I used the macrovision uninstaller you linked to me and I assume it worked, however in my windows defender startup the two entries where I had disabled them prior still show, can I now remove them from windows defender? Also when running the combofix the anti vira or virus free software is a bugger to shutdown all the way but I was able too and ran the combo fix a second time as the administrator no one else uses my home computer. So here are the results for both the combo and hijack logs you requested. ps: After this issue at hand is resolved could you direct me to or advise me on why my computer vista system has 80 process that run in boot up in memory? I have tried the disabled route via "name escapes me" popular website on what to run, disable, automatic etc with XP but have yet tried it with Vista home premium. knowing vista was a hog had no idea just how piggish it really is
Combofix:
ComboFix 08-08-12.01 - ]
Running from: C:\Users\ThomZen27\Desktop\ComboFix.exe
* Created a new restore point
.
[color=purple]The following files were disabled during the run:[/color]
C:\Windows\system32\guard32.dll
((((((((((((((((((((((((( Files Created from 2008-07-12 to 2008-08-12 )))))))))))))))))))))))))))))))
.
2008-08-12 16:15 . 2008-08-12 16:15 <DIR> d-------- C:\Users\Administrator\AppData
2008-08-12 16:15 . 2008-08-12 16:15 <DIR> d-------- C:\Users\Administrator
2008-08-12 15:56 . 2008-08-12 15:56 <DIR> d-------- C:\Program Files\Macrovision Corporation
2008-08-12 15:30 . 2008-07-15 20:32 2,048 --a------ C:\WINDOWS\System32\tzres.dll
2008-08-12 15:26 . 2008-06-26 20:55 1,383,424 --a------ C:\WINDOWS\System32\mshtml.tlb
2008-08-12 15:26 . 2008-06-26 23:15 827,392 --a------ C:\WINDOWS\System32\wininet.dll
2008-08-12 15:26 . 2008-06-18 22:31 361,984 --a------ C:\WINDOWS\System32\IPSECSVC.DLL
2008-08-12 15:26 . 2008-04-18 00:48 269,312 --a------ C:\WINDOWS\System32\es.dll
2008-08-12 15:25 . 2008-04-10 00:12 738,304 --a------ C:\WINDOWS\System32\inetcomm.dll
2008-08-11 19:23 . 2008-08-11 19:23 <DIR> d-------- C:\Program Files\CCleaner
2008-08-10 04:12 . 2008-08-10 04:13 <DIR> d-------- C:\Users\ThomZen27\avidemux
2008-08-10 03:13 . 2008-08-10 03:13 <DIR> d-------- C:\Users\All Users\PrevxCSI
2008-08-10 03:13 . 2008-08-10 03:13 <DIR> d-------- C:\ProgramData\PrevxCSI
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> dr------- C:\Users\Mcx1\Videos
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> d-------- C:\Users\Mcx1\Saved Games
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> dr------- C:\Users\Mcx1\Pictures
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> dr------- C:\Users\Mcx1\Music
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> dr------- C:\Users\Mcx1\Links
2008-08-10 01:18 . 2006-11-02 05:23 <DIR> dr------- C:\Users\Mcx1\Downloads
2008-08-10 01:18 . 2008-08-10 01:18 <DIR> dr------- C:\Users\Mcx1\Documents
2008-08-10 01:18 . 2008-08-10 02:27 <DIR> d--h----- C:\Users\Mcx1\AppData
2008-08-10 01:18 . 2008-08-12 15:18 <DIR> d-------- C:\Users\Mcx1
2008-08-10 00:39 . 2008-08-10 00:39 222 --a------ C:\WINDOWS\System32\Support.xml
2008-08-09 18:38 . 2008-08-09 18:38 <DIR> d-------- C:\Program Files\The KMPlayer
2008-08-09 18:36 . 2008-08-11 20:08 <DIR> d-------- C:\Program Files\Avidemux 2.4
2008-08-09 13:07 . 2008-08-09 13:07 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\Template
2008-08-09 13:07 . 2008-08-11 12:39 450 --a------ C:\Users\ThomZen27\AppData\Roaming\wklnhst.dat
2008-08-08 07:45 . 2008-08-08 07:45 <DIR> d-------- C:\Users\All Users\InstallShield
2008-08-08 07:45 . 2008-08-08 07:45 <DIR> d-------- C:\ProgramData\InstallShield
2008-08-08 05:00 . 2008-08-08 05:00 <DIR> d-------- C:\Users\All Users\Apple
2008-08-08 05:00 . 2008-08-08 05:00 <DIR> d-------- C:\ProgramData\Apple
2008-08-08 05:00 . 2008-08-08 05:00 <DIR> d-------- C:\Program Files\Apple Software Update
2008-08-08 03:22 . 2008-08-08 03:22 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\skypePM
2008-08-08 03:22 . 2008-08-08 03:22 56 --ah----- C:\Users\All Users\ezsidmv.dat
2008-08-08 03:22 . 2008-08-08 03:22 56 --ah----- C:\ProgramData\ezsidmv.dat
2008-08-08 03:12 . 2008-08-08 05:56 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\Skype
2008-08-08 01:48 . 2008-08-10 03:31 <DIR> d-a------ C:\Users\All Users\TEMP
2008-08-08 01:48 . 2008-08-10 03:31 <DIR> d-a------ C:\ProgramData\TEMP
2008-08-08 01:47 . 2008-08-12 15:18 <DIR> d-------- C:\Users\All Users\Google Updater
2008-08-08 01:47 . 2008-08-12 15:18 <DIR> d-------- C:\ProgramData\Google Updater
2008-08-08 00:09 . 2008-08-08 00:09 <DIR> d-------- C:\Users\All Users\Skype
2008-08-08 00:09 . 2008-08-08 00:09 <DIR> d-------- C:\ProgramData\Skype
2008-08-08 00:09 . 2008-08-08 00:09 <DIR> d-------- C:\Program Files\Skype
2008-08-08 00:09 . 2008-08-08 00:09 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-08-07 22:01 . 2008-08-07 22:01 <DIR> d-------- C:\Users\All Users\LightScribe
2008-08-07 22:01 . 2008-08-07 22:01 <DIR> d-------- C:\ProgramData\LightScribe
2008-08-04 22:58 . 2008-08-04 23:01 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\SPORE Creature Creator
2008-08-04 22:56 . 2008-08-04 22:56 <DIR> dr-h----- C:\Users\ThomZen27\AppData\Roaming\SecuROM
2008-08-03 16:46 . 2008-08-03 16:46 <DIR> d-------- C:\Program Files\AvsP
2008-08-03 15:41 . 2008-08-03 15:41 <DIR> d-------- C:\Program Files\LameFE
2008-08-03 15:37 . 2008-08-03 15:38 <DIR> d-------- C:\Program Files\Audacity
2008-08-03 15:12 . 2008-08-03 15:12 <DIR> d-------- C:\Users\All Users\GRETECH
2008-08-03 15:12 . 2008-08-03 15:12 <DIR> d-------- C:\ProgramData\GRETECH
2008-08-03 15:11 . 2008-08-03 15:11 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\GRETECH
2008-08-03 15:10 . 2008-08-03 15:10 <DIR> d-------- C:\Program Files\GRETECH
2008-08-03 10:52 . 2008-08-03 10:54 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-08-03 10:06 . 2008-08-03 10:06 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-08-03 01:17 . 2008-08-03 01:17 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\Auslogics
2008-08-03 00:42 . 2008-08-03 00:42 <DIR> d-------- C:\Program Files\Lavasoft
2008-08-03 00:02 . 2008-08-03 00:42 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-08-03 00:02 . 2008-08-03 00:42 <DIR> d-------- C:\ProgramData\Lavasoft
2008-08-03 00:00 . 2008-08-03 00:00 <DIR> d-------- C:\Program Files\VistaCodecPack
2008-08-02 23:58 . 2008-08-02 23:58 <DIR> d-------- C:\Users\All Users\VistaCodecs
2008-08-02 23:58 . 2008-08-02 23:58 <DIR> d-------- C:\ProgramData\VistaCodecs
2008-08-02 23:25 . 2008-08-02 23:25 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\Datel
2008-08-02 23:25 . 2008-08-02 23:25 <DIR> d-------- C:\Program Files\Datel
2008-08-02 22:23 . 2008-08-02 22:26 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2008-08-02 22:07 . 2008-05-16 14:01 768,544 --a------ C:\WINDOWS\System32\nvcplui.exe
2008-08-02 22:07 . 2008-06-04 16:29 446,464 --a------ C:\WINDOWS\System32\nvuninst.exe
2008-08-02 22:07 . 2008-05-16 14:01 420,384 --a------ C:\WINDOWS\System32\nvcpl.cpl
2008-08-02 22:07 . 2008-05-16 14:01 313,888 --a------ C:\WINDOWS\System32\nvexpbar.dll
2008-08-02 21:54 . 2008-08-02 21:54 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-08-02 21:42 . 2008-08-02 21:42 278,984 --a------ C:\WINDOWS\System32\drivers\atksgt.sys
2008-08-02 21:42 . 2008-08-02 21:42 25,416 --a------ C:\WINDOWS\System32\drivers\lirsgt.sys
2008-08-02 21:33 . 2008-08-10 00:04 <DIR> d-------- C:\Program Files\The Witcher
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Videos
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Searches
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Saved Games
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Pictures
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Music
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Links
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Downloads
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> dr------- C:\WINDOWS\System32\config\systemprofile\Documents
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> d-------- C:\Users\All Users\Electronic Arts
2008-08-02 21:29 . 2008-08-02 21:29 <DIR> d-------- C:\ProgramData\Electronic Arts
2008-08-02 21:29 . 2008-08-02 22:18 2,308 --a------ C:\WINDOWS\System32\ealregsnapshot1.reg
2008-08-02 21:26 . 2008-08-02 21:30 <DIR> d-------- C:\Program Files\Electronic Arts
2008-08-02 20:28 . 2008-08-02 20:30 <DIR> d-------- C:\Program Files\Microsoft LifeCam
2008-08-02 20:23 . 2008-08-08 06:14 0 --a------ C:\WINDOWS\System32\drivers\lvuvc.hs
2008-08-02 20:21 . 2007-07-18 19:44 3,599,000 --a------ C:\WINDOWS\System32\drivers\lvuvc.sys
2008-08-02 20:21 . 2007-07-18 19:42 1,920,920 --a------ C:\WINDOWS\System32\drivers\lvpopflt.sys
2008-08-02 20:21 . 2007-07-18 19:43 490,008 --a------ C:\WINDOWS\System32\LVUI2.dll
2008-08-02 20:21 . 2007-07-18 19:44 465,432 --a------ C:\WINDOWS\System32\LVUI2RC.dll
2008-08-02 20:21 . 2007-07-18 19:40 416,280 --a------ C:\WINDOWS\System32\lvcodec2.dll
2008-08-02 20:21 . 2007-07-18 19:40 195,096 --a------ C:\WINDOWS\System32\lvci1110.dll
2008-08-02 20:21 . 2007-07-18 18:54 58,163 --a------ C:\WINDOWS\System32\lvcoinst.ini
2008-08-02 20:21 . 2007-07-18 19:44 41,752 --a------ C:\WINDOWS\System32\drivers\LVUSBSta.sys
2008-08-02 20:21 . 2007-07-18 18:55 19,344 --a------ C:\WINDOWS\System32\Repository.reg
2008-08-02 19:41 . 2008-08-02 19:41 <DIR> d-------- C:\Users\All Users\Avira
2008-08-02 19:41 . 2008-08-02 19:41 <DIR> d-------- C:\ProgramData\Avira
2008-08-02 19:41 . 2008-08-02 19:41 <DIR> d-------- C:\Program Files\Avira
2008-08-02 18:43 . 2008-08-02 18:43 268 --ah----- C:\sqmdata00.sqm
2008-08-02 18:43 . 2008-08-02 18:43 244 --ah----- C:\sqmnoopt00.sqm
2008-08-02 18:12 . 2008-08-02 18:12 <DIR> d-------- C:\Users\ThomZen27\AppData\Roaming\Comodo
2008-08-02 18:12 . 2008-08-02 18:42 <DIR> d-------- C:\Users\All Users\comodo
2008-08-02 18:12 . 2008-08-02 18:42 <DIR> d-------- C:\ProgramData\comodo
2008-08-02 18:12 . 2008-08-02 18:12 <DIR> d-------- C:\Program Files\COMODO
2008-08-02 18:12 . 2008-08-02 18:12 143,104 --a------ C:\WINDOWS\System32\guard32.dll.vir
2008-08-02 18:12 . 2008-08-02 18:12 85,008 --a------ C:\WINDOWS\System32\drivers\cmdguard.sys
2008-08-02 18:12 . 2008-08-02 18:12 25,104 --a------ C:\WINDOWS\System32\drivers\cmdhlp.sys
2008-08-02 18:02 . 2008-08-02 18:03 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-08-02 18:02 . 2008-08-02 18:02 <DIR> d-------- C:\Program Files\Windows Live Favorites
2008-08-02 18:02 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\System32\d3dx9_32.dll
2008-08-02 18:01 . 2008-08-02 18:01 <DIR> d-------- C:\WINDOWS\PCHEALTH
2008-08-02 18:01 . 2008-08-02 18:01 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-02 17:57 . 2008-08-02 20:54 <DIR> d-------- C:\Program Files\Windows Live
2008-08-02 17:57 . 2008-08-02 18:00 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-02 17:56 . 2008-08-02 17:56 <DIR> d-------- C:\Users\All Users\WLInstaller
2008-08-02 17:56 . 2008-08-02 17:56 <DIR> d-------- C:\ProgramData\WLInstaller
2008-08-02 17:24 . 2008-08-02 17:24 203,776 --a------ C:\WINDOWS\System32\clrviddc.dll
2008-08-02 17:24 . 1999-09-10 06:06 45,056 --a------ C:\WINDOWS\System32\wnaspi32.dll
2008-08-02 17:24 . 1999-09-10 06:06 25,244 --a------ C:\WINDOWS\System32\drivers\aspi32.sys
2008-08-02 17:24 . 1999-09-10 06:06 5,600 --a------ C:\WINDOWS\system\winaspi.dll
2008-08-02 17:24 . 1999-09-10 06:06 4,672 --a------ C:\WINDOWS\system\wowpost.exe
2008-08-02 17:23 . 2008-08-02 17:23 25 --a------ C:\WINDOWS\cdplayer.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 21:16 --------- d-----w C:\Program Files\Microsoft Works
2008-08-12 20:31 --------- d-----w C:\Program Files\Windows Mail
2008-08-12 01:44 --------- d-----w C:\Program Files\Rhapsody
2008-08-10 05:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-08 12:45 --------- d-----w C:\Program Files\Roxio
2008-08-08 12:45 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-08 12:44 --------- d-----w C:\ProgramData\Sonic
2008-08-08 12:44 --------- d-----w C:\ProgramData\Roxio
2008-08-08 03:04 --------- d---a-w C:\Program Files\Common Files\LightScribe
2008-08-02 22:22 --------- d-----w C:\Program Files\Real
2008-08-02 21:34 174 --sha-w C:\Program Files\desktop.ini
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Journal
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Defender
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-02 21:27 --------- d-----w C:\Program Files\Windows Calendar
2008-08-02 21:17 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-08-02 21:17 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-08-02 20:54 --------- d-----w C:\Program Files\HP
2008-08-02 18:35 --------- d-----w C:\ProgramData\WildTangent
2008-08-02 18:34 --------- d--h--w C:\ProgramData\yahoo!
2008-08-02 18:34 --------- d-----w C:\Program Files\Yahoo!
2008-08-02 18:32 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-02 18:22 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-08-02 18:22 --------- d-----w C:\Program Files\Realtek
2008-08-02 17:54 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-08-02 17:54 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-08-02 17:54 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-08-02 17:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-08-02 16:58 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Templates
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Start Menu
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Favorites
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Documents
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Desktop
2008-08-02 16:49 --------- d-sh--w C:\ProgramData\Application Data
2008-06-13 01:36 7,680 ----a-w C:\Windows\System32\ff_vfw.dll
2008-06-13 00:25 966,656 ----a-w C:\Windows\System32\VSFilter.dll
2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-11 19:41 21,248 ----a-w C:\Windows\Help\OEM\scripts\HPScript.exe
2008-06-06 17:28 430,080 ----a-w C:\Windows\ntuneoem.dll
2008-06-06 17:28 29,952 ----a-w C:\Windows\nvoclock.sys
2008-06-04 18:38 1,079,840 ----a-w C:\Windows\System32\nvCplUIR.dll
2008-05-30 19:19 507,400 ----a-w C:\Windows\System32\XAudio2_1.dll
2008-05-30 19:18 238,088 ----a-w C:\Windows\System32\xactengine3_1.dll
2008-05-30 19:17 65,032 ----a-w C:\Windows\System32\XAPOFX1_0.dll
2008-05-30 19:17 25,608 ----a-w C:\Windows\System32\X3DAudio1_4.dll
2008-05-30 19:11 467,984 ----a-w C:\Windows\System32\d3dx10_38.dll
2008-05-30 19:11 3,850,760 ----a-w C:\Windows\System32\D3DX9_38.dll
2008-05-30 19:11 1,491,992 ----a-w C:\Windows\System32\D3DCompiler_38.dll
2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll
2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll
2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll
2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll
2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll
2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll
2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll
2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll
2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll
2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll
2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll
2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
2008-05-23 16:11 36,640 ----a-w C:\Windows\nvflash.sys
2008-05-16 16:58 12,632 ----a-w C:\Windows\System32\lsdelete.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-06-01 15:40 1783400]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-07-29 09:18 2610608]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-06-06 12:25 114688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 10:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 11:16 65536]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 15:13 71176]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-16 14:01 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-16 14:01 92704]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 02:28 81920]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 01:11 49152]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 04:56 54936]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 06:59 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\WINDOWS\RtHDVCpl.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\WINDOWS\KHALMNPR.Exe]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-08-02 16:58:04 805392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 02:38 34672 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-08-08 01:47 39408 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-08-02 17:22 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-18 23:38 1008184 C:\Program Files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3933180567-1906462313-899874194-1001]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5448DF4B-7068-49AE-9368-E2DAB0C4A9DE}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{B62A101A-BA0F-479A-AEF9-ACFAA394CB5D}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{85081B59-42E0-44F2-8877-F53B1D4758BE}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{011E587B-E51C-49BA-B14A-2DFF32D015B7}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{B849DA94-D8C8-409F-91A6-56742B1AA2D2}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{0B35845D-A227-45A2-8A58-58FD7B62102E}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{2DF2CF5F-F1EE-4ADF-99E5-F3F6DF4F4516}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{14DEE5E8-5F93-4CB1-9B1D-06F95A63F23C}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{280FE1A3-3849-485B-80A7-0FD103E35CA2}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{340C16FF-04A7-4645-9DEC-930CF285E933}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{3041B941-63CD-486A-968A-600DED330A10}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{30E72723-FDCA-461D-B20C-0346C56B343F}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D0995B3A-8EA9-4E31-932C-1BC9F0FC414C}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D31692C9-2D81-4742-9251-51CFC3580674}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"TCP Query User{DF3DA348-1975-4244-B647-933E566DEAB0}C:\\users\\thomzen27\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= UDP:C:\users\thomzen27\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"UDP Query User{AC7344A6-BC36-4A30-8A22-EA413006AACD}C:\\users\\thomzen27\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= TCP:C:\users\thomzen27\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"TCP Query User{88702D48-7AEC-4DA2-A7C7-583D4988BCEE}C:\\program files\\rhapsody\\rhapsody.exe"= UDP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"UDP Query User{A758635D-BE27-4420-A9EB-93817AF494D5}C:\\program files\\rhapsody\\rhapsody.exe"= TCP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"{E9EC9C3F-F19B-4B71-B407-6780121D4CFB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{287DE6C1-A8E5-4553-AD59-E77E4DB9A51F}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{7F92F755-E04A-4302-9B71-A70E0A955DB2}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{C27A6DEB-F973-4970-9678-AADB86D25443}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{7116800D-C4CC-4AC0-8E30-17C200A32344}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{6716C88A-C58E-4510-9BB4-A56458002ED8}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{78EFD706-C95D-4E0F-84AB-73DC09C1A179}"= UDP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
"{11BD5926-A64E-4997-A321-692E3255CBA8}"= TCP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys [2008-08-02 18:12]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys [2008-08-02 18:12]
R2 DQLWinService;DQLWinService;C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 12:32]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 10:19]
R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 16:45]
R2 NVR0FLASHDev;NVR0FLASHDev;C:\Windows\nvflash.sys [2008-05-23 11:11]
R2 UpdateCenterService;Update Center Service;C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-05-23 11:14]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys [2007-06-11 04:49]
S2 IntelDHSvcConf;Intel DH Service;C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 11:13]
S3 MSHUSBVideo;NX6000/NX3000/VX7000 Filter Driver;C:\Windows\system32\Drivers\nx6000.sys [2007-04-12 16:46]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-04-20 12:21]
S3 UMPass;Microsoft UMPass Driver;C:\Windows\system32\DRIVERS\umpass.sys [2008-01-18 21:53]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{301c9f93-610a-11dd-a4cc-001d60b501b7}]
\shell\AutoRun\command - M:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dee3ac0f-60c1-11dd-8a95-806e6f6e6963}]
\shell\AutoRun\command - F:\Autorun.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2008-08-12 C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
2008-08-08 C:\Windows\Tasks\HPCeeScheduleForThomZen27.job
- C:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-05-17 18:55]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\ThomZen27\AppData\Roaming\Mozilla\Firefox\Profiles\acgpe7s7.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ig?source=mpues&hl=en
FF -: plugin - C:\Program Files\Google\Google Updater\2.3.1314.1135\npCIDetect12.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-12 16:49:36
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\Windows\system32\winlogon.exe
-> C:\Windows\system32\guard32.dll
PROCESS: C:\Windows\system32\lsass.exe
-> C:\Windows\system32\guard32.dll
PROCESS: C:\Windows\Explorer.exe
-> �:\Windows\system32\Normaliz.dll
.
Completion time: 2008-08-12 16:51:34
ComboFix-quarantined-files.txt 2008-08-12 21:51:30
Pre-Run: 261,826,707,456 bytes free
Post-Run: 261,806,804,992 bytes free
351 --- E O F --- 2008-08-12 20:56:17
Hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:13:16 PM, on 8/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Logishrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12805 bytes
© 2008 Advanced PC Media LLC, all rights reserved. Tweaks.com is not affiliated with Microsoft.