WiredWX Hobby Weather ToolsLog in

 


descriptionSolvedNot Sure!!!

more_horiz
Hi There
Machines behavior is strange
Please help Smile...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:33 PM, on 2/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\WinZip E-Mail Companion\loadwzco.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=ae&l=en&s=bsd
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.xdrive.com/downloads/std_install/setup.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166117705421
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bluetooth Hid Switch Service - Cambridge Silicon Radio - C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11336 bytes

descriptionSolvedRe: Not Sure!!!

more_horiz
Looking okay, what problems are you having?

descriptionSolvedRe: Not Sure!!!

more_horiz
Belahzur wrote:
Looking okay, what problems are you having?


Internet seems to be very slow; since yesterday, this started after getting updates from microsoft
specially the "genuine office advantage tool" for MS office. Although MBAM and norton update without problems

Any idea what this "genuine advantage tool" is? how to remove it? it came along with the normal updates
from microsoft... Pls advise Thank You!

descriptionSolvedRe: Not Sure!!!

more_horiz
It's so you can get real programs like IE7, MSN9 and Microsoft Office.

descriptionSolvedRe: Not Sure!!!

more_horiz
Belahzur wrote:
It's so you can get real programs like IE7, MSN9 and Microsoft Office.


so u mean if this is installed on my machine then there is no problem.... should i remove it; but its not
showing in the uninstall list in the add remove programmes. whyis that ; is it becoz microsoft has "forced" this tool
in to my machine and now it permanently there... please excuse my concern becoz I dont have much idea about these
things....

what should i do now?????? Let me think

descriptionSolvedRe: Not Sure!!!

more_horiz
Every person that runs a real OS has that, you can switch it off next time you run a Windows Update.

Run these two tools, so if speed picks up.

Download ATF Cleaner

  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:

  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:

  • Click Opera at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Please download Purera.exe from HERE

  • First, unzip the program.
  • Double click Purera.exe to open it.
  • When it opens, press the "Clean" button.
  • This will open up a menu of options.
  • Tick the box that says "Check All"
  • Then press the "Clean Selected" button.
  • This will start the cleaning proccess.
  • For a minute or two, Purera.exe may act like it isn't responding, but let it run.
  • After it's done, it will make a log file of what it's removed.
  • Paste the log back here.

descriptionSolvedRe: Not Sure!!!

more_horiz
i am regularly using ATF cleaner and PureRa since my last encounter with Boackdoor.Tideserv!inf, which you helpmed me remove, i am not sure how to turn this thing off. I will do as suggested, becoz i do not run windows update manually
it is set to download and install automatically.

Thanks for everthing mate Thank You!

descriptionSolvedRe: Not Sure!!!

more_horiz
Here is the PureRa Log

RaProducts' PureRa v1.2
Log created at 22:31 on 11/02/2009
===================================

C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk << Deleted.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log << Deleted.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb0000B.log << Deleted.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res1.log << Deleted.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\14d19c27b28cc3990260d7191f6e0ff6c7483623 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\283f4a55bc4f8fbe47bd8100ea8997da5e21c3f4 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\2eb53198bf75db9eed13a4f1297285dd90468ac0 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\3dc173f8c7d24153dd41411e822b91ff9e4d7d82 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\3fd8807775936e6681e414dda78243be350045b2 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\5333d4f3be10ce6e7e784a5e11f3023dd1443de6 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\b763712ee43f0fd0430236022685ae9e6e5707bb << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\da035aba5f8023f69cb823ed32872d020ecab735 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e4e342744edc5be01dc675bfa9ddb682488ba682 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\spmsg.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\spuninst.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\_downloadprogress_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\_file_to_execute_.txt << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\_unpacked_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\_useselfcontained_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\advpack.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\dxtmsft.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\dxtrans.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\extmgr.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\icardie.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ie4uinit.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieakeng.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieaksie.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieakui.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieapfltr.dat << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieapfltr.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\iedkcs32.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieframe.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieframe.dll.mui << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\iernonce.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\iertutil.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\ieudinit.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\iexplore.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\inetcpl.cpl << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\jsproxy.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\msfeeds.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\msfeedsbs.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\mshtml.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\mshtmled.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\msrating.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\mstime.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\occache.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\pngfilt.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\url.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\urlmon.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\webcheck.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR\wininet.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2GDR << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\advpack.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\dxtmsft.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\dxtrans.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\extmgr.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\icardie.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ie4uinit.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieakeng.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieaksie.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieakui.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieapfltr.dat << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieapfltr.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\iedkcs32.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieframe.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieframe.dll.mui << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\iernonce.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\iertutil.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\ieudinit.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\iexplore.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\inetcpl.cpl << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\jsproxy.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\msfeeds.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\msfeedsbs.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\mshtml.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\mshtmled.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\msrating.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\mstime.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\occache.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\pngfilt.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\url.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\urlmon.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\webcheck.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE\wininet.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\SP2QFE << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\branches.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\eula.txt << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\KB961260-IE7.CAT << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\spcustom.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\update.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\update.ver << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\updatebr.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\update_SP2GDR.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\update_SP2QFE.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update\updspapi.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092\update << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\21b9c2f7b1db683e3d83bfb825d32092 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\36bcbf08407580f3a7fc63abb6f737c5\OGANotifier.cab << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\36bcbf08407580f3a7fc63abb6f737c5 << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\5c625a4f3d8c05023235bf32b2d11bfc\OUTLFLTR.CAB << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\5c625a4f3d8c05023235bf32b2d11bfc << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\spmsg.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\spuninst.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\_downloadprogress_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\_file_to_execute_.txt << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\_unpacked_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\_useselfcontained_.state << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\branches.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\eula.txt << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\KB960715.CAT << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\spcustom.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\update.exe << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\update.ver << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\updatebr.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\update_SP3GDR.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\update_SP3QFE.inf << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update\updspapi.dll << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c\update << Deleted.
C:\WINDOWS\SoftwareDistribution\Download\e32e42b86ada41fe0c947743c71f222c << Deleted.
C:\Documents and Settings\Admin\Application Data\Microsoft\MSN Messenger\2894426638\sqmdata00.sqm << Deleted.
C:\Documents and Settings\Admin\Application Data\Microsoft\MSN Messenger\2894426638\sqmnoopt00.sqm << Deleted.
C:\Documents and Settings\Admin\Local Settings\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db << Deleted.
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\History\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\History\History.IE5\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\63HSMBQR\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\97N90Y89\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\O19XPGUO\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\R1Q28P3E\desktop.ini << Deleted.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\WNDOCOEQ\desktop.ini << Deleted.

descriptionSolvedRe: Not Sure!!!

more_horiz
the remaining log

C:\Documents and Settings\All Users\Documents\desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Music\Desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Pictures\Desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Pictures\Image Editor\Default Archive\Thumbs.db << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\desktop.ini << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db << Unable to Delete.
C:\Documents and Settings\All Users\Documents\My Videos\Desktop.ini << Unable to Delete.
C:\Documents and Settings\LocalService\Local Settings\desktop.ini << Deleted.
C:\Documents and Settings\LocalService\Local Settings\History\desktop.ini << Deleted.
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini << Deleted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini << Deleted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini << Deleted.
C:\Documents and Settings\NetworkService\Local Settings\desktop.ini << Deleted.
C:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini << Deleted.
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini << Deleted.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini << Deleted.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini << Deleted.
C:\RECYCLER\S-1-5-21-932494222-3759766774-4260494417-1006\desktop.ini << Deleted.
C:\WINDOWS\assembly\Desktop.ini << Unable to Delete.
C:\WINDOWS\Tasks\desktop.ini << Unable to Delete.

Total Space Freed: -54556149 bytes

===================================
-EOF-

descriptionSolvedRe: Not Sure!!!

more_horiz
There is also alot of stuff in the run key which may cause lag, if we stop some of these, it should take some weight off the processor.

If you want to do that, post a new Hijack This log.

descriptionSolvedRe: Not Sure!!!

more_horiz
Belahzur wrote:
There is also alot of stuff in the run key which may cause lag, if we stop some of these, it should take some weight off the processor.

If you want to do that, post a new Hijack This log.


Apologies for the delay; below is the HJT log as required
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:46:00 AM, on 2/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\WinZip E-Mail Companion\loadwzco.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=ae&l=en&s=bsd
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.xdrive.com/downloads/std_install/setup.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166117705421
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bluetooth Hid Switch Service - Cambridge Silicon Radio - C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11547 bytes

descriptionSolvedRe: Not Sure!!!

more_horiz
Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
    O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p


  • Press "Fix Checked"
  • Close Hijack This.

Reboot normally.
Any difference now?

descriptionSolvedRe: Not Sure!!!

more_horiz
Since this issue has been addressed, a "solved" tag will be added and this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.

descriptionSolvedRe: Not Sure!!!

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum