32x86\CNMPD80.DLL
c:\windows\system32\spool\prtprocs\w32x86\CNMPP80.DLL

.
((((((((((((((((((((((((( Files Created from 2010-11-03 to 2010-12-03 )))))))))))))))))))))))))))))))
.

2010-12-03 04:16 . 2010-12-03 04:16 -------- d-----w- c:\program files\iPod
2010-12-03 04:16 . 2010-12-03 04:17 -------- d-----w- c:\program files\iTunes
2010-12-03 04:12 . 2010-12-03 04:12 -------- d-----w- c:\windows\LastGood
2010-12-03 03:51 . 2010-12-03 03:51 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Zynga
2010-12-02 16:03 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9926453B-9B0E-425F-ADCC-CCA7FF611AC5}\mpengine.dll
2010-12-01 15:12 . 2010-12-01 15:12 -------- d-----w- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Application Data\CyberLink
2010-11-19 15:25 . 2010-11-19 15:25 -------- d-----w- c:\program files\CyberLink
2010-11-19 15:16 . 2010-11-19 15:16 -------- d-----w- c:\documents and settings\BRANDI~1~TIM
2010-11-19 15:15 . 2010-11-19 15:15 -------- d-----w- c:\program files\CONEXANT
2010-11-19 13:38 . 2010-11-19 13:38 -------- d-----w- c:\program files\Pure Networks
2010-11-19 13:36 . 2010-11-19 13:36 -------- d-----w- c:\program files\WebEx
2010-11-19 13:36 . 2009-07-07 19:48 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys
2010-11-19 13:36 . 2009-07-07 19:48 26672 ----a-w- c:\windows\system32\drivers\purendis.sys
2010-11-19 13:36 . 2010-11-19 13:36 -------- d-----w- c:\program files\Common Files\Pure Networks Shared
2010-11-18 13:38 . 2005-08-02 22:35 22016 ----a-w- c:\windows\system32\AResize.oca
2010-11-18 13:38 . 2005-05-01 16:33 13312 ----a-w- c:\windows\system32\xzipper30.oca
2010-11-18 13:38 . 2005-04-30 01:57 12288 ----a-w- c:\windows\system32\xunzip30.oca
2010-11-18 13:38 . 2003-05-07 22:09 147456 ----a-w- c:\windows\system32\AbsoluteHttp.dll
2010-11-18 13:38 . 2000-11-06 18:02 267264 ----a-w- c:\windows\system32\xunzip30.ocx
2010-11-18 13:38 . 2000-12-19 05:11 291328 ----a-w- c:\windows\system32\xzipper30.ocx
2010-11-18 13:38 . 2010-11-30 14:55 -------- d-----w- c:\windows\system32\FCyberAlert
2010-11-18 12:59 . 2010-11-18 12:59 388096 ----a-r- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 12:59 . 2010-11-18 12:59 -------- d-----w- c:\program files\Trend Micro
2010-11-18 12:10 . 2010-11-18 12:10 -------- d-----w- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Application Data\Malwarebytes
2010-11-18 12:10 . 2010-11-29 22:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-18 12:10 . 2010-11-18 12:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-11-18 12:10 . 2010-12-01 00:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-18 12:10 . 2010-11-29 22:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 11:42 . 2010-11-15 11:42 -------- d-----w- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Application Data\FCTB000062781
2010-11-15 11:40 . 2010-11-15 11:41 -------- d-----w- c:\program files\Gamers Unite! Snag Bar
2010-11-14 16:25 . 2010-11-14 16:25 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller
2010-11-14 07:10 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-11-14 01:52 . 2010-11-14 01:52 -------- d-----w- c:\program files\Conduit
2010-11-14 01:52 . 2010-11-14 16:50 -------- d-----w- c:\program files\Zynga
2010-11-13 21:15 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-11-13 21:03 . 2010-11-13 21:03 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-11-13 20:58 . 2010-11-13 20:59 -------- dc-h--w- c:\windows\ie8
2010-11-08 02:43 . 2010-11-08 02:43 -------- d-----w- c:\program files\Microsoft Silverlight
2010-11-07 19:47 . 2010-11-07 19:47 -------- d-----w- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Real
2010-11-06 16:37 . 2010-11-06 16:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-19 13:36 . 2010-09-23 20:15 8892928 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\atscie.msi
2010-11-07 19:46 . 2008-04-14 18:32 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-07 19:46 . 2003-02-21 11:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-09 23:50 . 2010-10-09 23:50 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-09-18 16:23 . 2004-08-10 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-10 11:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-10 11:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-10 11:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50 . 2010-04-20 14:49 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29 . 2008-07-02 18:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:58 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-10 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-10 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 22:39 . 2010-09-09 22:39 2826240 ----a-w- c:\windows\system32\GPhotos.scr
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-06-14 2734688]
"{b843a48a-b70f-45cd-a15a-6c2b30c2c11e}"= "c:\program files\Gamers Unite! Snag Bar\Helper.dll" [2010-11-15 356864]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CLASSES_ROOT\clsid\{b843a48a-b70f-45cd-a15a-6c2b30c2c11e}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{E2A57EE8-6A26-499F-95F8-A96E5C3BE17E}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26A7CA19-7D58-411D-B2DA-F1B0324CBFFC}]
2010-11-15 11:41 1531904 ----a-w- c:\program files\Gamers Unite! Snag Bar\Toolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2010-06-14 00:10 2734688 ----a-w- c:\program files\Zynga\tbZyng.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-06-14 2734688]
"{25515A79-C1C7-4B97-97F8-31A711694487}"= "c:\program files\Gamers Unite! Snag Bar\Toolbar.dll" [2010-11-15 1531904]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CLASSES_ROOT\clsid\{25515a79-c1c7-4b97-97f8-31a711694487}]
[HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{017D1380-106D-43D5-97DC-81E8A527FD73}]
[HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-06-14 2734688]
"{25515A79-C1C7-4B97-97F8-31A711694487}"= "c:\program files\Gamers Unite! Snag Bar\Toolbar.dll" [2010-11-15 1531904]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CLASSES_ROOT\clsid\{25515a79-c1c7-4b97-97f8-31a711694487}]
[HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{017D1380-106D-43D5-97DC-81E8A527FD73}]
[HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-08-02 136176]
"FCACheck"="c:\windows\system32\FCyberAlert\FCACheck.exe" [2009-02-01 28672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-02-10 344064]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"FamilyCyberAlert"="c:\windows\system32\FCyberAlert\syslogin.exe" [2009-08-28 1683456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-11-07 274608]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]

c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2008-11-7 517384]

c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-10-13 813584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 16:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 08:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 16:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 17:08 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 15:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Gamers Unite! Snag Bar\\TroubleShooter.exe"=
"c:\\Program Files\\Gamers Unite! Snag Bar\\ToolbarUpdate.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [10/13/2010 11:19 AM 10384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [11/23/2009 10:05 AM 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [11/23/2009 10:06 AM 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [11/23/2009 10:06 AM 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [11/23/2009 10:06 AM 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [11/23/2009 10:07 AM 25704]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - GTNDIS5
*NewlyCreated* - IPOD_SERVICE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2010-12-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]

2010-12-01 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-11-20 19:24]

2010-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1123561945-839522115-1003Core.job
- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 19:16]

2010-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1123561945-839522115-1003UA.job
- c:\documents and settings\Brandie.TIMBERWO-8EA7D3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-02 19:16]

2010-12-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-26 02:40]

2010-12-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-1123561945-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 23:32]

2010-11-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-1123561945-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 23:32]

2010-12-03 c:\windows\Tasks\User_Feed_Synchronization-{268E12DD-7B12-415B-9A72-36AFD583A0AA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 09:31]

2010-12-03 c:\windows\Tasks\User_Feed_Synchronization-{B8012886-5200-46D1-8C09-B568A4861209}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\IObit\Advanced SystemCare 3\SPICtrl.dll
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/ ... 1609083406
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
AddRemove-Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-03 02:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(656)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Completion time: 2010-12-03 02:04:52
ComboFix-quarantined-files.txt 2010-12-03 07:04

Pre-Run: 129,147,068,416 bytes free
Post-Run: 129,219,489,792 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 6C924D60C51DD0DC0439FAF891E0E858
cbrgrl2010
Active Member
 
Posts: 10
Joined: November 18th, 2010, 8:48 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware