Computer moving slowly

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
Hello all!

I have windows vista and it is moving very slowly...I'm also getting errors about high disk read usage. Any help will be appreciated.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:57:18 PM, on 11/2/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071122
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z018&form=ZGAPHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071122
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIOMyMemCenter] "C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" 1
O4 - HKLM\..\Run: [VWLASU] "C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe"
O4 - HKLM\..\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder 5\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [VAIORegistration] "C:\Program Files\Sony\First Experience\WelcomeLauncher.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Summer/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg

--
End of file - 11891 bytes


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Summer C at 20:04:09 on 2011-11-02
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1504 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\taskeng.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071122
uSearch Bar =
uStart Page = hxxp://www.bing.com/?pc=Z018&form=ZGAPHP
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.6\youtubedownloaderToolbarIE.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.1.0.29\ips\IPSBHO.DLL
BHO: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - c:\program files\freecordertoolbar\vmntemplateX.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.6\youtubedownloaderToolbarIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
TB: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - c:\program files\freecordertoolbar\vmntemplateX.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.6\youtubedownloaderToolbarIE.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIOMyMemCenter] "c:\program files\sony\vaio my memory center\VAIO MyMemCenter.exe" 1
mRun: [VWLASU] "c:\program files\sony\vaio wireless wizard\AutoLaunchWLASU.exe"
mRun: [VAIO Help and Support Demo] "c:\program files\sony\vaio help and support demo\LaunchVHSD.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [KMCONFIG] c:\program files\ihome\keyboard & mouse driver\StartAutorun.exe KMConfig.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [Freecorder FLV Service] "c:\program files\freecorder 5\FLVSrvc.exe" /run
mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run
mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
mRun: [VAIORegistration] "c:\program files\sony\first experience\WelcomeLauncher.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00D58EBC-8C73-4F18-8E06-7573A3C69C79} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5334C27A-ED3B-42E5-A596-701DF4AA2B10} : DhcpNameServer = 192.168.42.129
TCP: Interfaces\{53D9ACF5-0346-4E2B-9722-D525BE9B1D84} : DhcpNameServer = 192.168.27.25 192.168.27.28
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\summer c\appdata\roaming\mozilla\firefox\profiles\v3ln9j0u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\summer c\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\summer c\appdata\roaming\move networks\plugins\npqmp071706000001.dll
.
---- FIREFOX POLICIES ----

============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\symds.sys [2011-10-22 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\symefa.sys [2011-10-22 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20111027.001\BHDrvx86.sys [2011-11-2 818808]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20111031.030\IDSvix86.sys [2011-11-2 368248]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsld43dfc6f;MpKsld43dfc6f;c:\programdata\microsoft\microsoft antimalware\definition updates\{dddc8523-adb7-4dfa-b4f1-07f6e5ffca90}\MpKsld43dfc6f.sys [2011-11-2 28752]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys [2011-10-22 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0501000.01d\symtdiv.sys [2011-10-22 331384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\ihome\keyboard & mouse driver\KMWDSrv.exe [2008-6-23 208896]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-30 366152]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.1.0.29\ccsvchst.exe [2011-10-22 130008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-3-31 333088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-2 105592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-30 22216]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-3-31 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-3-31 812544]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-5-28 234888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-22 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-22 8320]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-3-31 87328]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-4-29 104288]
S4 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-4-29 350048]
S4 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-4-29 63328]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-11-03 00:53:38 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{dddc8523-adb7-4dfa-b4f1-07f6e5ffca90}\MpKsld43dfc6f.sys
2011-11-03 00:53:32 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{dddc8523-adb7-4dfa-b4f1-07f6e5ffca90}\offreg.dll
2011-11-02 17:55:20 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{dddc8523-adb7-4dfa-b4f1-07f6e5ffca90}\mpengine.dll
2011-10-31 00:56:49 -------- d-----w- c:\users\summer c\appdata\roaming\Malwarebytes
2011-10-31 00:56:35 -------- d-----w- c:\programdata\Malwarebytes
2011-10-31 00:56:30 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-31 00:56:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-31 00:23:55 388096 ----a-r- c:\users\summer c\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-10-31 00:23:51 -------- d-----w- c:\program files\Trend Micro
2011-10-22 22:44:20 331384 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\symtdiv.sys
2011-10-22 22:44:20 296568 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\symnets.sys
2011-10-22 22:44:19 744568 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\symefa.sys
2011-10-22 22:44:19 516216 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\srtsp.sys
2011-10-22 22:44:19 50168 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\srtspx.sys
2011-10-22 22:44:19 340088 ----a-w- c:\windows\system32\drivers\n360\0501000.01d\symds.sys
2011-10-22 22:44:19 136312 ----a-r- c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys
2011-10-22 22:43:16 -------- d-----w- c:\windows\system32\drivers\n360\0501000.01D
2011-10-22 20:11:53 -------- d-----w- c:\program files\iTunes
2011-10-22 20:01:08 -------- d-----w- c:\program files\Bonjour
2011-10-22 19:59:56 27888 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-10-13 21:05:13 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-13 21:05:13 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 21:05:13 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 21:05:12 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-13 21:05:11 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 21:04:56 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-10-13 21:04:51 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 21:04:51 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 21:04:51 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 21:04:50 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-11 12:34:46 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d1059b0-1dbb-4f96-ba63-e5c65f3e97fe}\gapaengine.dll
.
==================== Find3M ====================
.
2011-10-30 22:58:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 22:44:24 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-31 04:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 04:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
.
============= FINISH: 20:05:27.41 ===============

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-11-02 20:10:54
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.LB01
Running: 081ne679.exe; Driver: C:\Users\SUMMER~1\AppData\Local\Temp\ugtiypow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Ip SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----
 

Attachments

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Hi and welcome to TSG!

There are a few questionable items in your logs.

You are also using two anti-virus programs (Microsoft Security Essentials and Norton). You only need one anti-virus program. Having more than one can cause conflicts and it will eat up your CPU's resources.

Your Java is also outdated.

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT! Save ComboFix.exe to your Desktop


Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools


Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.


Double click on ComboFix.exe & follow the prompts.

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
 

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
ComboFix 11-11-05.02 - Summer C 11/05/2011 12:45:18.1.2 - x86
Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.3062.1278 [GMT -5:00]
Running from: c:\users\Summer C\Desktop\ComboFix22.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-05 to 2011-11-05 )))))))))))))))))))))))))))))))
.
.
2011-11-05 16:51 . 2011-10-03 10:06 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\REN80F.tmp
2011-11-05 16:47 . 2011-11-05 16:47 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4F79AF89-3606-4B24-8BD1-B98145119CD4}\offreg.dll
2011-11-05 16:47 . 2011-10-18 07:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4F79AF89-3606-4B24-8BD1-B98145119CD4}\mpengine.dll
2011-11-03 01:29 . 2011-11-03 01:30 -------- d-----w- c:\program files\NT Registry Optimizer
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\users\Summer C\AppData\Roaming\Malwarebytes
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-31 00:56 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-31 00:23 . 2011-10-31 00:23 388096 ----a-r- c:\users\Summer C\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-31 00:23 . 2011-10-31 00:23 -------- d-----w- c:\program files\Trend Micro
2011-10-22 22:43 . 2011-10-23 23:29 -------- d-----w- c:\windows\system32\drivers\N360\0501000.01D
2011-10-22 20:11 . 2011-10-22 20:14 -------- d-----w- c:\program files\iTunes
2011-10-22 20:01 . 2011-10-22 20:01 -------- d-----w- c:\program files\Bonjour
2011-10-22 19:59 . 2011-07-06 17:44 27888 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-10-13 21:05 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 21:05 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 21:05 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-13 21:05 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-13 21:05 . 2011-09-06 13:30 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 21:04 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-13 21:04 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 21:04 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 21:04 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 21:04 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 22:58 . 2011-08-29 21:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 22:44 . 2010-08-02 02:00 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-10-03 10:06 . 2010-04-29 00:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-31 04:05 . 2011-08-31 04:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 04:05 . 2011-08-31 04:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-09-29 06:53 . 2011-03-24 21:58 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-02-11 19:40 365960 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-03-16 11:59 81920 ----a-w- c:\program files\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files\freecordertoolbar\vmntemplateX.dll" [2011-03-16 81920]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2008-02-03 00:27 303104 ----a-w- c:\ddi\OverIcon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-23 4718592]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KMCONFIG"="c:\program files\iHome\Keyboard & Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-08-17 534880]
"Freecorder FLV Service"="c:\program files\Freecorder 5\FLVSrvc.exe" [2011-03-24 167936]
"Ask and Record FLV Service"="c:\program files\Ask & Record Toolbar\FLVSrvc.exe" [2009-03-10 156672]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files\google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-06 06:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddoctorv2]
2008-04-24 18:25 202560 ----a-w- c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Software]
2009-04-24 07:57 1025320 ----a-w- c:\program files\Common Files\supportsoft\bin\bcont.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 23:06 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 02:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 23:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2007-07-20 22:30 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMpTtray.exe]
2008-03-09 17:26 86016 ----a-w- c:\program files\Sony\VAIO Media plus\VMpTtray.exe
.
R1 MpKsl5d45834c;MpKsl5d45834c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F62B2D2C-4A13-4462-AC16-FFEBABD481CA}\MpKsl5d45834c.sys [x]
R1 MpKsl74399207;MpKsl74399207;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F72F227F-B50B-4371-A7C4-4AC1278AADA7}\MpKsl74399207.sys [x]
R1 MpKsl74da7f54;MpKsl74da7f54;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0362B88-DC10-443A-9427-429B6A8A45E2}\MpKsl74da7f54.sys [x]
R1 MpKsl7b2ff0e0;MpKsl7b2ff0e0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9C991D-8B09-4040-AC97-CADDEB9FA5D0}\MpKsl7b2ff0e0.sys [x]
R1 MpKsl80314b8d;MpKsl80314b8d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47979C40-85DC-4C2E-9B6B-D81EA86E6673}\MpKsl80314b8d.sys [x]
R1 MpKsla1f41074;MpKsla1f41074;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF4B5DB8-9F39-434C-9390-46B044A517A8}\MpKsla1f41074.sys [x]
R1 MpKslb50d45bf;MpKslb50d45bf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F62B2D2C-4A13-4462-AC16-FFEBABD481CA}\MpKslb50d45bf.sys [x]
R1 MpKslb78d0ada;MpKslb78d0ada;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83DF0CBF-3B00-41F4-8FE2-C3441AC0113B}\MpKslb78d0ada.sys [x]
R1 MpKslc39c20e3;MpKslc39c20e3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25376165-CB56-4BD0-AEF1-8C33157D5E78}\MpKslc39c20e3.sys [x]
R1 MpKsld43dfc6f;MpKsld43dfc6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDDC8523-ADB7-4DFA-B4F1-07F6E5FFCA90}\MpKsld43dfc6f.sys [x]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-11 234888]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2008-08-22 18688]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2008-08-22 8320]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288]
R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048]
R4 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111027.001\BHDrvx86.sys [2011-10-15 818808]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111104.030\IDSvix86.sys [2011-10-21 368248]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS [2011-03-22 331384]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe [2008-06-24 208896]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - EraserUtilDrv11113
*Deregistered* - MpNWMon
*Deregistered* - NisDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2010-12-15 c:\windows\Tasks\User_Feed_Synchronization-{64D3C93E-361F-433D-9687-5FC9E4541CD4}.job
- c:\windows\system32\msfeedssync.exe [2011-04-06 16:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/?pc=Z018&form=ZGAPHP
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Summer C\AppData\Roaming\Mozilla\Firefox\Profiles\v3ln9j0u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-MSN Toolbar - c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
MSConfigStartUp-Windows Mobile Device Center - c:\windows\WindowsMobile\wmdc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-05 12:56
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\5.1.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5820)
c:\users\Summer C\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\ddi\overicon.dll
c:\program files\Norton Security Suite\Engine\5.1.0.29\buShell.dll
.
Completion time: 2011-11-05 13:02:04
ComboFix-quarantined-files.txt 2011-11-05 18:02
.
Pre-Run: 138,946,768,896 bytes free
Post-Run: 138,885,050,368 bytes free
.
- - End Of File - - B16B7BBBB82C270D4B658951E2067ED6
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Run Hijack This and click Open the Misc Tools section.
Click Open Uninstall Manager > Save list and save the log to your Desktop.
A list of programs will open in Notepad. Post the contents of this log.
______________________________________________________________________________________________


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Download the latest version of Java Runtime Environment (JRE) 6 and save it to your desktop.
  • Scroll down to where it says "Java SE Runtime Environment (JRE) - JRE 6 Update 29 -"
  • Click the "Download" button to the right.
  • Select the Windows platform from the dropdown menu.
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6u29 with JavaFX 1 License Agreement". Click on Continue.The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u29-windows-i586-p.exe to install the newest version.
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.

To test your Java Run-time, you may go to this page http://www.java.com/en/download/help/testvm.xml
When all is well, you should see Java Version: 1.6.0_29 from Sun Microsystems Inc.
___________________________________________________________________________________________________
 

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.3
Alps Pointing-device for VAIO
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask & Record Toolbar 4.00
Ask Toolbar
Bonjour
Click to Disc
Click to Disc Editor
Comcast Desktop Software (v1.2.0.9)
Corel Paint Shop Pro Photo X2
D3DX10
Desktop Doctor
Freecorder 5
Freecorder Toolbar
Google Calendar Sync
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iHome Keyboard & Mouse Driver
Intel(R) Graphics Media Accelerator Driver
iPhone Configuration Utility
iTunes
Java(TM) 6 Update 29
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.2.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Netflix Movie Viewer
Norton Security Suite
NTREGOPT 1.1j
OGA Notifier 2.0.0048.0
OpenMG Secure Module 5.0.00
QuickTime
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Segoe UI
Setting Utility Series
SonicStage Mastering Studio Audio Filter Custom Preset
Sony Video Shared Library
Symantec Technical Support Web Controls
Time Zone Data Update Tool for Microsoft Office Outlook
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media plus
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO My Memory Center
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO Power Management
VAIO Startup Assistant
VAIO Survey
VAIO Update 3
VAIO Wallpaper Contents
VAIO Wireless Wizard
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Feb. 2008 DST Updates
WinDVD for VAIO
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YouTube Downloader 2.7.1
YouTube Downloader Toolbar v4.6
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Just some quick questions first...

The Freecorder Toolbar is "open for debate" - is this something you use and find trustworthy?

Did you remove Microsoft Security Essentials and keep Norton instead?
 

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
I do use the freecorder as an audio recorder, but it is something that I can get rid of if need be and yes I did remove MSE and keep norton.
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Open Notepad and copy and paste the text in the quote box below into it:



Folder::
c:\program files\Common Files\Spigot


Save the file to you desktop and name it CFScript.txt

Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.







This will start ComboFix again. It may ask to reboot.

Post the contents of Combofix.txt in your next reply together with a new HijackThis log.
 

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
ComboFix 11-11-09.02 - Summer C 11/09/2011 19:18:21.2.2 - x86
Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.3062.1723 [GMT -6:00]
Running from: c:\users\Summer C\Desktop\ComboFix22.exe
Command switches used :: c:\users\Summer C\Desktop\CFSCRIPT.txt
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\config.ini
c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files\Common Files\Spigot\wtxpcom\chrome.manifest
c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5
c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6
c:\program files\Common Files\Spigot\wtxpcom\install.rdf
.
.
((((((((((((((((((((((((( Files Created from 2011-10-10 to 2011-11-10 )))))))))))))))))))))))))))))))
.
.
2011-11-10 01:29 . 2011-11-10 01:30 -------- d-----w- c:\users\Summer C\AppData\Local\temp
2011-11-10 01:29 . 2011-11-10 01:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-09 03:12 . 2011-11-09 03:12 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\RENFCB1.tmp
2011-11-09 03:03 . 2011-11-09 03:03 -------- d-----w- c:\windows\Sun
2011-11-05 17:42 . 2011-11-05 18:02 -------- d-----w- C:\ComboFix22
2011-11-05 16:47 . 2011-10-18 07:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4F79AF89-3606-4B24-8BD1-B98145119CD4}\mpengine.dll
2011-11-03 01:29 . 2011-11-03 01:30 -------- d-----w- c:\program files\NT Registry Optimizer
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\users\Summer C\AppData\Roaming\Malwarebytes
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-31 00:56 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-31 00:56 . 2011-10-31 00:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-31 00:23 . 2011-10-31 00:23 388096 ----a-r- c:\users\Summer C\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-31 00:23 . 2011-10-31 00:23 -------- d-----w- c:\program files\Trend Micro
2011-10-22 22:43 . 2011-10-23 23:29 -------- d-----w- c:\windows\system32\drivers\N360\0501000.01D
2011-10-22 20:11 . 2011-10-22 20:14 -------- d-----w- c:\program files\iTunes
2011-10-22 20:01 . 2011-10-22 20:01 -------- d-----w- c:\program files\Bonjour
2011-10-22 19:59 . 2011-07-06 17:44 27888 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-10-13 21:05 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 21:05 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 21:05 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-13 21:05 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-13 21:05 . 2011-09-06 13:30 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 21:04 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-13 21:04 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 21:04 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 21:04 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 21:04 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-09 03:12 . 2010-04-29 00:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-30 22:58 . 2011-08-29 21:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 22:44 . 2010-08-02 02:00 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-08-31 04:05 . 2011-08-31 04:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 04:05 . 2011-08-31 04:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-09-29 06:53 . 2011-03-24 21:58 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-02-11 19:40 365960 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-03-16 11:59 81920 ----a-w- c:\program files\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files\freecordertoolbar\vmntemplateX.dll" [2011-03-16 81920]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2008-02-03 00:27 303104 ----a-w- c:\ddi\OverIcon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-23 4718592]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KMCONFIG"="c:\program files\iHome\Keyboard & Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"Freecorder FLV Service"="c:\program files\Freecorder 5\FLVSrvc.exe" [2011-03-24 167936]
"Ask and Record FLV Service"="c:\program files\Ask & Record Toolbar\FLVSrvc.exe" [2009-03-10 156672]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files\google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-06 06:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddoctorv2]
2008-04-24 18:25 202560 ----a-w- c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Software]
2009-04-24 07:57 1025320 ----a-w- c:\program files\Common Files\supportsoft\bin\bcont.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 23:06 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 02:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 23:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2007-07-20 22:30 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMpTtray.exe]
2008-03-09 17:26 86016 ----a-w- c:\program files\Sony\VAIO Media plus\VMpTtray.exe
.
R1 MpKsl5d45834c;MpKsl5d45834c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F62B2D2C-4A13-4462-AC16-FFEBABD481CA}\MpKsl5d45834c.sys [x]
R1 MpKsl74399207;MpKsl74399207;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F72F227F-B50B-4371-A7C4-4AC1278AADA7}\MpKsl74399207.sys [x]
R1 MpKsl74da7f54;MpKsl74da7f54;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0362B88-DC10-443A-9427-429B6A8A45E2}\MpKsl74da7f54.sys [x]
R1 MpKsl7b2ff0e0;MpKsl7b2ff0e0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9C991D-8B09-4040-AC97-CADDEB9FA5D0}\MpKsl7b2ff0e0.sys [x]
R1 MpKsl80314b8d;MpKsl80314b8d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47979C40-85DC-4C2E-9B6B-D81EA86E6673}\MpKsl80314b8d.sys [x]
R1 MpKsla1f41074;MpKsla1f41074;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF4B5DB8-9F39-434C-9390-46B044A517A8}\MpKsla1f41074.sys [x]
R1 MpKslb50d45bf;MpKslb50d45bf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F62B2D2C-4A13-4462-AC16-FFEBABD481CA}\MpKslb50d45bf.sys [x]
R1 MpKslb78d0ada;MpKslb78d0ada;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83DF0CBF-3B00-41F4-8FE2-C3441AC0113B}\MpKslb78d0ada.sys [x]
R1 MpKslc39c20e3;MpKslc39c20e3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25376165-CB56-4BD0-AEF1-8C33157D5E78}\MpKslc39c20e3.sys [x]
R1 MpKsld43dfc6f;MpKsld43dfc6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDDC8523-ADB7-4DFA-B4F1-07F6E5FFCA90}\MpKsld43dfc6f.sys [x]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-11 234888]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2008-08-22 18688]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2008-08-22 8320]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288]
R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048]
R4 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111027.001\BHDrvx86.sys [2011-10-15 818808]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111107.032\IDSvix86.sys [2011-10-21 368248]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS [2011-03-22 331384]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe [2008-06-24 208896]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-10-10 105592]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2010-12-15 c:\windows\Tasks\User_Feed_Synchronization-{64D3C93E-361F-433D-9687-5FC9E4541CD4}.job
- c:\windows\system32\msfeedssync.exe [2011-04-06 16:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/?pc=Z018&form=ZGAPHP
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Summer C\AppData\Roaming\Mozilla\Firefox\Profiles\v3ln9j0u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-09 19:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\5.1.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-11-09 19:35:14
ComboFix-quarantined-files.txt 2011-11-10 01:35
ComboFix2.txt 2011-11-05 18:02
.
Pre-Run: 137,417,502,720 bytes free
Post-Run: 137,378,865,152 bytes free
.
- - End Of File - - 3584CB9A2AC391DA85EE67C7F4D6604D
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:37:24 PM, on 11/9/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\ComboFix2227380C\PEV.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z018&form=ZGAPHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071122
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIOMyMemCenter] "C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" 1
O4 - HKLM\..\Run: [VWLASU] "C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe"
O4 - HKLM\..\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder 5\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [VAIORegistration] "C:\Program Files\Sony\First Experience\WelcomeLauncher.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Summer/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg

--
End of file - 10622 bytes
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Okay so it looks better now.

What's left are things that are unnecessary that can be disabled to help boost speed.

Not sure if I asked but how much RAM does the computer have?
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Okay here's what you will do.

Click on the Vista start icon in the bottom left corner of your screen.
Type MSCONFIG in the search box and then either press enter on your keyboard or double-click on the MSCONFIG program that appears in the search results.
To prevent you from accidentally making changes that could destabilize your computer, Vista asks you for permission to continue. You may see a box asking you to key in your computer's administrator user name and password.
Or, if you're already logged into Vista as an administrator, you may see a box asking you if you would like to continue.
Either way, follow the on-screen prompts to give Vista permission to continue.
Once you have successfully passed through Microsoft's User Account Control roadblock, Vista will launch Microsoft's System Configuration Utility. Click on the Startup tab.
This takes you to a page with a list of "startup items." Startup items are programs that are automatically loaded every time you turn on your computer. Some startup programs are absolutely necessary, others are simply a waste of RAM.

What we will do is UNCHECK the unnecessary programs from running at Startup. You have quite a few so we can start with the obvious ones.
The following can be unchecked:

[Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
[AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[Freecorder FLV Service] "C:\Program Files\Freecorder 5\FLVSrvc.exe" /run
[Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
[VAIORegistration] "C:\Program Files\Sony\First Experience\WelcomeLauncher.exe"
[APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
[SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
Google Calendar Sync.lnk = C:\Program Files\google\Google Calendar Sync\GoogleCalendarSync.exe

Once those are unchecked, click APPLY then click the OK button.
A message will pop up telling you that you must restart your computer before these changes will take effect. Click on "Restart" and your computer will automatically reboot.

Once it reboots, please run HijackThis again and post the log.
 

smoorm1

Thread Starter
Joined
Oct 30, 2011
Messages
10
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:26:57 PM, on 11/13/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\SFT\GuardedID\GIDD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Constant Guard Protection Suite\IDVault.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z018&form=ZGAPHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071122
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Constant Guard Protection Suite (COM) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files\Constant Guard Protection Suite\NativeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIOMyMemCenter] "C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" 1
O4 - HKLM\..\Run: [VWLASU] "C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe"
O4 - HKLM\..\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GIDDesktop] C:\Program Files\SFT\GuardedID\gidd.exe /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Constant Guard.lnk = C:\Program Files\Constant Guard Protection Suite\IDVault.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CGPS Service (IDVaultSvc) - White Sky, Inc. - C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\iHome\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Summer/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg

--
End of file - 9428 bytes
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top