Jump to content

911_H3LP3R

Members
  • Content Count

    221
  • Joined

  • Last visited

About 911_H3LP3R

  • Rank
    Member
  • Birthday 07/18/1990

Contact Methods

  • AIM
    Bone Crusher 800
  • MSN
    Mnp188@Hotmail.com
  • Website URL
    http://

Profile Information

  • Location
    Pensacola FL
  • Interests
    Video Games, PCPitstop, Basketball, Web Design, Making $

Previous Fields

  • System Specifications:
    Microsoft Windows XP Home Edition Version 2002 Service Pack 2 Hewlett-Packard Pavilion AMD Athlon(tm)XP 2400+ 2.00 GHz, 768 MB of RAM
  • TechExpress Link:
    http://www.pcpitstop.com/techexpress.asp?id=QUPCHWUQZGWSRYEV
  • Teams:
    Nothing Selected
  1. Hi, I wanted to give an update on my computer. I have decided to uninstall the firewalls I had, and just use Windows Vista Firewall as you suggested. Also, I am still using VIPRE Antivirus.
  2. I am following your suggestions. I am going to keep Vipre Antivirus. What would you recommend as far as Firewall? Zonealarm Firewall is great, but I have to shut it down to print stuff. EDIT: I installed AVG Internet Security on my PC. I uninstalled Zonealarm Firewall. I ran VIPRE Antivirus, and cleaned cookies and Quarantined a Trojan I had lying around. PC seems to be running better, and quicker.
  3. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:57:58 PM, on 6/7/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Trillian\trillian.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\hp\kbd\kbd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Solid State Networks IE Browser Plugin - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O13 - Gopher Prefix: O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://www.playwhat.com/solidPlugin/solidstateion.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7016 bytes
  4. I am done with these processes, what you have instructed me to do. My PC is running better now. I appreciate your help.
  5. As far as I know from when I tried restarting pc and shutting it down, very slow. Sometimes I have to do it manually. Also, can you help me figure out how to allow my printer to print stuff through Zonealarm? Everytime I want to print something, I have to disable Zonealarm Firewall.
  6. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Friday, June 5, 2009 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Friday, June 05, 2009 22:39:40 Records in database: 2315510 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan statistics: Files scanned: 105748 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 02:00:05 File name / Threat name / Threats count C:\Users\Mike\Desktop\Hack Pack\Gunbound Hack Pack\Aimboyd GGless\AimBot\aimb0YdXL.exe Infected: Trojan-Downloader.Win32.Adload.fxl 1 The selected area was scanned. This Threat that was found is inside an aimbot in a Game Folder. UPDATE: I just deleted the file that this trojan was in. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:59:24 PM, on 6/5/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hp\kbd\kbd.exe C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe C:\Program Files\Java\jre6\bin\java.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Solid State Networks IE Browser Plugin - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete O4 - HKLM\..\Run: [sBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O13 - Gopher Prefix: O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://www.playwhat.com/solidPlugin/solidstateion.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7907 bytes
  7. Hi. I am running Kapersky Online AV Scanner. Just a quick question before I do anything else, if you get here in time. Do I clean the infected items, as well as post a Log here?
  8. Windows Defender still shows here, but it is totally disabled. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:03:00 PM, on 6/5/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Trillian\trillian.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\hp\kbd\kbd.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Solid State Networks IE Browser Plugin - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete O4 - HKLM\..\Run: [sBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O13 - Gopher Prefix: O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://www.playwhat.com/solidPlugin/solidstateion.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7198 bytes
  9. Windows Defender has always been disabled. Sunbelt Anti-Spyware (VIPRE) is what I am currently using, along with Zonealarm Firewall.
  10. I could do this... "My personal recommendation would be to uninstall ZoneAlarm, re-enable the in-built Vista firewall for the time being and we can address having a third party software at the conclusion." Whatever you think is best when it comes to the firewalls.
  11. PC seems to be running better. My first question is, Can I remove these programs you ask me to download after we are done here? For Your Info, I have not restarted my PC before posting these logs. I did, however, restart my pc when I performed the OTM directions. I have Zonealarm Firewall. So, the anti spyware and anti virus is not included with that. IMPORTANT: My PC still seems to be restarting very slowly. After I made this post, I pressed Restart. Nothing happened. I shut down Zonealarm, Vipre Antivirus, and AIM. My PC reacted and restarted. It was on the logging off page, shutting down page. Took roughly 5 minutes at max to restart. When shutting down PC, it hangs at the shutting down page for 2 -3 minutes. I am not to worried about these problems. Malwarebytes' Anti-Malware 1.37 Database version: 2229 Windows 6.0.6002 Service Pack 2 6/4/2009 1:42:56 PM mbam-log-2009-06-04 (13-42-56).txt Scan type: Quick Scan Objects scanned: 69334 Time elapsed: 4 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) --------------------------------------------------------- ========== PROCESSES ========== Process Explorer.EXE killed successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\"SearchAssistant"|"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\\"CustomizeSearch"|"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\\"LinksFolderName"|"Links" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}\\ not found. ========== COMMANDS ========== File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF16C6.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF58A8.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF58C7.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF5940.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF595E.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF59D4.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Mike\AppData\Local\Temp\~DF59F2.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Windows\temp\ZLT05751.TMP scheduled to be deleted on reboot. Windows Temp folder emptied. FireFox cache emptied. Temp folders emptied. Error: Unable to interpret <Start Explorer]> in the current context! OTM by OldTimer - Version 2.1.0.0 log created on 06042009_133115 Files moved on Reboot... C:\Users\Mike\AppData\Local\Temp\~DF16C6.tmp moved successfully. File C:\Users\Mike\AppData\Local\Temp\~DF58A8.tmp not found! File C:\Users\Mike\AppData\Local\Temp\~DF58C7.tmp not found! File C:\Users\Mike\AppData\Local\Temp\~DF5940.tmp not found! File C:\Users\Mike\AppData\Local\Temp\~DF595E.tmp not found! File C:\Users\Mike\AppData\Local\Temp\~DF59D4.tmp not found! File C:\Users\Mike\AppData\Local\Temp\~DF59F2.tmp not found! File C:\Windows\temp\ZLT05751.TMP not found! Registry entries deleted on Reboot... ---------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:44:57 PM, on 6/4/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Trillian\trillian.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hp\kbd\kbd.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Solid State Networks IE Browser Plugin - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete O4 - HKLM\..\Run: [sBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O13 - Gopher Prefix: O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://www.playwhat.com/solidPlugin/solidstateion.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7209 bytes
  12. DDS (Ver_09-05-14.01) - NTFSx86 Run by Mike at 14:08:24.98 on Wed 06/03/2009 Internet Explorer: 8.0.6001.18702 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1506 [GMT -5:00] AV: Sunbelt VIPRE *On-access scanning enabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C} SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Sunbelt VIPRE *enabled* (Updated) {9817B764-AE4E-4B29-AEE7-725B7A50BD48} FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\ZoneLabs\vsmon.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Windows\system32\schtasks.exe C:\Windows\system32\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Trillian\trillian.exe C:\Windows\ehome\ehmsas.exe C:\Windows\ehome\ehsched.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Windows\ehome\ehRecvr.exe c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe C:\hp\kbd\kbd.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Mike\AppData\Local\Temp\jkos-Mike\binaries\ScanningProcess.exe C:\Users\Mike\AppData\Local\Temp\jkos-Mike\binaries\ScanningProcess.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Mike\Desktop\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://yahoo.com/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll BHO: CSolidBrowserObj Object: {bd08a9d5-0e5c-4f42-99a3-c0cb5e860557} - c:\windows\system32\solidstatenetworks\solidstateion\solidax.dll TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe" uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun: [KBD] c:\hp\kbd\KbdStub.EXE mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe" mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [sunJavaUpdateReg] "c:\windows\system32\jureg.exe" mRun: [<NO NAME>] mRun: [sBAMTray] c:\program files\sunbelt software\vipre\SBAMTray.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\trillian.lnk - c:\program files\trillian\trillian.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} - hxxp://www.playwhat.com/solidPlugin/solidstateion.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ================= FIREFOX =================== FF - ProfilePath - c:\users\mike\appdata\roaming\mozilla\firefox\profiles\uwho8sf6.default\ FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll FF - plugin: c:\users\mike\appdata\roaming\mozilla\firefox\profiles\uwho8sf6.default\extensions\solidstateion@solidstatenetworks.com\plugins\npssn.dll ============= SERVICES / DRIVERS =============== R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2009-5-25 202928] R2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files\sunbelt software\vipre\SBAMSvc.exe [2009-3-17 894248] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2009-3-4 69936] R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2007-8-9 968064] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2008-10-22 92464] S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648] S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904] =============== Created Last 30 ================ 2009-06-02 22:42 <DIR> --d----- c:\program files\iPod 2009-06-02 22:42 <DIR> --d----- c:\program files\iTunes 2009-06-01 12:25 <DIR> --d----- c:\programdata\WindowsSearch 2009-06-01 12:19 1,970,176 a------- c:\windows\system32\d3dx9.dll 2009-06-01 12:19 679,936 a------- c:\windows\system32\D3DX81ab.dll 2009-06-01 12:19 <DIR> --d----- c:\program files\Cheat Engine 2009-05-31 01:20 <DIR> --d----- c:\users\mike\appdata\roaming\DiskAid 2009-05-31 01:16 <DIR> --d----- c:\programdata\Wide Angle Software 2009-05-31 01:16 <DIR> --d----- c:\progra~2\Wide Angle Software 2009-05-31 00:03 107,368 a------- c:\windows\system32\GEARAspi.dll 2009-05-31 00:03 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-05-31 00:03 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-31 00:03 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-31 00:01 <DIR> --d----- c:\program files\Bonjour 2009-05-31 00:00 <DIR> --d----- c:\programdata\Apple Computer 2009-05-30 23:58 <DIR> --d----- c:\users\mike\appdata\roaming\LimeWire 2009-05-30 23:58 <DIR> --d----- c:\programdata\Apple 2009-05-30 23:57 <DIR> --d----- c:\program files\LimeWire 2009-05-30 23:54 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-05-27 23:44 <DIR> --d----- c:\windows\system32\eu-ES 2009-05-27 23:44 <DIR> --d----- c:\windows\system32\ca-ES 2009-05-27 23:44 <DIR> --d----- c:\windows\system32\vi-VN 2009-05-27 23:43 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-05-27 20:58 <DIR> --d----- c:\windows\system32\EventProviders 2009-05-27 20:55 3,549,672 a------- c:\windows\system32\ntoskrnl.exe 2009-05-27 20:54 593,408 a------- c:\windows\system32\comuid.dll 2009-05-27 20:53 744,448 a------- c:\windows\system32\wbem\wbemcore.dll 2009-05-27 20:53 614,912 a------- c:\windows\system32\wbem\fastprox.dll 2009-05-27 20:53 265,728 a------- c:\windows\system32\wbem\repdrvfs.dll 2009-05-27 20:53 265,728 a------- c:\windows\system32\wbem\esscli.dll 2009-05-27 20:53 189,440 a------- c:\windows\system32\wbem\mofd.dll 2009-05-27 20:53 83,968 a------- c:\windows\system32\wbem\wmiutils.dll 2009-05-27 20:53 30,208 a------- c:\windows\system32\wbem\wbemprox.dll 2009-05-27 20:53 705,536 a------- c:\windows\system32\SmiEngine.dll 2009-05-27 20:53 218,624 a------- c:\windows\system32\wdscore.dll 2009-05-27 20:53 130,560 a------- c:\windows\system32\PkgMgr.exe 2009-05-27 20:53 247,808 a------- c:\windows\system32\drvstore.dll 2009-05-27 20:38 <DIR> --d----- c:\program files\Trend Micro 2009-05-27 00:33 1,221,512 a------- c:\windows\system32\zpeng25.dll 2009-05-27 00:33 <DIR> --d----- c:\program files\Zone Labs 2009-05-27 00:32 350,192 a---h--- c:\windows\system32\drivers\vsconfig.xml 2009-05-27 00:32 293,528 a------- c:\windows\system32\drivers\vsdatant.sys 2009-05-27 00:32 <DIR> --d----- c:\windows\system32\ZoneLabs 2009-05-27 00:31 <DIR> --d----- c:\programdata\CheckPoint 2009-05-27 00:31 <DIR> --d----- c:\progra~2\CheckPoint 2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx 2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts 2009-05-26 14:19 <DIR> --d----- c:\programdata\NVIDIA 2009-05-26 13:59 8,535 a------- c:\windows\system32\nvide.nvu 2009-05-26 13:55 553 a------- c:\windows\USetup.iss 2009-05-26 13:54 109,088 a------- c:\windows\RTKAUDIOSERVICE.EXE 2009-05-26 13:54 4,874,240 a------- c:\windows\RtHDVCpl.exe 2009-05-26 13:54 1,191,936 a------- c:\windows\RtlUpd.exe 2009-05-26 13:54 135,168 a------- c:\windows\system32\SRSWOW.dll 2009-05-26 13:54 45,600 a------- c:\windows\system32\RtkCoInst.dll 2009-05-26 13:51 <DIR> --d----- c:\program files\CONEXANT 2009-05-26 13:51 <DIR> --d----- c:\users\mike\appdata\roaming\WinBatch 2009-05-25 17:45 18,904 a------- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2009-05-25 17:45 11,967,524 a------- c:\windows\system32\korwbrkr.lex 2009-05-25 17:41 2,849,757 a------- c:\windows\system32\GameMon.des 2009-05-25 17:41 5,174 a------- c:\windows\system32\nppt9x.vxd 2009-05-25 17:41 4,682 a------- c:\windows\system32\npptNT2.sys 2009-05-25 17:40 <DIR> --d----- c:\program files\common files\INCA Shared 2009-05-25 17:37 <DIR> --d----- c:\programdata\ijjigame 2009-05-25 17:37 <DIR> --d----- c:\progra~2\ijjigame 2009-05-25 17:37 710,064 a------- c:\windows\system32\ijjiSetup.exe 2009-05-25 17:37 157,152 a------- c:\windows\system32\PubPlugin.dll 2009-05-25 17:37 66,992 a------- c:\windows\system32\ijjiProcessRestarter.exe 2009-05-25 17:37 <DIR> --d----- c:\program files\NHN USA 2009-05-25 16:13 <DIR> --d----- C:\ijji 2009-05-25 16:09 151,552 a------- c:\windows\system32\WpdMtp.dll 2009-05-25 16:08 274,944 a------- c:\windows\system32\srrstr.dll 2009-05-25 16:07 117,760 a------- c:\windows\system32\bcdsrv.dll 2009-05-25 16:01 <DIR> --d----- c:\program files\Yahoo! 2009-05-25 16:01 <DIR> --d----- c:\program files\CCleaner 2009-05-25 15:54 <DIR> --d----- c:\windows\system32\SolidStateNetworks 2009-05-25 15:43 <DIR> --d----- c:\windows\Internet Logs 2009-05-25 15:38 35,328 a------- c:\windows\11.gbna1 2009-05-25 15:33 132,880 a------- c:\windows\system32\MSINET.OCX 2009-05-25 15:22 <DIR> --d----- c:\programdata\RoboForm 2009-05-25 15:22 <DIR> --d----- c:\program files\Siber Systems 2009-05-25 14:58 <DIR> --d----- c:\users\mike\appdata\roaming\Sunbelt 2009-05-25 14:55 <DIR> --d----- c:\programdata\Sunbelt 2009-05-25 14:55 <DIR> --d----- c:\progra~2\Sunbelt 2009-05-25 14:49 1,732 a------- c:\windows\system32\drivers\nvphy.bin 2009-05-25 14:48 272,896 a------- c:\windows\system32\polstore.dll 2009-05-25 14:48 61,440 a------- c:\windows\system32\winipsec.dll 2009-05-25 14:48 1,820 a------- c:\windows\system32\rasctrnm.h 2009-05-25 14:46 12,880 a------- c:\windows\system32\wbem\wlan.mof 2009-05-25 14:38 2,048 a------- c:\windows\system32\msxml3r.dll 2009-05-25 14:34 69,632 a------- c:\windows\system32\Mpeg2Data.ax 2009-05-25 14:25 7,042,560 a------- c:\windows\system32\NlsLexicons081a.dll 2009-05-25 14:23 6,656 a------- c:\windows\system32\kbd106n.dll 2009-05-25 14:21 9,728 a------- c:\windows\system32\lsass.exe 2009-05-25 14:21 13,780 a------- c:\windows\system32\wbem\lsasrv.mof 2009-05-25 14:17 37,888 a------- c:\windows\system32\printcom.dll 2009-05-25 14:17 14,848 a------- c:\windows\system32\wshrm.dll 2009-05-25 14:09 19,595,264 a------- c:\windows\ocsetup_install_NetFx3.etl 2009-05-25 14:09 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf 2009-05-25 14:09 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx 2009-05-25 14:07 41,984 a------- c:\windows\system32\netfxperf.dll 2009-05-25 14:02 84,480 a------- c:\windows\system32\INETRES.dll 2009-05-25 14:00 <DIR> --d----- c:\program files\MSXML 4.0 2009-05-25 14:00 2,048 a------- c:\windows\system32\msxml6r.dll 2009-05-25 13:51 16 a------- c:\windows\system32\coh.cache 2009-05-25 13:48 202,928 a------- c:\windows\system32\drivers\sbtis.sys 2009-05-25 13:48 <DIR> --d----- c:\program files\Sunbelt Software 2009-05-25 13:42 44 a------- c:\windows\system\hpsysdrv.dat 2009-05-25 13:36 1,831 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_GN551AA-ABA m8200n_YC_0Pavi_QMXX748_E74NAv3PrA1_49_INettle2_SECS_V1.0_B5.20_T071003_WUH0_L409_M2942_J500_7AMD_8Athlon 64 X2 Dual Core_93_#071225_N10DE03EF_Z14F12F20_G10DE03D0.MRK 2009-05-25 13:35 <DIR> --d----- c:\users\Mike 2009-05-25 13:33 1,524,736 a------- c:\windows\system32\wucltux.dll 2009-05-25 13:33 83,456 a------- c:\windows\system32\wudriver.dll 2009-05-25 13:32 162,064 a------- c:\windows\system32\wuwebv.dll 2009-05-25 13:32 31,232 a------- c:\windows\system32\wuapp.exe 2009-05-25 13:31 <DIR> --dsh--- c:\programdata\Documents 2009-05-25 13:31 <DIR> --dsh--- C:\Documents and Settings ==================== Find3M ==================== 2009-06-02 22:39 143,360 a------- c:\windows\inf\infstrng.dat 2009-06-02 22:39 86,016 a------- c:\windows\inf\infstor.dat 2009-06-02 22:39 51,200 a------- c:\windows\inf\infpub.dat 2009-05-27 23:44 665,600 a------- c:\windows\inf\drvindex.dat 2009-05-26 13:54 319,456 a------- c:\windows\DIFxAPI.dll 2009-05-25 17:19 174 a--sh--- c:\program files\desktop.ini 2009-05-25 16:24 101,888 a------- c:\windows\system32\ifxcardm.dll 2009-05-25 16:24 82,432 a------- c:\windows\system32\axaltocm.dll 2009-05-25 14:39 52,736 a------- c:\windows\apppatch\iebrshim.dll 2009-05-25 14:25 5,090,816 a------- c:\windows\system32\NlsLexicons0416.dll 2009-04-11 01:33 986,600 a------- c:\windows\system32\winload.exe 2009-04-11 01:33 926,184 a------- c:\windows\system32\winresume.exe 2009-04-11 01:33 292,840 a------- c:\windows\system32\drivers\volmgrx.sys 2009-04-11 01:33 897,000 a------- c:\windows\system32\drivers\tcpip.sys 2009-04-11 01:33 614,376 a------- c:\windows\system32\ci.dll 2009-04-11 01:28 342,528 a------- c:\windows\system32\zipfldr.dll 2009-04-11 01:27 627,200 a------- c:\windows\system32\sethc.exe 2009-04-11 01:22 7,168 a------- c:\windows\system32\f3ahvoas.dll 2009-04-11 01:21 37,376 a------- c:\windows\system32\cdd.dll 2009-04-11 00:42 93,696 a------- c:\windows\system32\drivers\bridge.sys 2009-04-11 00:03 12,240,896 a------- c:\windows\system32\NlsLexicons0007.dll 2009-04-11 00:03 2,644,480 a------- c:\windows\system32\NlsLexicons0009.dll 2009-04-10 23:57 8,147,456 a------- c:\windows\system32\wmploc.DLL 2009-04-10 23:54 2,048 a------- c:\windows\system32\mferror.dll 2009-04-10 23:51 180,736 a------- c:\windows\system32\drivers\rdpwd.sys 2009-04-10 23:47 273,920 a------- c:\windows\system32\drivers\afd.sys 2009-04-10 23:46 69,120 a------- c:\windows\system32\drivers\rassstp.sys 2009-04-10 23:46 121,344 a------- c:\windows\system32\drivers\ndiswan.sys 2009-04-10 23:46 41,472 a------- c:\windows\system32\drivers\raspppoe.sys 2009-04-10 23:46 15,872 a------- c:\windows\system32\drivers\usb8023.sys 2009-04-10 23:46 33,280 a------- c:\windows\system32\drivers\RNDISMP.sys 2009-04-10 23:46 30,720 a------- c:\windows\system32\drivers\tcpipreg.sys 2009-04-10 23:45 72,192 a------- c:\windows\system32\drivers\tdx.sys 2009-04-10 23:45 72,192 a------- c:\windows\system32\drivers\pacer.sys 2009-04-10 23:45 185,856 a------- c:\windows\system32\drivers\netbt.sys 2009-04-10 23:45 401,408 a------- c:\windows\system32\drivers\http.sys 2009-04-10 23:45 113,664 a------- c:\windows\system32\drivers\rmcast.sys 2009-04-10 23:45 66,560 a------- c:\windows\system32\drivers\smb.sys 2009-04-10 23:43 148,480 a------- c:\windows\system32\drivers\nwifi.sys 2009-04-10 23:43 196,096 a------- c:\windows\system32\drivers\usbhub.sys 2009-04-10 23:43 62,208 a------- c:\windows\system32\drivers\ohci1394.sys 2009-04-10 23:42 226,304 a------- c:\windows\system32\drivers\usbport.sys 2009-04-10 23:42 25,856 a------- c:\windows\system32\drivers\USBCAMD2.sys 2009-04-10 23:42 25,856 a------- c:\windows\system32\drivers\USBCAMD.sys 2009-04-10 23:42 39,936 a------- c:\windows\system32\drivers\usbehci.sys 2009-04-10 23:42 19,456 a------- c:\windows\system32\drivers\usbohci.sys 2009-04-10 23:42 167,936 a------- c:\windows\system32\drivers\portcls.sys 2009-04-10 23:42 39,424 a------- c:\windows\system32\drivers\hidclass.sys 2009-04-10 23:42 52,992 a------- c:\windows\system32\drivers\stream.sys 2009-04-10 23:42 561,152 a------- c:\windows\system32\drivers\hdaudbus.sys 2009-04-10 23:39 16,384 a------- c:\windows\system32\iscsilog.dll 2009-04-10 23:39 67,072 a------- c:\windows\system32\drivers\cdrom.sys 2009-04-10 23:39 19,456 a------- c:\windows\system32\drivers\Diskdump.sys 2009-04-10 23:38 149,504 a------- c:\windows\system32\drivers\ks.sys 2009-04-10 23:38 17,408 a------- c:\windows\system32\drivers\kbdhid.sys 2009-04-10 23:27 2,560 a------- c:\windows\system32\msimsg.dll 2009-04-10 23:24 2,034,688 a------- c:\windows\system32\win32k.sys 2009-04-10 23:23 626,176 a------- c:\windows\system32\drivers\dxgkrnl.sys 2009-04-10 23:23 289,792 a------- c:\windows\system32\atmfd.dll 2009-04-10 23:23 76,288 a------- c:\windows\system32\drivers\dxg.sys 2009-04-10 23:22 33,280 a------- c:\windows\system32\drivers\watchdog.sys 2009-04-10 23:15 288,768 a------- c:\windows\system32\drivers\srv.sys 2009-04-10 23:15 144,896 a------- c:\windows\system32\drivers\srv2.sys 2009-04-10 23:15 98,816 a------- c:\windows\system32\drivers\srvnet.sys 2009-04-10 23:14 114,688 a------- c:\windows\system32\drivers\mrxdav.sys 2009-04-10 23:14 212,992 a------- c:\windows\system32\drivers\mrxsmb10.sys 2009-04-10 23:14 225,280 a------- c:\windows\system32\drivers\rdbss.sys 2009-04-10 23:14 79,360 a------- c:\windows\system32\drivers\mrxsmb20.sys 2009-04-10 23:14 105,984 a------- c:\windows\system32\drivers\mrxsmb.sys 2009-04-10 23:14 75,264 a------- c:\windows\system32\drivers\dfsc.sys 2009-04-10 23:14 35,328 a------- c:\windows\system32\drivers\npfs.sys 2009-04-10 23:13 226,816 a------- c:\windows\system32\drivers\udfs.sys 2009-04-10 23:13 136,704 a------- c:\windows\system32\drivers\exfat.sys 2009-04-10 23:13 142,848 a------- c:\windows\system32\drivers\fastfat.sys 2009-04-10 23:12 617,984 a------- c:\windows\system32\adtschema.dll 2009-04-10 21:52 684,032 a------- c:\windows\system32\drivers\spsys.sys 2009-04-10 20:59 107,612 a------- c:\windows\system32\StructuredQuerySchema.bin 2009-03-29 23:42 278,848 a------- c:\windows\system32\mscoree.dll 2009-03-29 23:42 155,456 a------- c:\windows\system32\mscorier.dll 2009-03-29 23:42 93,512 a------- c:\windows\system32\dfshim.dll 2009-03-29 23:42 80,720 a------- c:\windows\system32\mscories.dll 2009-03-26 15:23 1,900,544 a------- c:\windows\system32\usbaaplrc.dll 2009-03-17 13:26 65,320 a------- c:\windows\system32\sbbd.exe 2009-03-08 06:34 914,944 a------- c:\windows\system32\wininet.dll 2009-03-08 06:34 43,008 a------- c:\windows\system32\licmgr10.dll 2009-03-08 06:33 18,944 a------- c:\windows\system32\corpol.dll 2009-03-08 06:33 109,056 a------- c:\windows\system32\iesysprep.dll 2009-03-08 06:33 109,568 a------- c:\windows\system32\PDMSetup.exe 2009-03-08 06:33 132,608 a------- c:\windows\system32\ieUnatt.exe 2009-03-08 06:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe 2009-03-08 06:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe 2009-03-08 06:33 103,936 a------- c:\windows\system32\SetDepNx.exe 2009-03-08 06:33 420,352 a------- c:\windows\system32\vbscript.dll 2009-03-08 06:32 72,704 a------- c:\windows\system32\admparse.dll 2009-03-08 06:32 71,680 a------- c:\windows\system32\iesetup.dll 2009-03-08 06:32 66,560 a------- c:\windows\system32\wextract.exe 2009-03-08 06:32 169,472 a------- c:\windows\system32\iexpress.exe 2009-03-08 06:31 34,816 a------- c:\windows\system32\imgutil.dll 2009-03-08 06:31 48,128 a------- c:\windows\system32\mshtmler.dll 2009-03-08 06:31:00 A------- 45,568 c:\windows\system32\mshta.exe ============= FINISH: 14:11:10.29 ===============
  13. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-05-14.01) Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 5/25/2009 3:28:10 PM System Uptime: 6/2/2009 10:21:35 PM (16 hours ago) Motherboard: ECS | | Nettle2 Processor: AMD Athlon 64 X2 Dual Core Processor 6000+ | Socket M2 | 3000/201mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 457 GiB total, 375.84 GiB free. D: is FIXED (NTFS) - 9 GiB total, 0.866 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP13: 5/25/2009 4:12:22 PM - Windows Vista Service Pack 1 RP15: 5/25/2009 5:37:08 PM - Installed ijji Auto Installer RP16: 5/25/2009 5:44:44 PM - Windows Update RP17: 5/25/2009 7:15:48 PM - Windows Update RP18: 5/26/2009 1:51:33 PM - Device Driver Package Install: CXT Modems RP19: 5/26/2009 1:54:23 PM - Device Driver Package Install: Realtek Semiconductor Corp. Sound, video and game controllers RP20: 5/26/2009 1:55:57 PM - Device Driver Package Install: CXT Modems RP21: 5/26/2009 1:58:43 PM - Device Driver Package Install: NVIDIA Corporation Storage controllers RP22: 5/26/2009 2:03:11 PM - Device Driver Package Install: NVIDIA Display adapters RP23: 5/26/2009 2:05:12 PM - Installed HP Update RP24: 5/26/2009 5:00:10 PM - Windows Update RP25: 5/27/2009 12:32:45 AM - Device Driver Package Install: Zone Labs, a Check Point company Network Service RP26: 5/27/2009 12:33:58 AM - Windows Update RP27: 5/27/2009 8:57:20 PM - Windows Update RP28: 5/27/2009 11:53:19 PM - Windows Update RP29: 5/29/2009 4:26:15 AM - Scheduled Checkpoint RP30: 5/30/2009 12:18:34 AM - Removed Roxio MyDVD Basic v9 RP31: 5/30/2009 12:28:50 AM - Removed HP Total Care Advisor RP32: 5/30/2009 11:58:39 PM - Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers RP33: 5/31/2009 12:01:39 AM - Installed iTunes RP34: 5/31/2009 12:02:46 AM - Installed iTunes RP35: 5/31/2009 1:05:18 AM - Installed TouchCopy 09 RP36: 5/31/2009 9:01:51 PM - Removed TouchCopy 09 RP37: 5/31/2009 9:36:39 PM - Installed iPhoneBrowser RP38: 5/31/2009 10:10:46 PM - Removed iPhoneBrowser RP39: 6/1/2009 10:30:37 PM - Installed Safari RP40: 6/1/2009 10:33:31 PM - Removed Safari RP41: 6/2/2009 8:50:36 PM - Scheduled Checkpoint RP42: 6/2/2009 10:37:30 PM - Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers RP43: 6/2/2009 10:37:58 PM - Device Driver Package Install: Apple Network adapters ==== Installed Programs ====================== Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Reader 8.1.0 AI RoboForm (All Users) Apple Mobile Device Support Apple Software Update Bonjour CCleaner (remove only) Cheat Engine 5.5 Enhanced Multimedia Keyboard Solution Gunbound Revolution Hewlett-Packard Active Check Hewlett-Packard Asset Agent for Health Check Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Active Support Library 32 bit components HP Customer Experience Enhancements HP Customer Feedback HP Easy Setup - Frontend HP On-Screen Cap/Num/Scroll Lock Indicator HP Picasso Media Center Add-In HP Update ijji ijji Auto Installer iTunes Java SE Runtime Environment 6 Update 1 LightScribe 1.6.45.1 LimeWire 5.1.3 Microsoft .NET Framework 3.5 SP1 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.0.10) MSXML 4.0 SP2 (KB954430) NVIDIA Drivers Python 2.5 QuickTime Realtek High Definition Audio Driver Rhapsody Player Engine Roxio Activation Module Soft Data Fax Modem with SmartCP Solid State ION Internet Explorer Plugin Trillian VC 9.0 Runtime VIPRE Antivirus + Antispyware WeatherBug Gadget WinRAR archiver ZoneAlarm ==== Event Viewer Messages From Past Week ======== 6/2/2009 6:16:11 PM, Error: EventLog [6008] - The previous system shutdown at 6:13:51 PM on 6/2/2009 was unexpected. 6/2/2009 5:43:56 PM, Error: EventLog [6008] - The previous system shutdown at 5:41:47 PM on 6/2/2009 was unexpected. 6/2/2009 10:39:15 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 6/2/2009 10:36:56 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 6/2/2009 10:22:05 PM, Error: EventLog [6008] - The previous system shutdown at 10:20:07 PM on 6/2/2009 was unexpected. 6/1/2009 12:29:51 PM, Error: EventLog [6008] - The previous system shutdown at 12:28:06 PM on 6/1/2009 was unexpected. 6/1/2009 10:36:41 PM, Error: EventLog [6008] - The previous system shutdown at 10:34:47 PM on 6/1/2009 was unexpected. 5/31/2009 9:47:10 PM, Error: EventLog [6008] - The previous system shutdown at 9:45:18 PM on 5/31/2009 was unexpected. 5/31/2009 9:05:22 PM, Error: EventLog [6008] - The previous system shutdown at 9:03:01 PM on 5/31/2009 was unexpected. 5/31/2009 2:01:48 AM, Error: EventLog [6008] - The previous system shutdown at 1:59:33 AM on 5/31/2009 was unexpected. 5/31/2009 12:55:37 AM, Error: EventLog [6008] - The previous system shutdown at 12:53:13 AM on 5/31/2009 was unexpected. 5/31/2009 10:07:05 AM, Error: EventLog [6008] - The previous system shutdown at 10:04:44 AM on 5/31/2009 was unexpected. 5/30/2009 5:37:04 PM, Error: EventLog [6008] - The previous system shutdown at 5:35:33 PM on 5/30/2009 was unexpected. 5/30/2009 4:32:37 AM, Error: EventLog [6008] - The previous system shutdown at 4:30:55 AM on 5/30/2009 was unexpected. 5/30/2009 12:42:09 AM, Error: EventLog [6008] - The previous system shutdown at 12:40:27 AM on 5/30/2009 was unexpected. 5/30/2009 11:54:20 PM, Error: Microsoft-Windows-WPD-MTPClassDriver [15300] - MTP WPD Driver has failed to start. Error 0x8007001f. 5/30/2009 11:39:17 PM, Error: EventLog [6008] - The previous system shutdown at 11:37:00 PM on 5/30/2009 was unexpected. 5/30/2009 11:03:30 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: A required privilege is not held by the client. 5/29/2009 10:04:50 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/29/2009 10:04:50 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23). 5/29/2009 10:04:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 5/29/2009 10:04:50 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/29/2009 10:03:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 5/29/2009 10:03:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 5/28/2009 9:09:11 PM, Error: EventLog [6008] - The previous system shutdown at 9:06:52 PM on 5/28/2009 was unexpected. 5/28/2009 7:44:56 PM, Error: EventLog [6008] - The previous system shutdown at 7:43:02 PM on 5/28/2009 was unexpected. 5/28/2009 6:13:07 PM, Error: EventLog [6008] - The previous system shutdown at 6:11:11 PM on 5/28/2009 was unexpected. 5/27/2009 8:33:14 PM, Error: EventLog [6008] - The previous system shutdown at 8:31:13 PM on 5/27/2009 was unexpected. 5/27/2009 8:16:37 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is MIKE-PC. 5/27/2009 7:42:13 PM, Error: EventLog [6008] - The previous system shutdown at 7:40:58 PM on 5/27/2009 was unexpected. 5/27/2009 7:23:55 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/27/2009 7:23:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect. 5/27/2009 7:20:58 PM, Error: EventLog [6008] - The previous system shutdown at 7:19:18 PM on 5/27/2009 was unexpected. 5/27/2009 3:09:17 PM, Error: EventLog [6008] - The previous system shutdown at 3:08:04 PM on 5/27/2009 was unexpected. 5/27/2009 12:33:26 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 5/27/2009 1:42:04 PM, Error: EventLog [6008] - The previous system shutdown at 1:39:53 PM on 5/27/2009 was unexpected. 5/27/2009 1:16:45 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. ==== End Of File ===========================
  14. I did not intend for you to be a "CheckUp ServicE". I am actually now experiencing a problem with PC. It wont Restart or shut down by itself.
  15. I have not run any virus scans as of lately. PC is running fine, I am just trying to get opinions on my NEW HJT Log. Any help would be greatly appreciated. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:39:24 PM, on 5/27/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\system32\schtasks.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\system32\jusched.exe C:\Program Files\Trillian\trillian.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hp\kbd\kbd.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Solid State Networks IE Browser Plugin - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [sBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O13 - Gopher Prefix: O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://www.playwhat.com/solidPlugin/solidstateion.cab O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7816 bytes
×
×
  • Create New...