1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: C:\WINDOWS\system32\cmd.exe

Discussion in 'All Other Software' started by jjoek, Jul 15, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    Recently on starting up my computer, running XP, a box appears with this heading within a black background, with white letters referring to "PsKill v1.12 - Terminates processes on local or remote systems", etc, and "Unable to kill process mgrs: Process does not exist." Multiple lines of type follow the above, ending with "C:\WINDOWS\privacy_danger The system cannot find the file specified."

    If I ignore this, or delete this box by striking the X in the upper right corner, my computer seems to work normally.

    What does this mean? What if anything should I do about it?
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

    Download this file :

    http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
    or
    http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

    Double click combofix.exe & follow the prompts.
    When finished, it shall produce a log for you. Post that log and a HiJack log in your next reply

    Note:
    Do not mouseclick combofix's window while its running. That may cause it to stall


    =================
    Click here to download HJTInstall.exe
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  3. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    Thank you. Here are the findings from the scans you prescribed. Await your further instructions. jjoek

    Text apparently too long, so I will split this into two replies. jjoek

    Apparently it is still too long, so I will split this into two parts. jjoek
    "HP_Owner" - 2007-07-15 20:19:40 - ComboFix 07-07-13.8 - Service Pack 2 NTFS


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\cup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\customer_cup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\heart.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\menu_down.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\menu_up.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\plates.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\ticket.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\tray.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\music\mainmenumusic.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_bring_check_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_diner.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_food_ready_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_gain_heart_1.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_pencil_write_2.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_rollover_1.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_seat_people_snd.ogg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\choosedifficulty.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\credits.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\flo_lose.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\flo_win.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\help1.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\help2.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\highscores.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelintro.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelintro_mask.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelover.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelover_mask.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\mainmenu.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\popup.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\popup_mask.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upgradegrid.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upgradetitle.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upsell.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowleft_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowleft_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowright_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowright_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\back_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\back_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backchalk.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backchalkup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backtomenu_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backtomenu_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\cancel.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\cancelup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\career.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\career_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\close.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\closeup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\continue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\continueover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\credits_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\credits_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\download_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\download_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\easy.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\easy_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\endlessshift.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\endlessshift_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\hard.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\hard_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\help.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\help_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\highscores.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\highscores_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\instructions_blue.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\instructions_yellow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\letsplay.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\letsplayover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\medium.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\medium_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\moreinfo.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\moreinfoup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\off.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\off_on.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\on.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\on_on.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\pause.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\pauseover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quit.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitgame.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitgameover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\resumegame.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\resumegameover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\submit.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\submitup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\tryagain.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\tryagainover.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\upgrade_over.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\upgrade_up.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewglobal.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewglobalup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewhighscore.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewhighscoreon.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewlocal.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewlocalup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\comics\webcomic.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\career.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\customer.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\endless.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\global.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\powerups.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\cook.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\cook.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\stove.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\arrow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\click.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\click2.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\grab.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\open.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\anim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\anim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\sit_legs.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\idle.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\idle.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\lower.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\lower.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\upper.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\upper.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\fonts\arial.mvec
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\fonts\komikaaxis.mvec
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\chair.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\chair.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dirt2top.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dirt4top.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dishcart.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dishcart.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_off.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_on1.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_on2.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\ticketstation.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\ticketstation.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowdown.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowdownon.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowleft.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowlefton.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowright.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowrighton.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowupon.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\p1icon.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\textedit.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\title.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_a.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_b.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_c.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_a.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_b.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_c.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_d.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_a.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_b.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_c.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_d.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\fifth_level_diner.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\first_level_diner.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\fourth_level_diner.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\second_level_diner.txt
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\playfirst_logo.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\background.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food1.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food1.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food2.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food2.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food3.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food3.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\frames\upgrade_0001.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\2top.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\2top.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\4top.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\4top.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\upgrades.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\tableshadow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\choosedifficulty.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\chooseplayer.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\chooserestaurant.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\credits.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\game.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\gothighscore.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\help.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\help2.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscore.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscoreinfo.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscoresubmit.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\levelintro.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\levelover.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\loading.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\mainloop.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\mainmenu.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\ok.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\pause.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\style.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\tutorialintro.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\upgrade.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\upsell.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\webcomic.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\yesno.lua
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\aol_logo.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\gamelabsplash.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\playfirst_logo.jpg
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\strings.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\angersmoke.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\angersmoke.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\chairflags.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\chairflags.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\check.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\checkmark.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\clock.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\closed.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\closingtime.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\coinflip.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\coinflip.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\dollar.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\coffee.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\tables.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\wallpaper.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\expert.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\expertscore.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\foodpoof.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\foodpoof.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\fork_timer.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\goalcompleted.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\heartgrow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\heartgrow.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\jar.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\jar.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\level.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\level_career.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\score.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\sound.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\staroff.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\staron.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tablenumber.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tablenumberup.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\traynumber.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorial_character.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorialarrow.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorialbox.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgradeanim.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgradeanim.xml
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\drinks.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\maitred.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\oven.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\select.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\shoes.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\stereo.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\table.png
    C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\dinerdash.exe



    **************************************************************************

    Completion time: 2007-07-15 20:26:13
    C:\ComboFix-quarantined-files.txt ... 2007-07-15 20:26

    --- E O F ---
     
  4. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    This is the 2nd half of the first scan. jjoek

    ((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 )))))))))))))))))))))))))))))))


    2007-07-15 20:16 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-07-15 13:47 <DIR> d-------- C:\Program Files\MSBuild
    2007-07-15 13:44 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
    2007-07-15 13:42 <DIR> d-------- C:\Program Files\Reference Assemblies
    2007-07-15 13:41 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2007-07-14 17:52 <DIR> d-------- C:\DECCHECK
    2007-07-10 07:34 <DIR> d-------- C:\Program Files\Win Stream plugin
    2007-07-01 05:40 421 --a------ C:\WINDOWS\smc.bat
    2007-06-23 10:11 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\DivX
    2007-06-20 15:40 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
    2007-06-20 15:40 1,520,952 --a------ C:\WINDOWS\WRSetup.dll
    2007-06-17 18:32 38,480 --------- C:\WINDOWS\system32\IJRMF.exe
    2007-06-17 18:21 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\NewSoft
    2007-06-17 17:22 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\Canon
    2007-06-17 17:21 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\ArcSoft
    2007-06-17 16:39 94,208 --a------ C:\WINDOWS\system32\ippcv11.dll
    2007-06-17 16:39 77,824 --a------ C:\WINDOWS\system32\ippsr11.dll
    2007-06-17 16:39 65,536 --a------ C:\WINDOWS\system32\ippj11.dll
    2007-06-17 16:39 466,944 --a------ C:\WINDOWS\system32\ippcvw711.dll
    2007-06-17 16:39 40,960 --a------ C:\WINDOWS\system32\IPPCPUID.DLL
    2007-06-17 16:39 266,240 --a------ C:\WINDOWS\system32\ippsrw711.dll
    2007-06-17 16:39 225,280 --a------ C:\WINDOWS\system32\ippi11.dll
    2007-06-17 16:39 2,592,768 --a------ C:\WINDOWS\system32\ippiw711.dll
    2007-06-17 16:39 176,128 --a------ C:\WINDOWS\system32\ipps11.dll
    2007-06-17 16:39 159,744 --a------ C:\WINDOWS\system32\ippjw711.dll
    2007-06-17 16:39 11,776 --a------ C:\WINDOWS\system32\pmsbfn32.dll
    2007-06-17 16:39 1,589,248 --a------ C:\WINDOWS\system32\ippsw711.dll
    2007-06-17 16:38 <DIR> d-------- C:\WINDOWS\system32\Color
    2007-06-17 16:38 <DIR> d-------- C:\Program Files\NewSoft
    2007-06-17 16:38 <DIR> d-------- C:\Program Files\Common Files\PDFView
    2007-06-17 16:36 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
    2007-06-17 16:36 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\ScanSoft
    2007-06-17 16:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    2007-06-17 16:35 <DIR> d-------- C:\Program Files\ScanSoft
    2007-06-17 16:33 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
    2007-06-17 16:33 <DIR> d-------- C:\Program Files\ArcSoft
    2007-06-17 16:32 <DIR> d-------- C:\Program Files\Common Files\CANON
    2007-06-17 16:31 57,344 --a------ C:\WINDOWS\system32\CNQI4803.DLL
    2007-06-17 16:31 229,376 --a------ C:\WINDOWS\system32\CNQL4803.DLL
    2007-06-17 16:31 106,496 --a------ C:\WINDOWS\system32\cnqo4803.dll
    2007-06-17 16:31 1,298,432 --a------ C:\WINDOWS\system32\CNQC4803.DLL
    2007-06-17 16:31 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
    2007-06-17 16:31 <DIR> d--h----- C:\Program Files\CanonBJ
    2007-06-17 16:29 <DIR> d-------- C:\Program Files\Canon
    2007-06-16 18:08 <DIR> d-------- C:\Program Files\Common Files\xing shared
    2007-06-15 19:24 <DIR> d-------- C:\Program Files\The Weather Channel FW


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-16 01:14:28 -------- d-----w C:\Program Files\Norton Personal Firewall
    2007-07-16 00:16:05 -------- d-----w C:\Program Files\Common Files\Symantec Shared
    2007-07-15 00:58:49 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\SiteAdvisor
    2007-07-05 01:18:36 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\OpenOffice.org2
    2007-06-29 01:29:34 -------- d--h--w C:\DOCUME~1\HP_Owner\APPLIC~1\Move Networks
    2007-06-24 20:52:05 164 ----a-w C:\install.dat
    2007-06-22 01:43:52 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys
    2007-06-22 01:43:52 21,816 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys
    2007-06-22 01:43:52 160,056 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys
    2007-06-17 23:39:09 -------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-06-17 01:10:44 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Real
    2007-06-17 01:08:44 -------- d-----w C:\Program Files\Common Files\Real
    2007-06-16 18:52:30 -------- d-----w C:\Program Files\Norton AntiVirus
    2007-06-09 00:07:51 -------- d-----w C:\Program Files\Realtek AC97
    2007-06-08 16:14:22 -------- d-----w C:\Program Files\Common Files\Visioneer Shared
    2007-06-03 17:15:13 -------- d-----w C:\Program Files\Theorica Divx ;-) Codecs
    2007-06-03 15:53:05 -------- d-----w C:\Program Files\QuickTime
    2007-06-03 15:50:58 -------- d-----w C:\Program Files\Apple Software Update
    2007-06-02 18:25:34 -------- d-----w C:\Program Files\DivX
    2007-06-01 15:00:05 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Viewpoint
    2007-06-01 00:31:00 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
    2007-05-31 23:45:19 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\RegistrySmart
    2007-05-31 06:45:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2007-05-31 06:44:55 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2007-05-31 06:44:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2007-05-31 06:44:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2007-05-31 06:44:54 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
    2007-05-31 04:49:29 -------- d-----w C:\Program Files\Google
    2007-05-29 00:23:44 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\AdobeAUM
    2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-05-14 15:42:14 226,688 ----a-w C:\WINDOWS\psexec.exe
    2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
    2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-04-23 00:15:24 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-04-23 00:15:24 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-04-23 00:15:24 116,472 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
    2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
    2007-04-17 05:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
    2007-04-17 05:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-17 05:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-17 05:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-17 05:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-17 05:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
    2007-04-17 05:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-17 05:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
    2007-04-17 05:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
    2007-04-17 05:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
    2007-04-16 22:28:22 577,536 ----a-w C:\WINDOWS\soundman.exe
    2005-12-07 19:12:43 0 ----a-w C:\DOCUME~1\HP_Owner\APPLIC~1\wklnhst.dat
    2005-08-01 00:16:48 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
    2007-03-30 08:41 1099304 --a------ C:\Program Files\SiteAdvisor\6066\SiteAdv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
    2005-09-24 21:20 94336 --a------ C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    2007-05-30 21:49 2554944 -ra------ c:\program files\google\googletoolbar3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
    2005-10-19 12:54 218736 --a------ C:\Program Files\Norton AntiVirus\NavShExt.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 08:01]
    "VTTimer"="VTTimer.exe" []
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 C:\WINDOWS\ALCXMNTR.EXE]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 C:\WINDOWS\AGRSMMSG.exe]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54]
    "Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-03 20:29]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 12:41]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19]
    "RemoveWGA"="C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe" []
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
    "AlcWzrd"="ALCWZRD.EXE" [2005-04-06 18:53 C:\WINDOWS\ALCWZRD.EXE]
    "Alcmtr"="ALCMTR.EXE" [2005-04-12 01:10 C:\WINDOWS\Alcmtr.exe]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44]
    "HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-11-22 12:50]
    "Share-to-Web Namespace Daemon"="C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42]
    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6028\SiteAdv.exe" [2006-07-31 08:03]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-06-16 18:08]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
    "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
    "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-06-21 18:57]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-29 06:54]
    "DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2007-03-16 07:51]
    "Safe Cleaner"="C:\WINDOWS\smc.bat" [2007-07-01 05:40]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PaperPort OneTouch.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PaperPort OneTouch.lnk
    backup=C:\WINDOWS\pss\PaperPort OneTouch.lnkCommon Startup


    Contents of the 'Scheduled Tasks' folder
    2007-07-12 21:59:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    2007-07-16 01:11:47 C:\WINDOWS\tasks\MP Scheduled Scan.job
    2007-07-14 15:35:14 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - HP_Owner.job
    2007-07-15 10:30:00 C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
    2007-07-15 11:00:04 C:\WINDOWS\tasks\wrSpySweeper_LB2C16B337B1143BD87F35D8F7E8DBA1E.job
    2007-07-14 11:00:05 C:\WINDOWS\tasks\wrSpySweeper_LFD957F41335A4FACB730C67AEB1F089E.job

    **************************************************************************

    catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-15 20:25:09
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-15 20:26:13
    C:\ComboFix-quarantined-files.txt ... 2007-07-15 20:26

    --- E O F ---
     
  5. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    Here is the Hijackthis log. And, thank you again. jjoek

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:33:40 PM, on 7/15/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\hphmon04.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\HPHipm11.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.yahoo.com/;_ylt=AmLC6tLWhtj.PbaNhrYwGPqQlNEF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RemoveWGA] C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe -startup
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] "C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6028\SiteAdv.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O4 - HKCU\..\Run: [Safe Cleaner] C:\WINDOWS\smc.bat
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...av=whole.swf&MediaDimensions=454x240::454x107
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
    O16 - DPF: {2A510DC8-C9B5-4269-B9BA-E5B04D47D981} (CPlayFirstDDSonicControl Object) - http://www.shockwave.com/content/dinerdash/sis/DDSonic.1.0.0.92.cab
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126316965078
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4581/mcfscan.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O24 - Desktop Component 0: (no name) - http://images2.shockwave.com/images/bg_sw.gif

    --
    End of file - 15988 bytes
     
  6. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    You may want to print this or save it to notepad as we will go to safe mode.

    Fix these with HiJackThis – mark them, close IE, click fix checked

    O4 - HKLM\..\Run: [RemoveWGA] C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe -startup

    O4 - HKCU\..\Run: [Safe Cleaner] C:\WINDOWS\smc.bat

    DownLoad http://www.downloads.subratam.org/KillBox.zip or
    http://www.thespykiller.co.uk/files/killbox.exe

    Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

    C:\WINDOWS\smc.bat

    Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

    START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

    Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

    Not all temp files will delete and that is normal
    Empty the recycle bin
    Boot and post a new hijack log from normal NOT safe mode

    Please give feedback on what worked/didn’t work and the current status of your system
     
  7. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    Your advice appears somewhat bewildering and over my level of knowledge. What do you mean "mark them, close IE, click fix checked" ? What do I do with the lines beginning with with O4 - ? What files will I be deleting from my computer? and do I need to replace them with anything? Do I have a virus?

    I would appreciate some basic information as to what I will be doing and what are the possible consequences? Except for problems with streaming video using Windows Media Player, everything has been functioning satisfactorily.
     
  8. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Run hijack - scan only

    Click in the box to the left of those 2 entries ONLY!

    Close IE - at the bottom of hijack click fix checked

    Your are removing those 2 bad entries

    You will then remove this file which is bad - nothing to replace
    C:\WINDOWS\smc.bat
     
  9. jjoek

    jjoek Thread Starter

    Joined:
    Jul 14, 2007
    Messages:
    19
    Thank you very much.

    I performed all tasks as you requested, including using Killbox in safe mode. The computer boots up without the previously mentioned box appearing.

    Here is the new Hijack log after completion.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:32:13 PM, on 7/17/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
    C:\PROGRA~1\Webshots\webshots.scr
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.yahoo.com/;_ylt=AmLC6tLWhtj.PbaNhrYwGPqQlNEF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] "C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6028\SiteAdv.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...av=whole.swf&MediaDimensions=454x240::454x107
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
    O16 - DPF: {2A510DC8-C9B5-4269-B9BA-E5B04D47D981} (CPlayFirstDDSonicControl Object) - http://www.shockwave.com/content/dinerdash/sis/DDSonic.1.0.0.92.cab
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126316965078
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4581/mcfscan.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O24 - Desktop Component 0: (no name) - http://images2.shockwave.com/images/bg_sw.gif

    --
    End of file - 15762 bytes

    A problem preceeding this problem has been that a green screen comes up on wmv on streaming video, yet the sound is OK. Video is fine on other formats. My Windows Media Player is #11. Any advice for this problem?
     
  10. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/596187

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice