Jump to content

YoungGun

Members
  • Content Count

    99
  • Joined

  • Last visited

About YoungGun

  • Rank
    Member
  • Birthday 05/20/1985

Contact Methods

  • Website URL
    http://
  • Yahoo
    young_gun821

Profile Information

  • Location
    USA, CA

Previous Fields

  • Teams:
    Nothing Selected
  1. hey, you still be here??

  2. I met this guy here. HE BUILT me a computer and sent it to me! (February 2008) He made some business here! I wish I could have have kept in touch with him, but haven't seen him on. Thanks el kido for helping me get my own first real desktop! Which later inspired me to build my own. I still have it, well kinda lol... Upgraded everything but power supply, case and cpu cooler. All still working after all these years!
  3. I got this: http://www.newegg.com/Product/Product.aspx?Item=N82E16812232002 And now Windows is telling me I need to format that hard drive before I can use it. I don't want to. I want my data thats on there.. Why is it telling me I need to format it? Can't I just view it contents? I there a way to use it again with out having to format it? I don't wanna lose all I have on there.. As you can see below, Disk 1 is the problem disk for me. Solved
  4. I can't even get into safe mode with this second HD attached.. Is there a way to hook it up after booted into Windows?
  5. So I get home today turn on my pc and notice it got stuck at "Starting Windows".. I pull out my phone, search the web and seen something about unplugging your second harddrive. Did that and windows booted fine. I plug it back in and same thing. Whats this mean? Bad hard drive? All my photos and docs are on that second hard drive.. did I just lose them all?? One thing I noticed is when I try to copy a few files from that older hard drive, past week or so, I get this "0x8007045D Request could not be performed because of I/O device error" But why would Windows get suck when booting has nothing to do with that second hard drive??
  6. My headset with mic is getting some kind of echo effect with it all of the sudden. The strange thing is that it was working fine before, haven't used if for awhile and now anyone i talk to over it just hear the echo of themselves. I have it so my PC speakers are plunged into my sound card and my headset is plunged into my RealTech on-board sound. So echo from my pc speakers were never a problem. I have tried to setup but all I hear is the echo play over and over when I do and looks something like this: Any ideas?
  7. Why didn't my AV stop this?? Always have it running, and also had SpyBot -SD resident going. Does that mean my AV is no good? It picked it up but it was already infection my system.. Why??
  8. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Friday, July 10, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Friday, July 10, 2009 07:11:35 Records in database: 2454193 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ Scan statistics: Files scanned: 227077 Threat name: 3 Infected objects: 121 Suspicious objects: 0 Duration of the scan: 02:34:49 File name / Threat name / Threats count C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0191933.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0191935.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0191979.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0192001.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0192029.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0192033.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\Documents and Settings\Jaime\.housecall6.6\Quarantine\A0192612.exe.bac_a02148 Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191906.EXE Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191907.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191908.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191909.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191910.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191911.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191912.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191913.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191914.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191915.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191916.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191917.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191918.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191919.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191920.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191921.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191922.EXE Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191929.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191930.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191931.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191932.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191934.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191936.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191938.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191939.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191940.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191941.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191942.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191943.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191944.EXE Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191945.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191946.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191947.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191948.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191949.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191950.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191951.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191952.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191953.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191956.EXE Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191957.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191958.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191959.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191960.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191961.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191962.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191963.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191964.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191965.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191966.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191967.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191968.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191969.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191970.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191971.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191972.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191973.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191974.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191975.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191976.scr Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191977.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191978.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191982.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191983.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191988.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191989.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191991.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191992.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191993.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191994.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191995.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191996.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191997.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0191998.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192000.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192002.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192003.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192004.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192005.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192006.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192007.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192014.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192018.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192019.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192020.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192030.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192031.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192032.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192034.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192035.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192036.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192038.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192591.exe Infected: Virus.Win32.Virut.ce 1 C:\System Volume Information\_restore{771256BD-DD2A-43D0-9246-593756501A9A}\RP247\A0192592.exe Infected: Virus.Win32.Virut.ce 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\about_support.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\Favorites.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\ftshelp.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\History.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\Index.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\isupport.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\keywordhelp.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\options.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\searchblurb.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\searchtips.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\blurbs\tools.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\badurl.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\connection.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\indexfirstlevel.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\notfound.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\offline.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\redirect.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\errors\unreachable.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm Infected: Trojan-Clicker.HTML.IFrame.ait 1 C:\WINDOWS\system32\drivers\etc\HOSTS Infected: Trojan.Win32.Qhost.lsc 1 The selected area was scanned.
  9. I believe so.. I did a full scan with Malwarebytes' Anti-Malware and it found nothing.. I do a boot up scan of my whole system with my AV and it doesn't find it. Like it doesn't even scan the system restore areas.. Would be ok if I deleted my system restores? I mean, turn it off and then back on.
  10. Virus infection after not being smart and downloaded the wrong file lets just say. Having trouble removing it all: -------------------------------------------------------------- HighJackThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:20:10 PM, on 7/7/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe C:\Program Files\Portrait Displays\Pivot Software\floater.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sBDrvDet] "C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files\EVGA Precision\EVGAPrecision.exe" /s O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" O4 - HKLM\..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1340C00E-B1FF-4117-B993-E58FF774A605} (CLaunchRBO10 Object) - http://www.playrealbaseball.com/include/la...BO_v1.1.0.0.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://play.battlefield-heroes.com/static/...er_4.0.14.0.cab O16 - DPF: {C4577C19-00D1-4756-B4EF-01634E5064E0} (CLaunchRBO10 Object) - http://www.ultimatebaseballonline.com/include/launchRBO.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 8084 bytes
  11. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:27:46 PM, on 6/8/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\oodtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Documents and Settings\Jaime\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sBDrvDet] "C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files\EVGA Precision\EVGAPrecision.exe" /s O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jaime\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1340C00E-B1FF-4117-B993-E58FF774A605} (CLaunchRBO10 Object) - http://www.playrealbaseball.com/include/la...BO_v1.1.0.0.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://play.battlefield-heroes.com/static/...er_4.0.14.0.cab O16 - DPF: {C4577C19-00D1-4756-B4EF-01634E5064E0} (CLaunchRBO10 Object) - http://www.ultimatebaseballonline.com/include/launchRBO.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 7228 bytes
  12. Everything seems ok.. but I do keep having these processes running even though i end task them, and turn the service off in 'msconfig' realsched.exe googleupdate.exe I even uninstalled Google Updater the other day and still shows up as running.
  13. It didn't fine anything bad. So far i am noticing a bit better boot up times. Especially after using O&O defrag. I think my Firefox is causing the stuttering. Right now its using almost 200k of mem. usage. That normal? I tried reinstalling it but didn't seem to fix the stuttering I am noticing when I run it.
  14. ComboFix 09-05-30.03 - Jaime 05/30/2009 16:27.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1589 [GMT -7:00] Running from: c:\documents and settings\Jaime\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Jaime\Desktop\CFScript.txt AV: avast! antivirus 4.8.1335 [VPS 090530-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CPUZ130 -------\Legacy_RBEEP -------\Service_cpuz130 -------\Service_rbeep ((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-30 ))))))))))))))))))))))))))))))) . 2009-05-29 20:05 . 2007-07-27 12:00 10096640 -c--a-w c:\windows\system32\dllcache\hwxcht.dll 2009-05-28 23:31 . 2009-05-29 01:46 -------- d-----w c:\windows\system32\oodag 2009-05-28 23:25 . 2009-05-28 23:25 -------- d-----w c:\documents and settings\Jaime\Local Settings\Application Data\O&O 2009-05-28 23:24 . 2009-05-28 23:24 -------- d-----w c:\program files\OO Software 2009-05-28 22:52 . 2009-05-28 22:53 -------- d-----w C:\rsit 2009-05-27 10:38 . 2008-03-18 00:39 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys 2009-05-27 00:47 . 2009-05-27 00:47 -------- d-----w c:\program files\Trend Micro 2009-05-17 08:46 . 2009-05-17 08:46 -------- d-----w c:\documents and settings\Jaime\Local Settings\Application Data\wanted_demo 2009-05-17 08:46 . 2009-05-17 08:46 -------- d-----w c:\documents and settings\All Users\Application Data\wanted_demo 2009-05-17 08:45 . 2009-05-17 08:45 -------- d-----w c:\windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP 2009-05-17 08:43 . 2009-05-17 08:43 -------- d-----w c:\program files\WarnerBros 2009-05-16 01:36 . 2009-05-16 01:36 290816 ----a-w c:\documents and settings\Jaime\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll 2009-05-16 01:36 . 2009-05-16 01:36 290816 ----a-w c:\documents and settings\Jaime\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll 2009-05-16 01:36 . 2009-05-16 01:36 290816 ----a-w c:\documents and settings\Jaime\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll 2009-05-16 01:36 . 2009-05-16 01:36 290816 ----a-w c:\documents and settings\Jaime\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll 2009-05-14 01:33 . 2009-05-14 01:33 -------- d-----w c:\program files\Vogster Entertainment 2009-05-08 00:58 . 2008-09-03 17:56 151552 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll 2009-05-08 00:58 . 2007-10-26 07:12 55296 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\FFMpegBridge.dll 2009-05-08 00:58 . 2007-09-06 07:18 798720 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\ImageMagicResize.dll 2009-05-08 00:58 . 2007-01-30 07:59 7165440 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avcodec-51.dll 2009-05-08 00:58 . 2007-01-30 07:59 490496 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avformat-51.dll 2009-05-08 00:58 . 2007-01-30 07:59 142848 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\swscale-0.dll 2009-05-08 00:58 . 2007-01-30 07:59 19968 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avutil-49.dll 2009-05-08 00:58 . 2006-12-17 02:24 53248 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\2kPrerequisite.dll 2009-05-08 00:58 . 2006-11-15 02:00 258048 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\SDL.dll 2009-05-08 00:58 . 2003-02-21 10:42 348160 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\msvcr71.dll 2009-05-08 00:49 . 2009-05-08 00:49 -------- d-----w c:\program files\AGEIA Technologies 2009-05-08 00:49 . 2009-05-08 00:49 -------- d-----w c:\windows\system32\AGEIA 2009-05-08 00:49 . 2009-05-01 05:02 457248 ----a-w c:\windows\system32\nvudisp.exe 2009-05-08 00:49 . 2009-04-27 07:42 457248 ----a-w c:\windows\system32\NVUNINST.EXE 2009-05-08 00:48 . 2009-05-08 00:48 -------- d-----w C:\NVIDIA 2009-05-07 05:10 . 2008-06-15 06:06 794624 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07103010.dll 2009-05-01 07:31 . 2009-05-01 07:31 1657376 ----a-w c:\windows\system32\nwiz.exe 2009-05-01 07:31 . 2009-05-01 07:31 449056 ----a-w c:\windows\system32\nvappbar.exe 2009-05-01 07:31 . 2009-05-01 07:31 436768 ----a-w c:\windows\system32\keystone.exe 2009-05-01 07:31 . 2009-05-01 07:31 466944 ----a-w c:\windows\system32\nvshell.dll 2009-05-01 07:31 . 2009-05-01 07:31 1724416 ----a-w c:\windows\system32\nvwdmcpl.dll 2009-05-01 07:31 . 2009-05-01 07:31 1507328 ----a-w c:\windows\system32\nview.dll 2009-05-01 07:31 . 2009-05-01 07:31 1101824 ----a-w c:\windows\system32\nvwimg.dll 2009-05-01 05:02 . 2009-05-01 05:02 9994240 ----a-w c:\windows\system32\nvoglnt.dll 2009-05-01 05:02 . 2009-05-01 05:02 806912 ----a-w c:\windows\system32\nvapi.dll 2009-05-01 05:02 . 2009-05-01 05:02 8055584 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys 2009-05-01 05:02 . 2009-05-01 05:02 8055584 ----a-w c:\windows\system32\drivers\nv4_mini.sys 2009-05-01 05:02 . 2009-05-01 05:02 663552 ----a-w c:\windows\system32\nvcuvid.dll 2009-05-01 05:02 . 2009-05-01 05:02 5896320 -c--a-w c:\windows\system32\dllcache\nv4_disp.dll 2009-05-01 05:02 . 2009-05-01 05:02 5896320 ----a-w c:\windows\system32\nv4_disp.dll 2009-05-01 05:02 . 2009-05-01 05:02 1720320 ----a-w c:\windows\system32\nvcuda.dll 2009-05-01 05:02 . 2009-05-01 05:02 143360 ----a-w c:\windows\system32\nvcodins.dll 2009-05-01 05:02 . 2009-05-01 05:02 143360 ----a-w c:\windows\system32\nvcod.dll 2009-05-01 05:02 . 2009-05-01 05:02 1314816 ----a-w c:\windows\system32\nvcuvenc.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-30 23:33 . 2008-12-01 23:33 -------- d-----w c:\program files\EVGA Precision 2009-05-30 23:23 . 2008-12-10 22:51 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-05-30 09:17 . 2008-12-04 21:47 3373952 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-30 00:21 . 2009-03-28 22:10 95744 ----a-w c:\documents and settings\All Users\Application Data\SpeedBit\DAP\Updates\Condition.dll 2009-05-27 03:55 . 2008-02-22 07:18 -------- d-----w c:\program files\Google 2009-05-25 02:54 . 2009-03-08 21:59 -------- d-----w c:\program files\Common Files\Nero 2009-05-25 02:54 . 2009-03-08 21:59 -------- d-----w c:\documents and settings\All Users\Application Data\Nero 2009-05-23 02:14 . 2008-02-12 18:52 -------- d--h--w c:\program files\InstallShield Installation Information 2009-05-22 09:39 . 2009-01-10 01:48 -------- d-----w c:\documents and settings\Jaime\Application Data\BitTorrent 2009-05-22 06:17 . 2008-02-16 09:10 -------- d-----w c:\documents and settings\Jaime\Application Data\SecondLife 2009-05-20 19:49 . 2008-03-03 01:21 -------- d-----w c:\program files\WarRock 2009-05-18 19:49 . 2009-01-10 01:48 -------- d-----w c:\documents and settings\Jaime\Application Data\DNA 2009-05-18 19:43 . 2009-01-10 01:48 -------- d-----w c:\program files\DNA 2009-05-17 08:45 . 2008-10-24 21:43 -------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-05-17 04:16 . 2008-03-02 05:12 -------- d-----w c:\documents and settings\Jaime\Application Data\dvdcss 2009-05-16 05:32 . 2008-04-10 20:26 -------- d-----w c:\program files\Ubisoft 2009-05-16 01:38 . 2008-02-17 00:22 -------- d-----w c:\program files\SystemRequirementsLab 2009-05-16 01:36 . 2008-02-16 22:04 -------- d-----w c:\documents and settings\Jaime\Application Data\SystemRequirementsLab 2009-05-13 04:10 . 2008-02-22 22:39 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-05-01 05:02 . 2009-04-11 03:32 1579630 ----a-w c:\windows\system32\nvdata.bin 2009-04-30 00:36 . 2009-04-30 00:36 -------- d-----w c:\program files\GIF Movie Gear 2009-04-29 22:17 . 2009-04-11 08:18 -------- d-----w c:\documents and settings\Jaime\Application Data\gtk-2.0 2009-04-24 05:55 . 2009-04-08 03:47 -------- d-----w c:\program files\Bandoo 2009-04-22 07:20 . 2009-04-22 07:20 14311680 ----a-w c:\windows\system32\xlive.dll 2009-04-22 07:20 . 2009-04-22 07:20 13642496 ----a-w c:\windows\system32\xlivefnt.dll 2009-04-17 23:58 . 2009-04-24 05:38 954368 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-04-17 23:58 . 2009-04-24 05:38 344064 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-04-17 23:58 . 2009-04-24 05:38 103424 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-04-17 23:58 . 2009-04-24 05:38 1161626 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\avcodec-51.dll 2009-04-17 23:58 . 2009-04-24 05:38 71652 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\avutil-49.dll 2009-04-17 23:58 . 2009-04-24 05:38 65536 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\components\coolirisstub.dll 2009-04-17 23:58 . 2009-04-24 05:38 4579328 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\cooliris18.dll 2009-04-17 23:58 . 2009-04-24 05:38 4534272 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\cooliris19.dll 2009-04-17 23:58 . 2009-04-24 05:38 131868 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\libs\avformat-52.dll 2009-04-11 08:16 . 2009-04-11 08:16 -------- d-----w c:\program files\GIMP-2.0 2009-04-10 22:41 . 2008-02-17 06:54 -------- d-----w c:\program files\Eidos 2009-04-08 08:41 . 2009-04-08 08:41 1316096 ----a-w c:\windows\system32\ooscrsav.scr 2009-04-08 08:41 . 2009-04-08 08:41 730368 ----a-w c:\windows\system32\oodsvct.exe 2009-04-08 08:40 . 2009-04-08 08:40 1377536 ----a-w c:\windows\system32\oodag.exe 2009-04-08 08:39 . 2009-04-08 08:39 2553088 ----a-w c:\windows\system32\oodtray.exe 2009-04-08 08:39 . 2009-04-08 08:39 194816 ----a-w c:\windows\system32\oodbs.exe 2009-04-08 08:35 . 2009-04-08 08:35 951552 ----a-w c:\windows\system32\oodtrrs.dll 2009-04-08 08:35 . 2009-04-08 08:35 541952 ----a-w c:\windows\system32\oodssrs.dll 2009-04-08 08:34 . 2009-04-08 08:34 9984 ----a-w c:\windows\system32\oodbsrs.dll 2009-04-08 08:34 . 2009-04-08 08:34 8448 ----a-w c:\windows\system32\OODAGRS.DLL 2009-04-08 08:34 . 2009-04-08 08:34 15616 ----a-w c:\windows\system32\OODAGMG.DLL 2009-04-08 01:21 . 2009-03-28 22:11 83456 ----a-w c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll 2009-04-07 22:00 . 2009-04-07 22:00 37896 ----a-w c:\windows\system32\drivers\oobctm.sys 2009-04-07 21:59 . 2009-04-07 21:59 15104 ----a-w c:\windows\system32\ootmapi.dll 2009-04-04 20:07 . 2009-03-22 01:42 107888 ----a-w c:\windows\system32\CmdLineExt.dll 2009-04-04 01:44 . 2008-10-13 01:58 1984 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-03 19:39 . 2009-04-03 19:39 70936 ----a-w c:\windows\system32\PhysXLoader.dll 2009-04-03 06:31 . 2008-02-17 00:23 -------- d-----w c:\program files\DivX 2009-04-03 06:31 . 2009-04-03 06:30 -------- d-----w c:\program files\Common Files\DivX Shared 2009-04-01 10:19 . 2009-03-21 00:54 -------- d-----w c:\program files\Guild Wars 2009-04-01 01:45 . 2009-04-01 01:45 -------- d-----w c:\program files\Common Files\xing shared 2009-04-01 01:45 . 2008-02-17 06:42 -------- d-----w c:\program files\Common Files\Real 2009-04-01 01:44 . 2006-07-12 02:35 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-03-31 07:06 . 2009-03-31 07:06 390664 ----a-w c:\documents and settings\Jaime\Application Data\Real\RealPlayer\Update\RealPlayer11.exe 2009-03-31 02:16 . 2009-03-09 05:16 2906215 ----a-w c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-03-28 22:11 . 2009-03-28 22:11 3530776 ----a-w c:\documents and settings\All Users\Application Data\SpeedBit\DAP\Offers\VA23_DAPSO.exe 2009-03-28 22:08 . 2009-03-28 22:08 50688 ----a-w c:\windows\system32\wbhelp2.dll 2009-03-26 23:49 . 2008-12-31 04:04 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-26 23:49 . 2008-12-31 04:04 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-03-25 01:03 . 2009-03-30 01:53 1160568 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe 2009-03-25 01:03 . 2009-03-30 01:53 729088 ----a-w c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll 2009-03-13 09:22 . 2009-03-14 09:55 170734 ----a-w c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1033.dat 2009-03-06 14:22 . 2007-07-27 12:00 284160 ----a-w c:\windows\system32\pdh.dll 2004-07-22 18:51 . 2004-07-22 18:51 3432656 -c--a-w c:\program files\ManagedDX.CAB 2004-07-20 06:58 . 2004-07-20 06:58 1156363 -c--a-w c:\program files\BDANT.cab 2004-07-20 06:53 . 2004-07-20 06:53 976020 -c--a-w c:\program files\BDAXP.cab 2004-07-09 22:17 . 2004-07-09 22:17 13265040 -c--a-w c:\program files\dxnt.cab 2004-07-09 17:13 . 2004-07-09 17:13 15493481 -c--a-w c:\program files\DirectX.cab 2004-07-09 17:13 . 2004-07-09 17:13 703080 -c--a-w c:\program files\BDA.cab 2004-07-09 12:08 . 2004-07-09 12:08 472576 -c--a-w c:\program files\dxsetup.exe 2004-07-09 12:08 . 2004-07-09 12:08 2242560 -c--a-w c:\program files\dsetup32.dll 2004-07-09 11:03 . 2004-07-09 11:03 62976 -c--a-w c:\program files\DSETUP.dll 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll 2006-05-03 10:06 . 2009-01-11 07:16 163328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 11:47 . 2009-01-11 07:16 31232 --sh--r c:\windows\system32\msfDX.dll 2008-03-16 13:30 . 2009-01-11 07:16 216064 --sh--r c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot@2009-05-30_00.49.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-05-30 19:38 . 2009-05-30 19:38 16384 c:\windows\Temp\Perflib_Perfdata_7a0.dat + 2009-05-30 23:32 . 2009-05-30 23:32 16384 c:\windows\Temp\Perflib_Perfdata_740.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-05 81920] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-04 45056] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "EVGAPrecision"="c:\program files\EVGA Precision\EVGAPrecision.exe" [2009-04-28 298000] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-01 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-01 13750272] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-01 198160] "DT ACR"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2008-06-06 81920] "OODefragTray"="c:\windows\system32\oodtray.exe" [2009-04-08 2553088] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LightScribeService"=2 (0x2) "FLEXnet Licensing Service"=3 (0x3) "odserv"=3 (0x3) "ose"=3 (0x3) "WMPNetworkSvc"=3 (0x3) "nTuneService"=2 (0x2) "PnkBstrA"=2 (0x2) "IDriverT"=3 (0x3) "gusvc"=2 (0x2) "GameConsoleService"=3 (0x3) "Capture Device Service"=2 (0x2) "ADVService"=3 (0x3) "aawservice"=2 (0x2) "RichVideo"=2 (0x2) "gupdate1c98b46ad30ed6a"=2 (0x2) "Nero BackItUp Scheduler 3"=2 (0x2) "UpdateCenterService"=2 (0x2) "WSearch"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\EA Sports\\Madden NFL 08\\Updater.exe"= "c:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"= "c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\Codemasters\\GRID\\GRID.exe"= "c:\\Program Files\\Activision\\Quantum of Solace\\JB_LiveEngine_s.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "c:\\Program Files\\WarnerBros\\Wanted Demo\\Wanted.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3/31/2008 8:40 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/31/2008 8:40 PM 20560] R2 dvdmmg;dvdmmg;c:\windows\system32\drivers\dvdmmg.sys [9/6/2007 3:15 AM 5504] R2 nxsIO32;NextSensor Kernel I/O Driver;c:\windows\system32\drivers\nxsIO32.sys [2/2/2009 2:46 PM 2208] R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2/28/2009 9:18 PM 90112] R3 RTCore32;RTCore32;c:\program files\EVGA Precision\RTCore32.sys [5/25/2005 11:39 AM 4608] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/6/2007 1:22 PM 34064] S4 gupdate1c98b46ad30ed6a;Google Update Service (gupdate1c98b46ad30ed6a);c:\program files\Google\Update\GoogleUpdate.exe [2/9/2009 11:13 PM 133104] --- Other Services/Drivers In Memory --- *NewlyCreated* - RTCORE32 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2009-05-30 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-20 06:12] 2009-05-30 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 06:13] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = iexplore IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: aol.com\free DPF: {1340C00E-B1FF-4117-B993-E58FF774A605} - hxxp://www.playrealbaseball.com/include/launchRBO_v1.1.0.0.cab DPF: {77538FC7-CE52-4704-9865-494FE92BC320} - hxxp://www.ultimatebaseballonline.com/myubo/launchubo.OCX DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.14.0.cab DPF: {C4577C19-00D1-4756-B4EF-01634E5064E0} - hxxp://www.ultimatebaseballonline.com/include/launchRBO.cab FF - ProfilePath - c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/ FF - component: c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll FF - component: c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll FF - component: c:\program files\PayPal\PayPal Plug-In\components\PayPalPlugin.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\documents and settings\Jaime\Application Data\Mozilla\Firefox\Profiles\p0rzo9sq.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-30 16:33 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-796845957-725345543-234909717-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:a8,75,eb,4f,1e,4c,3f,ce,96,5f,3c,1f,d5,7e,af,05,d0,d1,bc,5e,4d,10,50, 35,97,52,cb,ac,0b,a4,fe,ea,8a,6e,b7,4c,c0,71,7d,c3,06,0d,28,4d,5d,39,52,4a,\ "??"=hex:e2,cb,b3,c7,17,af,bc,cb,e9,d9,9b,53,23,f9,13,a4 [HKEY_USERS\S-1-5-21-796845957-725345543-234909717-1003\Software\SecuROM\License information*] "datasecu"=hex:65,ba,13,6a,8a,15,73,a1,a3,62,f3,a6,bd,9b,d3,f4,f5,41,95,82,b7, ae,ac,97,f1,7c,44,33,bb,58,a8,5c,4c,4d,8f,47,22,6b,d4,e6,78,06,a6,11,9e,db,\ "rkeysecu"=hex:5d,7c,7f,06,b2,19,11,4f,13,7d,87,43,75,df,0e,ea [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,c5,4b,a8,da,1d, cd,bf,68,2e,e8,e1,00,eb,16,2b,de,dd,ab,fc,f1,c5,bc,f4,a9,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,0d,3d,8d,02,79, 9f,50,5a,46,47,15,b0,92,4b,c7,ef,83,b8,c0,3f,e2,a4,85,7a,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,5b,85,73,2d,65, 4b,47,0f,7a,45,05,fd,91,e8,6f,31,77,b4,a6,33,b8,74,5f,6d,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,2c,ed,38,5e,89, 7e,e7,d9,6b,65,49,6a,7e,99,74,f7,aa,d5,01,3c,20,e2,48,94,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,58,8a,d0,34,98, 4b,6a,1e,e9,02,6c,fa,fb,1d,47,57,14,0e,33,15,a0,90,6d,d6,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,a2,a9,10,43,01, 35,7a,da,50,93,e5,ab,ec,6a,4e,ab,77,bc,49,54,38,ef,0c,ad,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,af,e4,d1,55,44, bd,c4,17,97,20,4e,9a,c7,f1,35,ee,30,6e,d3,1f,1d,7c,23,00,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,bf,5f,ce,28,b8, c8,4f,52,aa,52,c6,00,84,3c,26,64,40,a2,94,94,2d,01,8c,a1,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,c7,3d,88,07,bd, a2,a6,39,b2,46,9a,e2,1b,fe,1b,94,6f,34,a4,f0,bc,61,1b,6f,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,b6,9f,6f,96,3b, 4c,f8,0e,37,a4,aa,c3,a6,15,56,0a,f9,8c,e6,37,24,55,c2,1f,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,92,69,44,68,73, bb,94,94,f8,31,0f,a9,5f,a0,ec,fb,e2,fb,34,52,74,dc,b3,2b,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,61,7d,28,3a,c1, e7,5c,43,05,73,21,dd,54,d8,4a,c5,62,aa,c7,c8,f8,6e,ec,f9,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OOCC06.00.00.01WSSV"="572B09F98A5920D65A34AD55E88876DD7F12BA9E18B58CCE7EF0218BDF6E9AD1E492EF8A1F7D77C7E54EB7146F990300C07081C5C864A939B0DED7CDC13F71F6ED14D828D36693AB4465612DBAE6B3A2339BBF69DDDA17CD1F5FFC4EC97975D416EA30AE39FED87E2219690636518B60A93AA41D3B8A9463663DCFEE7447C99DE128E56A8742E9720CE0907B70CACE065D4661E9687FAB8586189583E2E5D6B9B92EEF1E174630EAF3839DD99C5A8916E60D2D4912D3A5FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407FEBC9E127BECC74CA2D97226D213B55569FB529759E40963DDFCB4CB0ACA55D8F4BAC17264C18D391786E9811FD9756AF1A84AC288264D2E35467F4824EBD3A28C4C547496DD92CAFCF8B28DE3E20233826CF4E97972791F0A4AF5208A816B44346C0051BF767C9AE6A4807D313CE0BDB69193ED33D68B58177FDD24F18DAFA061592F6A61A9946D29AF80E1F43E2E4E5F473B2DB08017BD483B502602394ADE3E33A0A26E38364AC923B84E90DF9DED801ED410E0C3C47C3FB8BB7CD551776AAAFC68E1D185D47C84EB80DC5A41F268D38D1C7E2697CD01D29862017F4385F138A06C93E79C75974A5B03A99B228B5245F0A366D89503FC8BDD591581A55BE82D6A67A682A9AF6C3D28405413EAD4FC74844E3A437D47E7A66F8918D32F7007040A6890657DB21435E90C8273234F05B7EC556F253211FB1699337363BA4F47EC1451C6C98CBFEA3E9F8E5C627A134416AEC5FEB03AEC367F8AE5908F4A1A674801D947DC702A111729C38F78C2CADECC3601678CC079D9BCD6085D2C00056CAE2E8C90C065DCEAB3CDF9CBC5F0B238CC503BA95494E9EB5BF554CD8125D79C695AC8A509CCD421BBB55646CA1F9EF8B92FFDCB972906B71B4257584C24ED03762ABF0F40ACA31E8A6E50B67F8B7510EBEAA4D7D814A7CBF3FAF2763B0E3A6E09277AD7E12B6D14AF68B3DACB972F2E717CDF5A8F92C0780F455DA774963E7388BD51905F176DF4EEFA20720EC9DB47084336E42501D15547A620EF0E1593680E3C74CB9D61EEFA3EDE09C298CB1D162880FE8F7AE3733BB18C99D21406E6E768D9E622F61ED3224B32B715B26CA916765BE87062E051C892C37BDE0789F6D01BADFE2FB60712A87574C5B4949BCA0A525EF1A8A2C4AA62E1024B9FDBE299C8DB33E6919EF7B1144F8BA473EC70DFF6CAF6F0D677FB512BCEDDE128797936B3154C1E6D6373D12C20C197A45EA5DBA424F90D23909B2E0EBA51ED10BB5BC9BF653D78EB2F1D227EE3C335227E1743A0589A45B50E59BB3A3B3E717273B5E3D89FAD99B59E3E68D8CAA4EAC7D648B0BD13F4E7BB0A1189A119E6426C64DE29B54A297FFD41C27E51B7" "OODEFRAG11.00.00.01WORKSTATION"="9156459515337F68C4FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407FEBC9E127BECC74C5D575E7D6A3B98081D85459B154581C3349F429AC58DDDA7CF63EBA56560E9201298D43864C504AE1F5937B19667B4A635B4EA543A8357B41FEE43D14BEF916FEB4D25EAA7AA9E867C697E1F83FEE4F1E1A0016BAEB6603B0911B694295A5855341EE10B86086C804D8FACD5A2516843FD392712A8B4726D1C359F8363957B326933B9AE625A8FCE9C4DE38AF40569BDC07418BF64EC5CFDDEECEB7590FB8FEB7D55EDADD0850227E9C35B39A8A4630757EF9DB04E34C1A34A6C9A077D497D69D57255A619CE8FC1273ADF1EA5A02ACBE0EA99620C431A1B4B0DC319A7A0FE18CD9B5A7937625B5E3B1C4F3D84CC63387149001970B52EA4C24B8ECE4686A56832087BCCDD4D57BC02781D5B12DE88811292D8DA888C1D8205C83910BC6454CFC4914B09EE014FA3CA80D004D1F267DCBCF240F312ACDAFBDB4A140BA98643453C356EDA85D55D5D578C06847788210564BA66727FDCADDF843886ACDAA0FD4743952134EB85F2B5DF96EAEEED042D396A5D10AAF7CAB07AAF1F87ACD446E455F6F7B04924AED57F0FBF4398D02B53BA287295345587D12002312600CEF1A9746AC77F1462539D1083C7E61D73AA31D16936E2E7268553A995428265B380572E211182510F59B8C0D09841DA5B903BC7ED0AF866AD1F4E71F64C51DB23B3478D18064782C50C6670FD3A517240D1B5EC6AEE6A13E18FAC58266A5EA7F131A924BCFDE86CD999BB0085DD2A4B91453912868EE0946C762BC11A5F055026810286EE711B184C95A054D655F18FEF26350F5DB59857AD5ADE143A8F36A17C12A94D07FE2454587354D75518E5ACB192EABE01D1E18736A22EBCE38378AEE235CA94CE675EAF688F65F757BF54545F90EF7EF3F8A01C4F9B53A968E764C77E1FE5FD039238819E29B928288C21FDB606AEB22E62CC49EF755C500D8DA68827E9CE2ED608B2E04FE089DA866143E3293EE3401DE8748A49C4AE270A6A02CAE5142DCC7078652D023E628B26C4C4825DE8A1131F0E35A13D02FD2A0E97CAAE7C7DFC86E7B3F985F3ABA4382D61C61E2B9A4E1A09F4450E6289D658B8506A1A5EEA0D0ECD302FD01675046238877BBA22C8A34622E56C19021D17369E765E34B1080215220857B78C518A0FD4282B24824FAF0FA74C064E1C5EF24BC90F3868D2E0D4D65DF857A62F539447865A3068416D526F49B704FB63576F2337429CE751E6CD8EE664AB4F0BF6531A43D979D808C8C2662BDC6935BCF4E94D575EC4A671EF907C1E51E0A6619A4B19F7860C0BB5650B75E4934FD044860E5E8FD2FD5CA9B40F6654681AE5A57FD4D803E07DDBDAB109" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3996) c:\program files\EVGA Precision\Bundle\OSDServer\RTSSHooks.dll c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\en-us\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll c:\windows\system32\msi.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe c:\windows\system32\oodag.exe c:\windows\system32\rundll32.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\EVGA Precision\Bundle\OSDServer\RTSS.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************** . Completion time: 2009-05-30 16:36 - machine was rebooted ComboFix-quarantined-files.txt 2009-05-30 23:36 ComboFix2.txt 2009-05-30 00:51 Pre-Run: 59,460,337,664 bytes free Post-Run: 59,351,384,064 bytes free 395 --- E O F --- 2009-05-13 04:10
×
×
  • Create New...