0

I followed all instructions before posting and the thing is I installed the Malwarebytes' Anti-Malware and it wont start do I have to uninstall Norton for this to work and if so will this give me the protection I need?

Need to know before getting started and I will sign on every day and check periodically all day. Thnx in advance *_*

2
Contributors
8
Replies
9
Views
7 Years
Discussion Span
Last Post by Tetsujin_Genin
0

Something I found with rootkit detection is that if a rootkit has found its way onto your machine, sometimes you will have to rename the executable. I would look in the task manager (under the processes tab) to see if the program is actually running but being surpressed. So,...if you are trying to run malware.exe, change the name to something like mam.exe and run it. Rootkits and their developers are getting smarter and preventing anti-virus and anti-rootkit programs from running, so if you rename your exe file it should allow it to run as expected.

0

GMER Two

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-14 08:31:00
Windows 6.0.6002 Service Pack 2
Running: ly93pg8d.exe; Driver: C:\Users\Profa-C\AppData\Local\Temp\ugldyfob.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Windows\system32\windrvNT.sys ZwQueryDirectoryFile [0xA518F842]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85B521F8
Device \FileSystem\fastfat \Fat 889DD1F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Edited by Tetsujin_Genin: n/a

Attachments
DDS (Ver_10-03-17.01) - NTFSx86  
Run by Profa-C at  7:28:05.01 on Thu 07/15/2010
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_20
Microsoft Windows Vista Home Basic   6.0.6002.2.1252.1.1033.18.2814.1584 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\Desktop\Computer Repair Tools\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
uSearch Page = 
uSearch Bar = 
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
mSearchAssistant = 
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360 premier edition\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360 premier edition\engine\3.5.2.11\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
BHO: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\xilisoft download youtube toolbar\tbcore3.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
TB: Xilisoft Download Youtube Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\xilisoft download youtube toolbar\tbcore3.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360 premier edition\engine\3.5.2.11\coIEPlg.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Google Update] "c:\users\profa-c\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [JDK5SWFMZY] c:\users\profa-c\appdata\local\temp\Krx.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [iCall Internet Phone] "c:\program files\icall\iCall.exe" /startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRunOnce: [<NO NAME>] 
dRunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-0016-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-001B-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-0018-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-00A1-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
mExplorerRun: [<NO NAME>] 1 (0x1)
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\contin~1.lnk - e:\multisim 2001 textbook edition\Setup.exe
uPolicies-explorer: DisallowRun = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D
0

GMER Two

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-14 08:49:11
Windows 6.0.6002 Service Pack 2
Running: ly93pg8d.exe; Driver: C:\Users\Profa-C\AppData\Local\Temp\ugldyfob.sys


---- System - GMER 1.0.15 ----

SSDT 8804A048 ZwAlertResumeThread
SSDT 88032680 ZwAlertThread
SSDT 8813F0B8 ZwAllocateVirtualMemory
SSDT 87F44898 ZwAlpcConnectPort
SSDT 88141408 ZwAssignProcessToJobObject
SSDT \??\C:\Windows\system32\windrvNT.sys ZwCreateFile [0xA696536A]
SSDT 881417F0 ZwCreateMutant
SSDT 88141188 ZwCreateSymbolicLinkObject
SSDT 8813EB78 ZwCreateThread
SSDT 881414C8 ZwDebugActiveProcess
SSDT 8813F210 ZwDuplicateObject
SSDT 88141EB0 ZwFreeVirtualMemory
SSDT 880CD048 ZwImpersonateAnonymousToken
SSDT 87FC5048 ZwImpersonateThread
SSDT 869DBDE8 ZwLoadDriver
SSDT 88141DD0 ZwMapViewOfSection
SSDT 87F56318 ZwOpenEvent
SSDT \??\C:\Windows\system32\windrvNT.sys ZwOpenFile [0xA6965CD8]
SSDT 8813F3B0 ZwOpenProcess
SSDT 87F9A110 ZwOpenProcessToken
SSDT 880E6048 ZwOpenSection
SSDT 8813F2E0 ZwOpenThread
SSDT 88141338 ZwProtectVirtualMemory
SSDT \??\C:\Windows\system32\windrvNT.sys ZwQueryDirectoryFile [0xA6965842]
SSDT \??\C:\Windows\system32\windrvNT.sys ZwQueryInformationProcess [0xA69621E0]
SSDT 87FB0220 ZwResumeThread
SSDT 87F9F068 ZwSetContextThread
SSDT \??\C:\Windows\system32\windrvNT.sys ZwSetInformationFile [0xA6966142]
SSDT 88141C78 ZwSetInformationProcess
SSDT 8813B048 ZwSetSystemInformation
SSDT 8805C048 ZwSuspendProcess
SSDT 88030068 ZwSuspendThread
SSDT 87FF2110 ZwTerminateProcess
SSDT 87FB51B0 ZwTerminateThread
SSDT 87FE2110 ZwUnmapViewOfSection
SSDT 88141F80 ZwWriteVirtualMemory
SSDT 88141258 ZwCreateThreadEx

INT 0x62 ? 86AB3F00
INT 0x72 ? 86AB3F00
INT 0x92 ? 85B2CBF8
INT 0xA2 ? 85B2CBF8
INT 0xB2 ? 85B2CBF8

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85B521F8
Device \FileSystem\fastfat \FatCdrom 883971F8
Device \Driver\netbt \Device\NetBT_Tcpip_{DCAAF8FC-D303-49D1-96C2-BD520342ABE6} 87F041F8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 85B2E1F8
Device \Driver\usbohci \Device\USBPDO-0 86A9B500
Device \Driver\usbehci \Device\USBPDO-1 86AB51F8
Device \Driver\usbohci \Device\USBPDO-2 86A9B500
Device \Driver\usbehci \Device\USBPDO-3 86AB51F8
Device \Driver\sptd \Device\337431531 spsx.sys

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\volmgr \Device\HarddiskVolume1 85B2E1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{A97C1D38-7C0C-4C12-BB77-6DB68E562387} 87F041F8
Device \Driver\volmgr \Device\HarddiskVolume2 85B2E1F8
Device \Driver\cdrom \Device\CdRom0 869D31F8
Device \Driver\cdrom \Device\CdRom1 869D31F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 85B311F8
Device \Driver\atapi \Device\Ide\IdePort0 85B311F8
Device \Driver\atapi \Device\Ide\IdePort1 85B311F8
Device \Driver\atapi \Device\Ide\IdePort2 85B311F8
Device \Driver\atapi \Device\Ide\IdePort3 85B311F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-5 85B311F8
Device \Driver\netbt \Device\NetBt_Wins_Export 87F041F8
Device \Driver\PCI_PNP5520 \Device\00000090 spsx.sys
Device \Driver\Smb \Device\NetbiosSmb 87F011F8
Device \Driver\iScsiPrt \Device\RaidPort0 86C531F8

AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\usbohci \Device\USBFDO-0 86A9B500
Device \Driver\usbehci \Device\USBFDO-1 86AB51F8
Device \Driver\usbohci \Device\USBFDO-2 86A9B500
Device \Driver\usbehci \Device\USBFDO-3 86AB51F8
Device \Driver\aw54qpwp \Device\Scsi\aw54qpwp1 86C521F8
Device \Driver\aw54qpwp \Device\Scsi\aw54qpwp1Port5Path0Target0Lun0 86C521F8
Device \FileSystem\fastfat \Fat 883971F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\cdfs \Cdfs 8933E1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0x26 0x2A 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5B 0x66 0xE9 0xE5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x88 0x49 0xCF 0x08 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x5E 0x4F 0xC4 0xBF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x43 0x40 0x50 0x13 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5B 0x66 0xE9 0xE5 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x88 0x49 0xCF 0x08 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x5E 0x4F 0xC4 0xBF ...

---- EOF - GMER 1.0.15 ----

Edited by Tetsujin_Genin: n/a

0

DDS (Ver_10-03-17.01) - NTFSx86
Run by Profa-C at 7:28:05.01 on Thu 07/15/2010
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2814.1584 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Profa-C\Desktop\Computer Repair Tools\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
uSearch Page =
uSearch Bar =
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
mSearchAssistant =
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360 premier edition\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360 premier edition\engine\3.5.2.11\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
BHO: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\xilisoft download youtube toolbar\tbcore3.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0541.0\msneshellx.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
TB: Xilisoft Download Youtube Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\xilisoft download youtube toolbar\tbcore3.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360 premier edition\engine\3.5.2.11\coIEPlg.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Google Update] "c:\users\profa-c\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [JDK5SWFMZY] c:\users\profa-c\appdata\local\temp\Krx.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [iCall Internet Phone] "c:\program files\icall\iCall.exe" /startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRunOnce: [<NO NAME>]
dRunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-0016-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-001B-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-0018-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90120000-00A1-0409-0000-0000000FF1CE}] c:\windows\system32\cmd.exe /c del "c:\programdata\microsoft help\Rgstrtn.lck" /Q /A:H
mExplorerRun: [<NO NAME>] 1 (0x1)
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\contin~1.lnk - e:\multisim 2001 textbook edition\Setup.exe
uPolicies-explorer: DisallowRun = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: netzero.com
Trusted Zone: netzero.net
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/IWONBarInitialSetup1.0.1.1.exe
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 93.188.162.230,93.188.166.210
TCP: {A97C1D38-7C0C-4C12-BB77-6DB68E562387} = 93.188.162.230,93.188.166.210
TCP: {DCAAF8FC-D303-49D1-96C2-BD520342ABE6} = 93.188.162.230,93.188.166.210
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360 premier edition\engine\3.5.2.11\CoIEPlg.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\profa-c\appdata\roaming\mozilla\firefox\profiles\od178qaa.default\
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\profa-c\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\profa-c\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-7-15 310320]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\dddsk.sys [2009-11-19 22312]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100714.003\IDSvix86.sys [2010-7-15 344112]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 N360;Norton 360;c:\program files\norton 360 premier edition\engine\3.8.0.41\ccSvcHst.exe [2010-7-15 117640]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-4-20 365952]
R3 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2010-7-15 259632]
R3 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2010-7-15 482432]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-4-20 193840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-7-14 102448]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-8-21 66592]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0305020.00b\symndisv.sys [2010-7-15 48688]
S2 .norton2009Reset;Norton2009 Reset;c:\program files\norton2009reset.exe --> c:\program files\Norton2009Reset.exe [?]
S2 GoogleUpdateBeta;Google Update Service;c:\users\profa-c\appdata\local\google\update\googleupdatebeta.exe /svc --> c:\users\profa-c\appdata\local\google\update\GoogleUpdateBeta.exe [?]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

=============== Created Last 30 ================

2010-07-15 06:52:45 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-07-15 06:52:45 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-07-15 06:52:37 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2010-07-15 06:52:30 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-07-15 06:52:30 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-07-15 06:52:30 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-07-15 06:52:06 0 d-----w- c:\program files\Symantec
2010-07-15 06:52:06 0 d-----w- c:\program files\common files\Symantec Shared
2010-07-15 06:51:14 0 d-----w- c:\windows\system32\drivers\N360
2010-07-15 06:51:12 0 d-----w- c:\program files\Norton 360 Premier Edition
2010-07-15 06:50:22 0 d-----w- c:\program files\NortonInstaller
2010-07-14 03:31:33 0 d-----w- c:\programdata\Apple Computer
2010-07-14 02:32:04 0 d-----w- c:\program files\PhotoshopPortable
2010-07-13 19:03:56 2340 ----a-w- c:\windows\system32\msexcr.ini
2010-07-11 10:27:36 0 d-----w- c:\program files\PFConfig
2010-07-11 08:33:59 0 d-----w- c:\program files\Port Forwarding Wizard
2010-07-11 02:43:18 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-07-11 01:24:40 0 d-----w- c:\program files\Activision
2010-07-10 23:54:19 0 d-----w- c:\programdata\Affinegy
2010-07-10 01:15:37 0 d-----w- c:\programdata\Nexon
2010-07-09 23:47:58 0 d-----w- c:\program files\Nexon
2010-07-09 23:47:56 0 d-----w- c:\programdata\NexonUS
2010-07-09 23:03:51 0 d-----w- c:\programdata\PMB Files
2010-07-09 23:03:28 0 d-----w- c:\program files\Pando Networks
2010-07-09 02:37:43 0 d-----w- c:\program files\QS
2010-07-09 02:37:37 0 d-----w- c:\users\profa-c\appdata\roaming\TeamViewer
2010-07-07 09:35:22 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-02 07:35:41 0 d-----w- c:\program files\common files\PX Storage Engine
2010-07-02 07:29:38 0 d-----w- c:\programdata\DivX
2010-07-02 05:27:10 720896 ----a-w- c:\windows\iun6002ev.exe
2010-07-02 05:26:57 0 d-----w- c:\program files\Bejeweled 2 Deluxe
2010-06-27 04:44:25 0 d-----w- C:\2e34d58b799283a66a6a5ed11b0d45
2010-06-27 02:26:48 0 d-----w- c:\program files\Xilisoft
2010-06-26 12:53:43 0 d-----w- c:\programdata\OptiTex
2010-06-26 12:46:30 0 d-----w- c:\users\profa-c\appdata\roaming\DAZ 3D
2010-06-26 12:45:02 0 d-----w- c:\program files\common files\DAZ
2010-06-26 12:44:45 0 d-----w- c:\program files\DAZ 3D
2010-06-26 10:34:50 0 d-----w- c:\program files\VirtualDJ
2010-06-26 05:35:56 0 d-----w- C:\596f916bcc413f88483d
2010-06-24 19:30:42 0 d-----w- c:\programdata\Belkin
2010-06-24 19:28:18 0 d-----w- c:\program files\Belkin
2010-06-23 23:23:09 0 d-----w- c:\program files\Telltale Games
2010-06-23 00:06:07 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 00:06:07 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 00:06:07 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 00:06:07 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 00:06:06 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-22 21:23:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-22 21:23:13 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-19 03:54:08 0 d-----w- c:\programdata\Yahoo!
2010-06-19 03:51:11 0 d-----w- c:\program files\Yahoo!
2010-06-19 00:55:21 0 d-----w- c:\users\profa-c\appdata\roaming\DVD Flick
2010-06-19 00:53:26 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2010-06-19 00:53:26 164144 ----a-w- c:\windows\system32\comct232.ocx
2010-06-19 00:53:25 662288 ----a-w- c:\windows\system32\mscomct2.ocx
2010-06-19 00:53:25 212240 ----a-w- c:\windows\system32\richtx32.ocx
2010-06-19 00:53:25 0 d-----w- c:\program files\DVD Flick

==================== Find3M ====================

2010-07-15 11:36:40 168249 ----a-w- c:\programdata\nvModes.dat
2010-07-15 06:52:33 86016 ----a-w- c:\windows\inf\infstor.dat
2010-07-15 06:52:33 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-15 06:52:33 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-12 22:36:33 8272 ---ha-w- c:\users\profa-c\appdata\roaming\cglogs.dat
2010-06-12 07:47:40 1472072 ----a-w- c:\users\profa-c\appdata\roaming\4snrq3138GI.exe
2010-06-12 07:47:34 425984 ----a-w- c:\users\profa-c\appdata\roaming\3snrq3138GI.exe
2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-05 11:33:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-05-04 19:15:20 834048 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 18:37:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-11 09:26:12 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-12-13 09:33:35 132096 --sha-r- c:\windows\system32\olethk32J.dll
2009-04-20 11:26:15 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 7:31:41.68 ===============

0

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 5/12/2009 7:35:15 AM
System Uptime: 7/15/2010 6:34:25 AM (1 hours ago)

Motherboard: Wistron | | 303C
Processor: AMD Sempron(tm) SI-42 | Socket A | 2100/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 139 GiB total, 16.166 GiB free.
D: is FIXED (FAT32) - 10 GiB total, 1.888 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Algebrator 4.0
Ashampoo WinOptimizer 7.01
ASIO4ALL
Atheros Driver Installation Program
Bejeweled 2 Deluxe
Belkin Setup and Router Monitor
BS.Player FREE
CDisplay 1.8
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Cross Fire En
CyberLink DVD Suite
DAO 3.5
DAZ Studio 3
Disk Doctors Undelete Version 1.0.0
DivX Setup
Download Accelerator Plus (DAP)
DVD Flick 1.3.0.7
ESU for Microsoft Vista
ffdshow [rev 3055] [2009-08-16]
Folder Lock
Google Chrome
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.7
HP Games
HP Help and Support
HP Quick Launch Buttons 6.40 H2
HP Total Care Advisor
HP Total Care Setup
HP Update
HP User Guides 0118
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
iCall
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 7
JDownloader
Juno Preloader
kikin plugin (JDownloader Edition) 2.0
LabelPrint
ManyCam 2.4 (remove only)
MapleStory
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox (3.6.6)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
MyMenu 1.2
NetWaiting
Norton 360 Premier Edition
NVIDIA Drivers
OGA Notifier 2.0.0048.0
P2PFilter 3.0.5
Pando Media Booster
PFConfig 1.0.295
Power2Go
PowerDirector
Project64 1.6
PVSonyDll
QuickTime
Readon TV Movie Radio Player 7.2.0.0
Sam and Max - Season Two - Sam and Max Episode 201 - Ice Station Santa
Sam and Max - Season Two - Sam and Max Episode 202 - Moai Better Blues
Sam and Max - Season Two - Sam and Max Episode 203 - Night of the Raving Dead
Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs
Sam and Max - Season Two - Sam and Max Episode 205 - What's New, Beelzebub?
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype™ 4.1
SPORE Creature Creator Trial Edition
Synaptics Pointing Device Driver
System Requirements Lab
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb983486)
VC80CRTRedist - 8.0.50727.4053
Virtual DJ - Atomix Productions
WBFS Manager 3.0
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
WinRAR archiver
WinX DVD Ripper Platinum 5.8.3
Xfire (remove only)
Xilisoft Download Youtube Toolbar
Xilisoft Video Converter Ultimate 6
Zynga Toolbar

==== End Of File ===========================

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.