Tech Support Forum banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
7 Posts
Discussion Starter · #1 · (Edited)
Hello. =)

The computer I'm using (an HP Pavillion a1101n, with Windows XP) is a family computer that anyone in my home can access.

For the past few days, I've been doing a sort of "spring cleaning" with the computer, and I just started sorting through our Firefox/Internet Explorer bookmarks. I noticed a site called KeyGen.nl was bookmarked, and I clicked it to see what it was...

Firefox (the browser I was using at the time) froze up, but I wasn't too alarmed because it does that often, especially if a site has a lot of graphic-heavy ads. But after a few minutes, it seemed like the whole computer was going slower than normal. I even got a Windows Virtual Memory warning, and that's when I knew something was wrong.

I tried running Ad-Aware immediately, but the system was so slow I had no choice but to (manually, and quickly) restart it. Here's what happened after I restarted it:

  • I immediately ran Ad-Aware.
  • I removed every cookie Ad-Aware displayed (which was 119!).
  • Ad-Aware also pointed out two pieces of Malware; one was called C:\Windows\browser.exe. The other was AT&T Yahoo.lnk (I use AOL Highspeed Internet). I let Ad-Aware remove both items.
  • In Ad-Aware's Quarantine section, I noticed some very long code (which I can't remember), but two of the files ended with browser.hijack. So I removed these files as well. (Should I have left them in Quarantine instead, or did it really not matter?)
  • Ad-Aware said that this malware was particularly severe, and that I should restart my computer in order to remove any leftover traces. So I did; and while it started back up, I went to go find the "5 Step Process" this forum had posted (I had printed it on paper, and put it up in my room).
  • It took me about 20-30 seconds to find the paper, and when I came back...I noticed that the computer was on a blue screen; it looked like it was on the Boot Menu. I immediately panicked and unplugged the computer. Unfortunately, I didn't memorize what the screen said; I was too panicked to notice. But I think one of the items was called Boot.ini

I wasn't sure if Ad-Aware did this (even it didn't say it'd go to my Boot Menu), or if the malware was still there and trying to do something. So that's why I turned it off while it was still on the blue screen. I just hope I didn't mess anything up...

I turned the computer back on a few seconds later, and everything seemed normal. So that's when I followed part of your old "5 Step Process"; all I did was check Add/Remove Programs for anything suspicious (I saw nothing, by the way). Then I came to the forum, and read/followed your up-to-date instructions.

I was able to make the DSS.txt and Attach.zip files successfully, but I don't have my GMer file (ark.txt). When GMer finished running, I didn't see a Save button. It was there when I opened the program, but once it finished running (eight hours later!), the button disappeared. I ran the program twice, and I had the same problem each time. My computer then told me that my Virtual Memory was low.

I then went to restart my computer, and I had some problems:

-Two "End Program" boxes popped up. One was for Session Controller lxcc, and the other was for nsAppShell: EventWindow.

-After I ended those programs, my computer displayed a "logging off" box, then a "saving your settings" box, then a "shutting down" box. THOSE BOXES HAVE NEVER APPEARED BEFORE, AND I'VE USED THIS COMPUTER FOR YEARS. Usually it would just take me to the blue Windows Shutdown screen, plus I've NEVER logged off this computer before...so naturally, I had a bad feeling about it and just turned the computer off manually.

I hope the files I was able to create (and attach) will be enough. =\
Thanks in advance, and I hope you'll be able to help!!

PS:
OTHER, POSSIBLY-RELATED QUESTIONS
Our computer (and Internet) sometimes goes very slowly. It's been doing this for years, but I was wondering if anything listed in DSS.txt or Attach.zip could be responsible?

If nothing in those files is responsible, then could these be factors?:

1. Our computer is somewhat old (at least 5 years old). I don't know if computers degrade (and naturally get slower) as they get older or not.

2. My aunt (who also lives here) loves downloading/playing games from sites like Big Fish and Wild Tangent. She'll install at least one new game a week, then when it expires she'll remove the software. Is it possible that her habitual installing/uninstalling of programs could be messing the computer up?

3. I've heard that computers should be defragmented(?). Is that true? In fact is it necessary now, since I recently moved a LOT of files from this computer (I got rid of about 20GB of files)?

Also, what exactly is defragmenting, and how do I do it? Do I need to install some sort of program? And, is there a chance that defragmenting might mess my computer???

4. Quite often (and at random times), the computer will just shut off for no reason. If you try to turn it on again, it'll either cut back off within 1-4 seconds, or freeze at the -blue HP bootup(?)- screen. The computer would randomly shut off maybe once or twice every 1-2 months.

Usually it'll restart if I let the computer rest (sometimes 1-5 minutes, sometimes several hours; it depends on its mood, I guess). Or, it'll restart if I "defibrillate" it. That's when I unplug it and partially plug it back in (as an attempt to make sparks from the outlet). Usually when I see sparks, the computer will work. I know this isn't a good thing to do (and that it's potentially dangerous), but it's an effective solution.

I'm not sure what's making the computer shut off. It could be any of the above 3 points (the computer's old; my aunt; I need to defrag), or maybe there's a shortage in the system? Or...maybe I messed it up years ago?

This computer used to have a keyboard with a BIG, easy-to-push, Standby button on it. Our keyboard sits in a tray underneath the computer, so you have to pull out the tray, then lift up the keyboard in order to use it. And since that Standby button was easy to hit (and I didn't know you could disable it in the Control Panel), that button often hit the tray when I took the keyboard out. This happened at least once a week, for years.

Whenever the computer went into Stanby, I'd quickly hit keys to try and "wake" the computer back up...but I'm wondering if all the Standby's (plus immediately "waking" the computer up) did any damage?

There's also the possibly that a REALLY advanced virus/trojan/malware is behind this. But I've used antivirus and antispyware programs, and they never detect anything. I've also tried blowing dust off the computer (it gets VERY dusty in this room), gently wiping the vents with a cloth + rubbing alcohol, and I've made sure all the cords are tightly in place. I've also plugged the computer into different outlets around the room (in case the main outlet doesn't have enough electricity), but nothing has solved this problem.

Again, this happens a few times every few months, but for the past week it got really bad. It shut down practically every day (especially in the evenings). At one point it took me 20 minutes to get it back on...but /it kept shutting down right before Windows started/. It'd take me to the usual bootup screen, which says something like this:

Choose which version of Windows to run:

Windows [Regular Edition]
Windows [Home Recover Edition]

Alternatively, you can wait [5] seconds and the above, highlighted option will be selected.
However, each time I let the [counter] reach zero (or I hit the Enter key), the computer would immediately turn off. But I kept turning it back on...and 5-10 minutes later it FINALLY loaded Windows. And I immediately backed everything up to my external hard drive, and removed about 20 GB of files.

I haven't had a problem since then, so maybe the computer just needed more free space (even though it already had about 26 GB free)? But I'm not really sure; the problem does happen sporadically, so it might happen again next week, or next month.

I really hope the attached files offer some sort of clue to this problem, too. (Or maybe, if I gave enough information, somebody can give me advice?)
 

Attachments

·
Registered
Joined
·
7 Posts
Discussion Starter · #2 ·
MY LOG FILE:

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Owner at 16:52:45.54 on Fri 05/01/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.42 [GMT -4:00]

FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Breit Technologies\BT Reminder Buddy\BTReminderBuddy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\HP_Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*hxxp://www.yahoo.com/search/ie.html
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://www.yahoo.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uCustomizeSearch =
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*hxxp://www.yahoo.com
mSearchAssistant = hxxp://search.live.com/sphome.aspx
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ClickCatcher MSIE handler: {16664845-0e00-11d2-8059-000000000000} - c:\program files\common files\reget

shared\Catcher.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh

networks\veohwebplayer\VeohIEToolbar.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No File
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BTReminderBuddyStartUp] c:\program files\breit technologies\bt reminder buddy\BTReminderBuddy.exe -startup
uRun: [<NO NAME>]
uRun: [Yahoo! Pager] 1
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [LXCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCCtime.dll,[email protected]
mRun: [lxccmon.exe] "c:\program files\lexmark 3300 series\lxccmon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [IPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [WinampAgent] c:\program files\winamp\winampa.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital

imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program

files\nikon\pictureproject\NkbMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sbcsel~1.lnk - c:\program files\sbc self support

tool\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: Add To HP Organize... - c:\progra~1\hewlet~1\hporga~1\bin/module.main/favorites\ie_add_to.html
IE: Do&wnload by ReGet Pro - c:\program files\common files\reget shared\CC_Link.htm
IE: Download A&ll by ReGet Pro - c:\program files\common files\reget shared\CC_All.htm
IE: Download with GetRight - c:\program files\getright\GRdownload.htm
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files\getright\GRbrowse.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} -

c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -

c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
Trusted Zone: clubdam.com\www
Trusted Zone: dslreports.com\www
Trusted Zone: filelodge.com
Trusted Zone: mangadownload.net
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=67633
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} - hxxp://plug-in.reallusion.com/CrazyTalk4.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} -

hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://l.yimg.com/jh/games/web_games/playfirst/trijinx/TriJinx.1.0.0.55.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -

hxxps://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} -

hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {A16C2BF4-501E-45FA-8A14-F26E022D5E16} -

hxxp://adweb.music-eclub.com/php/adweb.php3?aid=143&arg=win%2Fmrinst.cab&ptx=mratdl
DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - hxxp://filelodge.bolt.com/ImageUploader3.cab
DPF: {A3009861-330C-4E10-822B-39D16EC8829D} - hxxp://www.ravantivirus.com/scan/ravonline.cab
DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - hxxp://www.trendmicro.com/spyware-scan/as4web.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} -

hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxps://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
DPF: {C061BA6F-FD17-4AFD-9B24-2A74E0417672} - hxxp://www.muzon.co.kr/site/muzonx.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} - hxxp://upload-v5.streamload.com/Upload/XUpload.ocx
DPF: {EACD6BE5-C0EE-4909-9B71-B2807C8A245C} - hxxp://dl.jukeon.co.kr/jukeon/jukeon2/2006050201/jukeonax.cab
Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - c:\program files\yamaha\midradio player\MidRadio.ocx
Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\getright\xx2gr.dll
Name-Space Handler: hxxp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program

files\getright\xx2gr.dll
Notify: igfxcui - igfxsrvc.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\5a717wfn.bri2\
FF - prefs.js: browser.startup.homepage - hxxp://www.theanimalrescuesite.com/clickToGive/home.faces?siteId=3
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-10 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-3 28544]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software

downloader\AmazonGSDownloaderService.exe [2009-2-5 317440]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 953168]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-12-25

24652]
S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys --> c:\windows\system32\drivers\ntcdrdrv.sys [?]
S0 tclondrv;tclondrv;c:\windows\system32\drivers\tclondrv.sys --> c:\windows\system32\drivers\tclondrv.sys [?]
S3 notecable;NoteCable Driver (WDM);c:\windows\system32\drivers\notcable.sys --> c:\windows\system32\drivers\notcable.sys [?]

=============== Created Last 30 ================

2009-04-30 13:06 <DIR> --d----- c:\program files\Easy GIF Animator
2009-04-29 12:42 <DIR> --d----- c:\program files\Cate West - The Velvet Keys
2009-04-29 11:43 <DIR> --d----- c:\program files\Real Crimes - The Unicorn Killer
2009-04-26 14:05 <DIR> --d----- c:\program files\Fishdom H2O - Hidden Odyssey
2009-04-22 09:42 <DIR> --d----- c:\docume~1\hp_owner\applic~1\WildTangentv1002
2009-04-21 11:01 <DIR> --d----- c:\docume~1\hp_owner\applic~1\PoBros
2009-04-21 11:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PoBros
2009-04-20 14:02 <DIR> --d----- c:\docume~1\hp_owner\applic~1\HiT-MM
2009-04-18 20:59 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-04-18 20:59 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-04-18 20:59 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-04-18 20:59 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-04-18 20:59 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-18 20:59 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-18 20:59 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-04-18 20:59 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-04-18 20:59 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-04-18 20:56 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-18 20:56 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-18 20:56 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-04-18 16:08 6,246 a------- c:\windows\atty.ico
2009-04-18 16:08 81,920 -------- c:\windows\system32\W32n50.dll
2009-04-18 16:08 17,162 -------- c:\windows\system32\Pcandis5.sys
2009-04-18 16:08 16,848 -------- c:\windows\system32\Pcandis4.sys
2009-04-18 16:08 16,073 -------- c:\windows\system32\Pcandis3.vxd
2009-04-18 16:08 <DIR> --d----- c:\windows\Motive
2009-04-18 16:08 <DIR> --d----- c:\program files\common files\Motive
2009-04-18 16:07 <DIR> --d----- c:\program files\SBC Self Support Tool
2009-04-18 15:47 <DIR> --d----- c:\program files\Yahoo!
2009-04-18 15:44 <DIR> --d----- c:\program files\BroadJump
2009-04-18 15:17 6,345 a----r-- c:\windows\system32\DevMngr.vxd
2009-04-18 15:14 266,240 -------- c:\windows\SBCDSL.exe
2009-04-13 12:16 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Skunk Studios
2009-04-07 11:42 <DIR> --d----- c:\docume~1\alluse~1\applic~1\QuickClick
2009-04-03 04:03 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-04-03 03:14 <DIR> --d----- c:\program files\AVG
2009-04-03 03:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8

==================== Find3M ====================

2009-04-21 23:56 15,688 a------- c:\windows\system32\lsdelete.exe
2009-04-21 23:55 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-04-18 15:41 155,995 a------- c:\windows\java\packages\V9BVVTNV.ZIP
2009-04-18 15:41 2,232 a------- c:\windows\java\packages\data\X7DJN937.DAT
2009-04-18 15:41 2,678 a------- c:\windows\java\packages\data\OYVJVPNJ.DAT
2009-04-18 15:41 2,678 a------- c:\windows\java\packages\data\RF5V7RJ3.DAT
2009-04-18 15:41 2,678 a------- c:\windows\java\packages\data\RZJF3NN9.DAT
2009-04-18 15:41 2,678 a------- c:\windows\java\packages\data\CATR1R1N.DAT
2009-04-18 15:41 2,678 a------- c:\windows\java\packages\data\0WRTZ9NP.DAT
2009-03-21 10:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-06 10:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 01:35 11,758 a------- c:\windows\mozver.dat
2009-03-06 01:34 118,784 a------- c:\windows\GREUninstall.exe
2009-03-02 19:04 1,499,136 -------- c:\windows\system32\dllcache\shdocvw.dll
2009-02-20 04:11 3,068,416 -------- c:\windows\system32\dllcache\mshtml.dll
2009-02-20 04:10 666,112 a------- c:\windows\system32\wininet.dll
2009-02-20 04:10 666,112 -------- c:\windows\system32\dllcache\wininet.dll
2009-02-20 04:10 619,520 -------- c:\windows\system32\dllcache\urlmon.dll
2009-02-20 04:10 81,920 a------- c:\windows\system32\ieencode.dll
2009-02-20 04:10 81,920 -------- c:\windows\system32\dllcache\ieencode.dll
2009-02-09 08:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 08:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 08:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 08:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 07:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 07:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-07 19:02 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-06 07:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 07:08 2,189,056 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 07:08 2,189,056 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-06 07:06 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-06 06:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 06:39 35,328 a------- c:\windows\system32\dllcache\sc.exe
2009-02-06 06:32 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-03 15:59 56,832 a------- c:\windows\system32\secur32.dll
2009-02-03 15:59 56,832 -------- c:\windows\system32\dllcache\secur32.dll
2008-06-11 19:01 13 ----h--- c:\docume~1\alluse~1\applic~1\1ÌØ13.sys
2008-02-28 10:27 0 a------- c:\program files\temp01
2007-10-24 15:50 140 a------- c:\docume~1\hp_owner\applic~1\wklnhst.dat
2005-05-13 17:12 217,073 a--shr-- c:\windows\meta4.exe
2005-10-24 11:13 66,560 a--shr-- c:\windows\MOTA113.exe
2002-07-31 20:55 104 ---sh--- c:\windows\WSYS049.SYS
2006-12-15 05:30 88 ---shr-- c:\windows\system32\8C96F12338.sys
2005-07-14 12:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
2005-06-21 22:37 45,568 a--shr-- c:\windows\system32\cygz.dll
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\i420vfw.dll
2006-12-15 05:32 2,516 a--sh--- c:\windows\system32\KGyGaAvL.sys
2005-02-28 13:16 240,128 a--shr-- c:\windows\system32\x.264.exe
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\yv12vfw.dll

============= FINISH: 16:54:27.73 ===============
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top