Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

SLow computer that freezes often. Windows XP

(In Progress)
(!)

perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
15-Jul-2012, 12:39 AM #1
SLow computer that freezes often. Windows XP
HI. I have been having some trouble with my old desktop computer for a bit and I finally got some time to get it fixed. It has been running quite slow and has a few problems that make it hard to use. I have been on this forum in the past and have been helped quite well. Thank you for that. I am hoping you will help me resolve issues this time around as well.

The issues I am having are:

1) The computer is extremely slow in all aspects. This is right from the boot up to the logging into the account, to the running programs. I cannot watch a video without it lagging a bit here and there. It is quite slow.

2) Computer tends to freeze up after some time of inactivity. So for example, if I log on to the computer and not use it for like 15 mins, it will freeze which would force me to hard reboot (if that's what it is called). Though magically this problem seems to not have occurred today. I don't know if it was a coincidence or not. After I ran all the scans the forum thread asked me to (HijackThis and the other scans) it seems to not freeze.

I am sure there is some sort of malware on this computer. I was gonna back up all my files from this computer but I am worried there might be a virus on one of those files so I wouldn't want to back those up with the virus. Right?

ok, here are the Log files.

Hijack This!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:24:31 AM, on 7/14/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\HP\HP Software Update\HPWUCli.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.trendmicro.com/tmasy/eol...690&HEIGHT=480
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {203C12EA-EF5A-4989-BD68-5844A877A9AF} (prjOCFTools.OCFTools) - http://ocf.rogershelp.com/prjOCFTools.CAB
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} (Cisco Systems WebVPN Relay Loader) - https://mytdsb.on.ca/+CSCOL+/relayp.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.tvucricket.com/player/vjocx-en-black.cab
O16 - DPF: {E68C89AA-554F-43F3-8D5E-9B36D873081B} (prjOCFTools.OCFTools) - http://rogershelp.com/ocf/prjOCFTools.CAB
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 11251 bytes

DDS Log File

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Run by Chirag at 10:30:22 on 2012-07-14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.755 [GMT -4:00]
.
AV: Norton 360 *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\HP\HP Software Update\HPWUCli.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://shop.trendmicro.com/tmasy/eol.html?X=300&Y=300&WIDTH=690&HEIGHT=480
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.2.2.3\ips\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11c_Plugin.exe -update plugin
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [VX1000] c:\windows\vVX1000.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\chirag\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {203C12EA-EF5A-4989-BD68-5844A877A9AF} - hxxp://ocf.rogershelp.com/prjOCFTools.CAB
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://mytdsb.on.ca/+CSCOL+/relayp.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.tvucricket.com/player/vjocx-en-black.cab
DPF: {E68C89AA-554F-43F3-8D5E-9B36D873081B} - hxxp://rogershelp.com/ocf/prjOCFTools.CAB
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{59331245-0E3E-4D51-A2BC-C68867B6D00D} : DhcpNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxsrvc.dll
Notify: TPSvc - TPSvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\chirag\application data\mozilla\firefox\profiles\5bo8j5md.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-6-17 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-6-17 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-18 821920]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-6-17 136312]
R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.2.3\ccsvchst.exe [2012-6-17 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-26 106656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-31 136176]
S3 cpuz132;cpuz132;\??\c:\docume~1\chirag\locals~1\temp\cpuz132\cpuz132_x32.sy s --> c:\docume~1\chirag\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-1-31 136176]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120623.002\IDSXpx86.sys [2012-6-14 369632]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20120626.002\naveng.sys [2012-6-26 87928]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20120626.002\navex15.sys [2012-6-26 1589752]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2011-6-9 50704]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-17 19:56:49 -------- d-----w- C:\ubuntu
2012-06-17 18:44:39 22488 ----a-w- c:\program files\mozilla firefox\plc4.dll
2012-06-17 18:44:39 20952 ----a-w- c:\program files\mozilla firefox\plds4.dll
2012-06-17 18:44:39 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2012-06-17 18:44:38 834840 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2012-06-17 18:44:38 269272 ----a-w- c:\program files\mozilla firefox\updater.exe
2012-06-17 18:44:38 19928 ----a-w- c:\program files\mozilla firefox\xpcom.dll
2012-06-17 18:44:38 170968 ----a-w- c:\program files\mozilla firefox\softokn3.dll
2012-06-17 18:44:38 154584 ----a-w- c:\program files\mozilla firefox\ssl3.dll
2012-06-17 18:44:38 105432 ----a-w- c:\program files\mozilla firefox\smime3.dll
2012-06-17 17:40:02 744568 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symefa.sys
2012-06-17 17:40:02 50168 ----a-w- c:\windows\system32\drivers\n360\0502020.003\srtspx.sys
2012-06-17 17:40:02 369784 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdi.sys
2012-06-17 17:40:02 340088 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symds.sys
2012-06-17 17:40:02 331384 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdiv.sys
2012-06-17 17:40:02 299640 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symnets.sys
2012-06-17 17:40:01 516216 ----a-w- c:\windows\system32\drivers\n360\0502020.003\srtsp.sys
2012-06-17 17:40:01 136312 ----a-r- c:\windows\system32\drivers\n360\0502020.003\ironx86.sys
2012-06-17 17:38:23 -------- d-----w- c:\windows\system32\drivers\n360\0502020.003
.
==================== Find3M ====================
.
.
============= FINISH: 10:31:29.60 ===============

The other Attach Log File

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/6/2009 1:17:39 AM
System Uptime: 7/14/2012 9:49:27 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Goldfish3
Processor: Intel(R) Pentium(R) 4 CPU 3.06GHz | CPU 1 | 3065/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 181 GiB total, 15.844 GiB free.
D: is FIXED (FAT32) - 6 GiB total, 0.322 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart Prem C310 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart Prem C310 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP818: 1/15/2012 8:39:57 PM - System Checkpoint
RP819: 1/17/2012 8:49:45 PM - System Checkpoint
RP820: 1/18/2012 9:24:15 PM - System Checkpoint
RP821: 1/25/2012 11:48:50 AM - System Checkpoint
RP822: 1/26/2012 12:28:02 PM - System Checkpoint
RP823: 1/30/2012 9:24:51 PM - System Checkpoint
RP824: 2/1/2012 1:37:36 AM - System Checkpoint
RP825: 2/4/2012 11:38:11 AM - System Checkpoint
RP826: 2/4/2012 8:46:57 PM - Removed Kaspersky Internet Security 2011.
RP827: 2/18/2012 3:58:50 PM - System Checkpoint
RP828: 2/28/2012 6:35:55 PM - System Checkpoint
RP829: 3/1/2012 5:26:25 PM - System Checkpoint
RP830: 3/2/2012 9:38:58 PM - System Checkpoint
RP831: 3/6/2012 5:13:11 PM - System Checkpoint
RP832: 4/9/2012 1:06:25 PM - System Checkpoint
RP833: 4/14/2012 9:48:38 AM - System Checkpoint
RP834: 4/21/2012 1:20:04 PM - System Checkpoint
RP835: 6/17/2012 3:08:19 PM - Before Ubuntu
RP836: 6/26/2012 5:47:51 PM - System Checkpoint
RP837: 7/14/2012 10:22:39 AM - Removed Driver Detective.
.
==== Installed Programs ======================
.
.
µTorrent
1Click DV to DVD
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Community Help
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Reader 9.4.6
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Agere Systems PCI Soft Modem
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AviSynth 2.5
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Bonjour
BufferChm
C310
CameraDrivers
Combined Community Codec Pack 2008-09-21 16:18
Connect
Copy
CP_AtenaShokunin1Config
cp_dwSharkTaleAlbums1
cp_dwSharkTaleCards1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
CyberLink PhotoNow
CyberLink PowerDirector
D1600
DesignPro 5.4 Limited Edition
Destinations
DeviceDiscovery
DeviceManagementQFolder
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DJ_AIO_ProductContext
DJ_AIO_Software
DJ_AIO_Software_min
DJ_SF_06_D1600_SW_Min
DocProc
DocumentViewer
DV to DVD Converter 1.00
DVD-CLONER V6.00 Build 975
DVD Burning Xpress 3.30
DVD Photo Slideshow Professional 8.00
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
Epson Event Manager
EPSON NX110 Series Printer Uninstall
EPSON Scan
eSupportQFolder
Express Burn
F4100
F4100_Help
Fax
First Step Guide
FontCreator 5.6
Google Earth Plug-in
Google Update Helper
GPBaseService2
Help and Support Additions
High Definition Audio Driver Package - KB835221
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 14.0
HP Deskjet All-In-One Software 8.0
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.5.3
HP Image Zone Plus 4.5.3
HP Imaging Device Functions 14.0
HP Organize
HP Photo Creations
HP Photosmart Cameras 4.0
HP Photosmart Essential
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7
HP PSC & OfficeJet 4.0
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPIZplus450
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
ImageMixer VCD2
Impulse
InstantShare
IntelliMover Data Transfer Demo
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
iTunes
Java Auto Updater
Java DB 10.4.1.3
Java(TM) 6 Update 21
Java(TM) SE Development Kit 6 Update 12
JPad Pro
Junk Mail filter update
kuler
LS_HSI
LSI PCI Soft Modem
MarketResearch
Messenger Plus! 5
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Photo Premium 10
Microsoft Picture It! Library 10
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MixPad Audio Mixer
Mozilla Firefox 10.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 3.5 magicMoments - HPD
Network
Norton 360
ObjectDock Plus
Ogg Codecs 0.81.15562
PanoStandAlone
PC-Doctor for Windows
PDF Settings CS4
PDF Settings CS5
PhotoGallery
Photoshop Camera Raw
Photosmart 320,370,7400,8100,8400 Series
Picture Package
PowerISO
PrintScreen
PS_AIO_07_C310_SW_Min
PS2
PSPrinters06
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
QuickProjects
QuickTime
QuickTransfer
Readme
RealPlayer
Realtek High Definition Audio Driver
RPS CRT
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Shop for HP Supplies
SkinsHP1
SmartSound Quicktracks Plugin
SmartWebPrinting
SolutionCenter
Sonic Express Labeler
Sonic RecordNow!
Sony USB Driver
SpeedFan (remove only)
Status
Suite Shared Configuration CS4
Theorica Divx ;-) Codecs (remove only)
Toolbox
TrayApp
Ubuntu
Universal Document Converter (Demo)
Unload
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Updates from HP
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.0.5
VobSub v2.23 (Remove Only)
WavePad Sound Editor
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
7/14/2012 9:50:20 AM, error: Service Control Manager [7000] - The Aspi32 service failed to start due to the following error: The system cannot find the file specified.
7/14/2012 9:50:20 AM, error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================


I did the GMER scan too but there were some problems with that. I ran the scan, it was talkng a while so left the computer unattended for a while and when I got back I just saw black screen saying the I needed to restart and boot up a drive or something of that similar fashion. I tried that twice and got the same results. Therefore I couldn't get a log file for that or anything.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
15-Jul-2012, 02:06 PM #2
Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
__________________
Microsoft MVP - Consumer Security
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
15-Jul-2012, 11:13 PM #3
Hi. Thanks for helping me out. I have run the scans from ComboFix. I have posted the results below.

ComboFix 12-07-14.01 - Chirag 07/15/2012 22:26:49.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.948 [GMT -4:00]
Running from: c:\documents and settings\Chirag\Desktop\Puppy.exe
AV: Norton 360 *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Chirag\Local Settings\Application Data\{273F24F2-8F5B-4D9E-8EF5-C340F8962FB6}
c:\documents and settings\Chirag\Local Settings\Application Data\{273F24F2-8F5B-4D9E-8EF5-C340F8962FB6}\chrome.manifest
c:\documents and settings\Chirag\Local Settings\Application Data\{273F24F2-8F5B-4D9E-8EF5-C340F8962FB6}\chrome\content\_cfg.js
c:\documents and settings\Chirag\Local Settings\Application Data\{273F24F2-8F5B-4D9E-8EF5-C340F8962FB6}\chrome\content\overlay.xul
c:\documents and settings\Chirag\Local Settings\Application Data\{273F24F2-8F5B-4D9E-8EF5-C340F8962FB6}\install.rdf
c:\documents and settings\Chirag\My Documents\~WRL0001.tmp
c:\documents and settings\Chirag\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Shivani\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\Packet.dll
c:\windows\system32\ps2.bat
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET144.tmp
c:\windows\system32\sp
c:\windows\system32\wpcap.dll
D:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
-------\Legacy_vvdsvc
-------\Legacy_vvdsvc
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-07-16 02:51 . 2012-07-16 02:51 -------- d-----w- c:\windows\LastGood
2012-06-17 19:56 . 2012-06-17 20:27 -------- d-----w- C:\ubuntu
2012-06-17 18:44 . 2012-06-17 18:44 22488 ----a-w- c:\program files\Mozilla Firefox\plc4.dll
2012-06-17 18:44 . 2012-06-17 18:44 20952 ----a-w- c:\program files\Mozilla Firefox\plds4.dll
2012-06-17 18:44 . 2012-06-17 18:44 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2012-06-17 18:44 . 2012-06-17 18:44 834840 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-06-17 18:44 . 2012-06-17 18:44 269272 ----a-w- c:\program files\Mozilla Firefox\updater.exe
2012-06-17 18:44 . 2012-06-17 18:44 19928 ----a-w- c:\program files\Mozilla Firefox\xpcom.dll
2012-06-17 18:44 . 2012-06-17 18:44 170968 ----a-w- c:\program files\Mozilla Firefox\softokn3.dll
2012-06-17 18:44 . 2012-06-17 18:44 154584 ----a-w- c:\program files\Mozilla Firefox\ssl3.dll
2012-06-17 18:44 . 2012-06-17 18:44 105432 ----a-w- c:\program files\Mozilla Firefox\smime3.dll
2012-06-17 17:38 . 2012-06-17 19:51 -------- d-----w- c:\windows\system32\drivers\N360\0502020.003
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 19:19 . 2008-10-16 18:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2008-10-16 18:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2004-08-04 18:00 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2004-08-04 18:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2004-08-04 18:00 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2008-10-16 18:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2004-08-04 18:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2004-08-04 18:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2008-10-16 18:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2004-08-04 18:00 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2004-08-04 18:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2009-04-08 19:57 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2009-04-08 19:57 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2009-04-08 19:57 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-17 18:44 . 2011-04-05 16:59 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 88363]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-15 233472]
"SoundMan"="SOUNDMAN.EXE" [2005-09-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2005-09-21 2807808]
"VX1000"="c:\windows\vVX1000.exe" [2009-06-26 757248]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
c:\documents and settings\Chirag\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-4-21 3581680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=c:\windows\pss\Updates from HP.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Chirag\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^ImpulseNow.lnk]
path=c:\documents and settings\Chirag\Start Menu\Programs\Startup\ImpulseNow.lnk
backup=c:\windows\pss\ImpulseNow.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Chirag\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
path=c:\documents and settings\Chirag\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 11:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 22:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2005-09-21 19:32 2807808 ----a-w- c:\windows\ALCWZRD.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2008-12-04 18:24 665424 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON NX110 Series]
2008-09-26 07:00 199680 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIFBA.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 15:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2004-03-18 07:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-11-02 22:59 126976 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 20:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
2004-06-08 01:42 659456 ----a-w- c:\windows\system32\hphmon06.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
2004-06-08 01:53 49152 ----a-w- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 19:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2005-02-02 20:44 61440 ----a-w- c:\hp\KBD\kbd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-11-02 08:38 167936 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-09-21 14:24 86016 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 15:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2005-02-17 07:25 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2009-06-26 21:21 757248 ----a-w- c:\windows\vVX1000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502020.003\symds.sys [6/17/2012 1:40 PM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0502020.003\symefa.sys [6/17/2012 1:40 PM 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx86.sys [6/18/2012 8:01 PM 821920]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502020.003\ironx86.sys [6/17/2012 1:40 PM 136312]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.2.3\ccsvchst.exe [6/17/2012 1:38 PM 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/26/2012 6:02 PM 106656]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2011 6:16 PM 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2011 6:16 PM 136176]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120623.002\IDSXpx86.sys [6/14/2012 2:39 PM 369632]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/17/2009 5:51 PM 47360]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
vvdsvc REG_MULTI_SZ vvdsvc
HPService REG_MULTI_SZ HPSLPSVC
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]
.
2009-06-04 c:\windows\Tasks\Easy Internet Sign-up.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-08-13 16:50]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 22:16]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 22:16]
.
2012-05-19 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
- c:\windows\vVX1000.exe [2009-06-11 21:21]
.
2011-06-26 c:\windows\Tasks\mixpadShakeIcon.job
- c:\program files\NCH Swift Sound\MixPad\mixpad.exe [2009-04-13 18:35]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://shop.trendmicro.com/tmasy/eol.html?X=300&Y=300&WIDTH=690&HEIGHT=480
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
DPF: {E68C89AA-554F-43F3-8D5E-9B36D873081B} - hxxp://rogershelp.com/ocf/prjOCFTools.CAB
FF - ProfilePath - c:\documents and settings\Chirag\Application Data\Mozilla\Firefox\Profiles\5bo8j5md.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Notify-TPSvc - TPSvc.dll
MSConfigStartUp-Active Desktop Calendar - c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe
MSConfigStartUp-Microsoft Works Update Detection - c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-15 22:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(896)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'explorer.exe'(1944)
c:\windows\system32\WININET.dll
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized. dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\AGRSMMSG.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2012-07-15 23:06:01 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-16 03:05
.
Pre-Run: 18,424,119,296 bytes free
Post-Run: 18,563,538,944 bytes free
.
- - End Of File - - 540DAC456520B7583290A01F0ABA151F
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
16-Jul-2012, 02:25 PM #4
Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
16-Jul-2012, 10:44 PM #5
I have run the scan and did what you asked. Only 1 Infected item was found I believe. Here is the log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.16.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Chirag :: HD-COMPUTER [administrator]

7/16/2012 10:08:57 PM
mbam-log-2012-07-16 (22-08-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240144
Time elapsed: 31 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\NetworkService\Start Menu\Programs\Security Shield.lnk (Rogue.SecurityShield) -> Quarantined and deleted successfully.

(end)
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
17-Jul-2012, 01:52 PM #6
Download OTS.exe to your Desktop.
  1. Close any open browsers.
  2. If your Real protection or Antivirus interferes with OTS, allow it to run.
  3. Double-click on OTS.exe to start the program.
  4. At the top put a check mark in the box beside "Scan All Users".
  5. Under the Additional Scans section put a check in the box next to Disabled MS Config Items, NetSvcs and EventViewer logs (Last 10 errors)
  6. Now click the Run Scan button on the toolbar.
  7. Let it run unhindered until it finishes.
  8. When the scan is complete Notepad will open with the report file loaded in it.
  9. Save that notepad file.
Use the Reply button, scroll down to the attachments section and attach the notepad file here.
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
17-Jul-2012, 10:30 PM #7
The attached are the results from OTS
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
18-Jul-2012, 04:46 PM #8
Start OTS. Copy/Paste the information in the code box below into the pane where it says "Paste fix here" and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here please.

Code:
[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
YY -> HKLM\software\mozilla\Firefox\extensions\\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF} -> C:\Documents and Settings\Shivani\Local Settings\Application Data\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF} [C:\DOCUMENTS AND SETTINGS\SHIVANI\LOCAL SETTINGS\APPLICATION DATA\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF}]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.]
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List
YN -> "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" -> [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe]
[Registry - Additional Scans - Safe List]
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\
YN -> C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Adobe Gamma.lnk -> 
YN -> C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Stardock ObjectDock.lnk -> 
[Files/Folders - Created Within 30 Days]
NY ->  2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp
NY ->  1 C:\Documents and Settings\Chirag\Desktop\*.tmp files -> C:\Documents and Settings\Chirag\Desktop\*.tmp
[Files/Folders - Modified Within 30 Days]
NY ->  2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp
NY ->  1 C:\Documents and Settings\Chirag\Desktop\*.tmp files -> C:\Documents and Settings\Chirag\Desktop\*.tmp
[Files - No Company Name]
NY ->  mvgt2a381iyq4yl33050dawfmkmf0dv2v1 -> C:\Documents and Settings\All Users\Application Data\mvgt2a381iyq4yl33050dawfmkmf0dv2v1
NY ->  0k7s34l62qdub3brsk4t5l1pk53xn1085246dq -> C:\Documents and Settings\All Users\Application Data\0k7s34l62qdub3brsk4t5l1pk53xn1085246dq
NY ->  Jdolacan.dat -> C:\WINDOWS\Jdolacan.dat
NY ->  Uwijoxuq.bin -> C:\WINDOWS\Uwijoxuq.bin
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
[Start Explorer]
[Reboot]
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
18-Jul-2012, 10:43 PM #9
Hey I did completed that. Also noticed that the hidden files are now visible everywhere (desktop, documents, etc) Was that meant to happen?

All Processes Killed
[Registry - Safe List]
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF}\ not found.
C:\Documents and Settings\Shivani\Local Settings\Application Data\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF}\chrome\content folder moved successfully.
C:\Documents and Settings\Shivani\Local Settings\Application Data\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF}\chrome folder moved successfully.
C:\Documents and Settings\Shivani\Local Settings\Application Data\{FE3BFFDA-9DD9-41E7-876B-35872C6D86FF} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe deleted successfully.
[Registry - Additional Scans - Safe List]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Adobe Gamma.lnk\ deleted successfully.
File C:\WINDOWS\pss\dobe Gamma.lnk not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Chirag^Start Menu^Programs^Startup^Stardock ObjectDock.lnk\ deleted successfully.
File C:\WINDOWS\pss\tardock ObjectDock.lnk not found.
[Files/Folders - Created Within 30 Days]
C:\WINDOWS\System32\dllcache\SET145.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET146.tmp deleted successfully.
C:\Documents and Settings\Chirag\Desktop\~WRL0221.tmp deleted successfully.
[Files/Folders - Modified Within 30 Days]
[Files - No Company Name]
C:\Documents and Settings\All Users\Application Data\mvgt2a381iyq4yl33050dawfmkmf0dv2v1 moved successfully.
C:\Documents and Settings\All Users\Application Data\0k7s34l62qdub3brsk4t5l1pk53xn1085246dq moved successfully.
C:\WINDOWS\Jdolacan.dat moved successfully.
C:\WINDOWS\Uwijoxuq.bin moved successfully.
[Empty Temp Folders]


User: All Users

User: Chirag
->Temp folder emptied: 780414 bytes
->Temporary Internet Files folder emptied: 4636910 bytes
->Java cache emptied: 2947369 bytes
->FireFox cache emptied: 61745165 bytes
->Flash cache emptied: 50081 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 16786 bytes
->FireFox cache emptied: 40273943 bytes
->Flash cache emptied: 1499 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4112518 bytes
->Flash cache emptied: 3598 bytes

User: Shivani
->Temp folder emptied: 12038526 bytes
->Temporary Internet Files folder emptied: 690881 bytes
->Java cache emptied: 768288 bytes
->FireFox cache emptied: 79956152 bytes
->Flash cache emptied: 28695 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9315989 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 96396898 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 299.00 mb


[EMPTYFLASH]

User: All Users

User: Chirag
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Shivani
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Chirag
->Java cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: Shivani
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 07182012_222826

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6b8.dat not found!

Registry entries deleted on Reboot...
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
19-Jul-2012, 07:08 PM #10
Which files are you referring to?
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
19-Jul-2012, 10:19 PM #11
I guess the computer just needed a restart. They aren't there anymore, but the were pretty much ms word documents. I guess they were cached or something from a lot earlier.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
20-Jul-2012, 06:30 PM #12
Please post a new HijackThis log and let me know how things are with the computer now.
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
20-Jul-2012, 11:00 PM #13
Hey. The computer seems to be working better. Haven't really noticed any freezing yet, but then again I haven't really used the computer much, so I need some time to explore this weekend. One thing that is definitely still bothersome is that the start speed is very slow. It takes me quite sometime to boot up and when I log on to the account, it takes even longer.

I don't know if norton 360 is the only anti-virus program I have installed or not either. And I believe that is expired too, So would you recommend any particular anti-virus program I can install?

Those were the major concerns as of now.

The HijackThis log file is as follows:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:31 PM, on 7/20/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.trendmicro.com/tmasy/eol...690&HEIGHT=480
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {203C12EA-EF5A-4989-BD68-5844A877A9AF} (prjOCFTools.OCFTools) - http://ocf.rogershelp.com/prjOCFTools.CAB
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} (Cisco Systems WebVPN Relay Loader) - https://mytdsb.on.ca/+CSCOL+/relayp.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.tvucricket.com/player/vjocx-en-black.cab
O16 - DPF: {E68C89AA-554F-43F3-8D5E-9B36D873081B} (prjOCFTools.OCFTools) - http://rogershelp.com/ocf/prjOCFTools.CAB
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10797 bytes
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,879 posts.
 
Join Date: Aug 2003
21-Jul-2012, 12:42 PM #14
I only see Norton 360 installed but yes, it appears to be an outdated version so you should uninstall it and install another one. There are many to choose from but if you're paying then Eset Smart Security is a good one and it's light on resources. If you would like a free one you can try Avast or Avira Anti Vir.

After uninstalling Norton via the Control Panel - Add or Remove Programs, it's important to also run the removal tool to get rid of any leftovers:

See step 2 in the following link.

https://www-secure.symantec.com/nort...071130124653EN

Then reboot the computer after running the tool and before installing a new anti-virus program.

You should trim down your start-ups (these show as the 04 entries in your HijackThis log) as there are too many running. You can research them at these sites and if they aren’t required at start-up then you can uncheck them in msconfig via Start - Run - type msconfig click OK and then click on the start-up tab. This should enhance startup times.

http://www.systemlookup.com/lists.php?list=2
http://www.bleepingcomputer.com/startups/


Let me know how things are after doing the above please.
perfect's Avatar
perfect perfect is offline
Member with 264 posts.
THREAD STARTER
 
Join Date: Mar 2008
Experience: Beginner
23-Jul-2012, 11:26 PM #15
Hi. Sorry for the late reply. Has a busy weekend. I managed to uninstall Norton 360 and have truncated the start ups. Seems to be better but I'd give it sometime to make sure all is well.

Though some programs start time is quite slow like Mozilla for example.

Also one other issue I encountered after running the removal tool for Norton is that after restart, I get this dialogue box that is trying to install something but fails to because there is no disc in the drive. Its called the trayApp and I am unable to stop that dialogue box. (see attachment)
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑