Solved: C:\WINDOWS\system32\cmd.exe

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
Recently on starting up my computer, running XP, a box appears with this heading within a black background, with white letters referring to "PsKill v1.12 - Terminates processes on local or remote systems", etc, and "Unable to kill process mgrs: Process does not exist." Multiple lines of type follow the above, ending with "C:\WINDOWS\privacy_danger The system cannot find the file specified."

If I ignore this, or delete this box by striking the X in the upper right corner, my computer seems to work normally.

What does this mean? What if anything should I do about it?
 
Joined
Sep 7, 2004
Messages
49,014
NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

Download this file :

http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
or
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJack log in your next reply

Note:
Do not mouseclick combofix's window while its running. That may cause it to stall


=================
Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
 

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
Thank you. Here are the findings from the scans you prescribed. Await your further instructions. jjoek

Text apparently too long, so I will split this into two replies. jjoek

Apparently it is still too long, so I will split this into two parts. jjoek
"HP_Owner" - 2007-07-15 20:19:40 - ComboFix 07-07-13.8 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\cup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\customer_cup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\heart.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\plates.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\accessories\tray.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_diner.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\choosedifficulty.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\credits.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\help1.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\help2.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\highscores.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelintro_mask.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelover.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\levelover_mask.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\popup_mask.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upgradegrid.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upgradetitle.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\backgrounds\upsell.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowleft_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowleft_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowright_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\arrowright_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\back_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\back_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backchalk.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backchalkup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backtomenu_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\backtomenu_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\cancel.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\cancelup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\career.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\career_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\close.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\closeup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\continue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\continueover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\credits_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\credits_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\download_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\download_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\easy.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\easy_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\endlessshift.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\endlessshift_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\hard.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\hard_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\help.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\help_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\highscores.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\highscores_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\instructions_blue.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\instructions_yellow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\letsplay.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\letsplayover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\medium.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\medium_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\moreinfo.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\moreinfoup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\off.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\off_on.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\on.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\on_on.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\pause.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\pauseover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quit.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitgame.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitgameover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\quitover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\resumegame.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\resumegameover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\submit.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\submitup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\tryagain.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\tryagainover.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewglobal.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewglobalup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewhighscore.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewhighscoreon.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewlocal.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\buttons\viewlocalup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\comics\webcomic.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\career.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\customer.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\endless.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\global.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\config\powerups.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\cook.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\cook.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\old_male\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\blue\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\green\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\purple\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\red\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\anim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\anim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\customers\young_female\yellow\sit_legs.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\idle.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\lower.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\flo\upper.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\fonts\arial.mvec
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\fonts\komikaaxis.mvec
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\chair.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\dishcart.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_off.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_on1.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\drinkstation_on2.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\furniture\ticketstation.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowdown.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowdownon.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowleft.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowlefton.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowright.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowrighton.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\arrowupon.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\textedit.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\hiscore\title.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_a.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_b.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_1_c.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_a.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_b.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_c.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_2_d.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_a.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_b.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_c.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\endless_1_3_d.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\fifth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\first_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\fourth_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\layouts\second_level_diner.txt
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\playfirst_logo.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\background.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food1.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food1.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food2.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food2.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food3.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\food\food3.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\2top.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\tables\4top.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\diner\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\chooseplayer.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\chooserestaurant.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\credits.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\gothighscore.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\help.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\tutorialintro.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\webcomic.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\gamelabsplash.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\angersmoke.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\chairflags.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\clock.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\closingtime.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\coinflip.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\coffee.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\tables.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\doodles\wallpaper.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\expertscore.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\foodpoof.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\fork_timer.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\goalcompleted.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\heartgrow.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\jar.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\level.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\level_career.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\score.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\sound.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\staroff.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\staron.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tablenumber.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tablenumberup.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorial_character.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgradeanim.xml
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\drinks.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\maitred.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\oven.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\select.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\shoes.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\stereo.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\assets\ui\upgrades\table.png
C:\WINDOWS\DOWNLO~1.\DDSonic.1.0.0.92\dinerdash.exe



**************************************************************************

Completion time: 2007-07-15 20:26:13
C:\ComboFix-quarantined-files.txt ... 2007-07-15 20:26

--- E O F ---
 

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
This is the 2nd half of the first scan. jjoek

((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 )))))))))))))))))))))))))))))))


2007-07-15 20:16 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-15 13:47 <DIR> d-------- C:\Program Files\MSBuild
2007-07-15 13:44 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-07-15 13:42 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-07-15 13:41 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-07-14 17:52 <DIR> d-------- C:\DECCHECK
2007-07-10 07:34 <DIR> d-------- C:\Program Files\Win Stream plugin
2007-07-01 05:40 421 --a------ C:\WINDOWS\smc.bat
2007-06-23 10:11 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\DivX
2007-06-20 15:40 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2007-06-20 15:40 1,520,952 --a------ C:\WINDOWS\WRSetup.dll
2007-06-17 18:32 38,480 --------- C:\WINDOWS\system32\IJRMF.exe
2007-06-17 18:21 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\NewSoft
2007-06-17 17:22 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\Canon
2007-06-17 17:21 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\ArcSoft
2007-06-17 16:39 94,208 --a------ C:\WINDOWS\system32\ippcv11.dll
2007-06-17 16:39 77,824 --a------ C:\WINDOWS\system32\ippsr11.dll
2007-06-17 16:39 65,536 --a------ C:\WINDOWS\system32\ippj11.dll
2007-06-17 16:39 466,944 --a------ C:\WINDOWS\system32\ippcvw711.dll
2007-06-17 16:39 40,960 --a------ C:\WINDOWS\system32\IPPCPUID.DLL
2007-06-17 16:39 266,240 --a------ C:\WINDOWS\system32\ippsrw711.dll
2007-06-17 16:39 225,280 --a------ C:\WINDOWS\system32\ippi11.dll
2007-06-17 16:39 2,592,768 --a------ C:\WINDOWS\system32\ippiw711.dll
2007-06-17 16:39 176,128 --a------ C:\WINDOWS\system32\ipps11.dll
2007-06-17 16:39 159,744 --a------ C:\WINDOWS\system32\ippjw711.dll
2007-06-17 16:39 11,776 --a------ C:\WINDOWS\system32\pmsbfn32.dll
2007-06-17 16:39 1,589,248 --a------ C:\WINDOWS\system32\ippsw711.dll
2007-06-17 16:38 <DIR> d-------- C:\WINDOWS\system32\Color
2007-06-17 16:38 <DIR> d-------- C:\Program Files\NewSoft
2007-06-17 16:38 <DIR> d-------- C:\Program Files\Common Files\PDFView
2007-06-17 16:36 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-06-17 16:36 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\ScanSoft
2007-06-17 16:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
2007-06-17 16:35 <DIR> d-------- C:\Program Files\ScanSoft
2007-06-17 16:33 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2007-06-17 16:33 <DIR> d-------- C:\Program Files\ArcSoft
2007-06-17 16:32 <DIR> d-------- C:\Program Files\Common Files\CANON
2007-06-17 16:31 57,344 --a------ C:\WINDOWS\system32\CNQI4803.DLL
2007-06-17 16:31 229,376 --a------ C:\WINDOWS\system32\CNQL4803.DLL
2007-06-17 16:31 106,496 --a------ C:\WINDOWS\system32\cnqo4803.dll
2007-06-17 16:31 1,298,432 --a------ C:\WINDOWS\system32\CNQC4803.DLL
2007-06-17 16:31 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2007-06-17 16:31 <DIR> d--h----- C:\Program Files\CanonBJ
2007-06-17 16:29 <DIR> d-------- C:\Program Files\Canon
2007-06-16 18:08 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-06-15 19:24 <DIR> d-------- C:\Program Files\The Weather Channel FW


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-16 01:14:28 -------- d-----w C:\Program Files\Norton Personal Firewall
2007-07-16 00:16:05 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-07-15 00:58:49 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\SiteAdvisor
2007-07-05 01:18:36 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\OpenOffice.org2
2007-06-29 01:29:34 -------- d--h--w C:\DOCUME~1\HP_Owner\APPLIC~1\Move Networks
2007-06-24 20:52:05 164 ----a-w C:\install.dat
2007-06-22 01:43:52 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys
2007-06-22 01:43:52 21,816 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys
2007-06-22 01:43:52 160,056 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys
2007-06-17 23:39:09 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-17 01:10:44 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Real
2007-06-17 01:08:44 -------- d-----w C:\Program Files\Common Files\Real
2007-06-16 18:52:30 -------- d-----w C:\Program Files\Norton AntiVirus
2007-06-09 00:07:51 -------- d-----w C:\Program Files\Realtek AC97
2007-06-08 16:14:22 -------- d-----w C:\Program Files\Common Files\Visioneer Shared
2007-06-03 17:15:13 -------- d-----w C:\Program Files\Theorica Divx ;-) Codecs
2007-06-03 15:53:05 -------- d-----w C:\Program Files\QuickTime
2007-06-03 15:50:58 -------- d-----w C:\Program Files\Apple Software Update
2007-06-02 18:25:34 -------- d-----w C:\Program Files\DivX
2007-06-01 15:00:05 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Viewpoint
2007-06-01 00:31:00 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2007-05-31 23:45:19 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\RegistrySmart
2007-05-31 06:45:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-05-31 06:44:55 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-05-31 06:44:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-05-31 06:44:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-05-31 06:44:54 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-05-31 04:49:29 -------- d-----w C:\Program Files\Google
2007-05-29 00:23:44 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\AdobeAUM
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-14 15:42:14 226,688 ----a-w C:\WINDOWS\psexec.exe
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:24 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-04-23 00:15:24 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-04-23 00:15:24 116,472 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 05:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 05:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 05:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 05:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 05:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 05:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 05:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 05:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 05:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 05:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2007-04-16 22:28:22 577,536 ----a-w C:\WINDOWS\soundman.exe
2005-12-07 19:12:43 0 ----a-w C:\DOCUME~1\HP_Owner\APPLIC~1\wklnhst.dat
2005-08-01 00:16:48 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
2007-03-30 08:41 1099304 --a------ C:\Program Files\SiteAdvisor\6066\SiteAdv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
2005-09-24 21:20 94336 --a------ C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-05-30 21:49 2554944 -ra------ c:\program files\google\googletoolbar3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
2005-10-19 12:54 218736 --a------ C:\Program Files\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 08:01]
"VTTimer"="VTTimer.exe" []
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 C:\WINDOWS\ALCXMNTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 C:\WINDOWS\AGRSMMSG.exe]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-03 20:29]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 12:41]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19]
"RemoveWGA"="C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe" []
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 18:53 C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [2005-04-12 01:10 C:\WINDOWS\Alcmtr.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44]
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-11-22 12:50]
"Share-to-Web Namespace Daemon"="C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6028\SiteAdv.exe" [2006-07-31 08:03]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-06-16 18:08]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-06-21 18:57]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-29 06:54]
"DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2007-03-16 07:51]
"Safe Cleaner"="C:\WINDOWS\smc.bat" [2007-07-01 05:40]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PaperPort OneTouch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PaperPort OneTouch.lnk
backup=C:\WINDOWS\pss\PaperPort OneTouch.lnkCommon Startup


Contents of the 'Scheduled Tasks' folder
2007-07-12 21:59:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-16 01:11:47 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-07-14 15:35:14 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - HP_Owner.job
2007-07-15 10:30:00 C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
2007-07-15 11:00:04 C:\WINDOWS\tasks\wrSpySweeper_LB2C16B337B1143BD87F35D8F7E8DBA1E.job
2007-07-14 11:00:05 C:\WINDOWS\tasks\wrSpySweeper_LFD957F41335A4FACB730C67AEB1F089E.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-15 20:25:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-15 20:26:13
C:\ComboFix-quarantined-files.txt ... 2007-07-15 20:26

--- E O F ---
 

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
Here is the Hijackthis log. And, thank you again. jjoek

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:40 PM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.yahoo.com/;_ylt=AmLC6tLWhtj.PbaNhrYwGPqQlNEF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoveWGA] C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe -startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] "C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe"
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6028\SiteAdv.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Safe Cleaner] C:\WINDOWS\smc.bat
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...av=whole.swf&MediaDimensions=454x240::454x107
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2A510DC8-C9B5-4269-B9BA-E5B04D47D981} (CPlayFirstDDSonicControl Object) - http://www.shockwave.com/content/dinerdash/sis/DDSonic.1.0.0.92.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126316965078
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4581/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: (no name) - http://images2.shockwave.com/images/bg_sw.gif

--
End of file - 15988 bytes
 
Joined
Sep 7, 2004
Messages
49,014
You may want to print this or save it to notepad as we will go to safe mode.

Fix these with HiJackThis – mark them, close IE, click fix checked

O4 - HKLM\..\Run: [RemoveWGA] C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\1FNF59SE\RemoveWGA.exe -startup

O4 - HKCU\..\Run: [Safe Cleaner] C:\WINDOWS\smc.bat

DownLoad http://www.downloads.subratam.org/KillBox.zip or
http://www.thespykiller.co.uk/files/killbox.exe

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

C:\WINDOWS\smc.bat

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Not all temp files will delete and that is normal
Empty the recycle bin
Boot and post a new hijack log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
 

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
Your advice appears somewhat bewildering and over my level of knowledge. What do you mean "mark them, close IE, click fix checked" ? What do I do with the lines beginning with with O4 - ? What files will I be deleting from my computer? and do I need to replace them with anything? Do I have a virus?

I would appreciate some basic information as to what I will be doing and what are the possible consequences? Except for problems with streaming video using Windows Media Player, everything has been functioning satisfactorily.
 
Joined
Sep 7, 2004
Messages
49,014
Run hijack - scan only

Click in the box to the left of those 2 entries ONLY!

Close IE - at the bottom of hijack click fix checked

Your are removing those 2 bad entries

You will then remove this file which is bad - nothing to replace
C:\WINDOWS\smc.bat
 

jjoek

Thread Starter
Joined
Jul 14, 2007
Messages
19
Thank you very much.

I performed all tasks as you requested, including using Killbox in safe mode. The computer boots up without the previously mentioned box appearing.

Here is the new Hijack log after completion.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:32:13 PM, on 7/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.yahoo.com/;_ylt=AmLC6tLWhtj.PbaNhrYwGPqQlNEF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] "C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe"
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6028\SiteAdv.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...av=whole.swf&MediaDimensions=454x240::454x107
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2A510DC8-C9B5-4269-B9BA-E5B04D47D981} (CPlayFirstDDSonicControl Object) - http://www.shockwave.com/content/dinerdash/sis/DDSonic.1.0.0.92.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126316965078
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b327h/rnl/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4581/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: (no name) - http://images2.shockwave.com/images/bg_sw.gif

--
End of file - 15762 bytes

A problem preceeding this problem has been that a green screen comes up on wmv on streaming video, yet the sound is OK. Video is fine on other formats. My Windows Media Player is #11. Any advice for this problem?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top