virus on my computor

2»

Comments

  • jewls
    jewls Posts: 165 Forumite
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-11-19 22:28 . 2009-11-19 18:04 3432 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
    2009-11-19 22:00 . 2007-08-28 12:58 4096 d
    w- c:\programdata\Google Updater
    2009-11-19 18:41 . 2007-04-24 19:23 4096 d
    w- c:\program files\Java
    2009-11-18 22:44 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2009-11-18 22:43 . 2009-11-18 22:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    2009-11-18 22:42 . 2009-11-18 22:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2009-11-14 21:09 . 2008-11-01 20:12 1356 ----a-w- c:\users\neil\AppData\Local\d3d9caps.dat
    2009-11-14 10:13 . 2006-11-02 11:18
    d
    w- c:\program files\Windows Mail
    2009-11-14 09:51 . 2008-02-18 12:01
    d
    w- c:\programdata\Microsoft Help
    2009-11-08 09:25 . 2007-04-23 02:30 25070 ----a-w- c:\users\neil\AppData\Roaming\nvModes.dat
    2009-11-04 23:00 . 2009-02-02 10:29 148495 ----a-w- c:\windows\hpoins19.dat
    2009-11-03 23:45 . 2007-08-28 12:58 4096 d
    w- c:\program files\Google
    2009-11-03 17:44 . 2006-12-07 12:06 4096 d
    w- c:\programdata\Symantec
    2009-11-03 08:36 . 2009-11-02 22:48 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
    2009-11-03 08:36 . 2009-11-02 22:48 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
    2009-11-03 08:28 . 2006-12-07 12:06 12288 d
    w- c:\program files\Common Files\Symantec Shared
    2009-11-02 22:39 . 2009-04-07 08:19 4096 d
    w- c:\programdata\McAfee
    2009-11-01 21:24 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Calendar
    2009-11-01 21:24 . 2006-11-02 12:37 4096 d
    w- c:\program files\Windows Sidebar
    2009-11-01 21:24 . 2006-11-02 12:37 4096 d
    w- c:\program files\Windows Journal
    2009-11-01 21:24 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Collaboration
    2009-11-01 21:24 . 2006-11-02 12:37 4096 d
    w- c:\program files\Windows Photo Gallery
    2009-11-01 21:24 . 2006-11-02 12:37 4096 d
    w- c:\program files\Windows Defender
    2009-11-01 12:22 . 2009-03-28 22:16 4096 d
    w- c:\program files\Games
    2009-11-01 12:19 . 2009-07-12 18:17
    d
    w- c:\program files\Gamehouse
    2009-10-25 18:23 . 2009-07-25 14:06
    d
    w- c:\programdata\AlawarWrapper
    2009-10-20 13:40 . 2009-10-20 13:40 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
    2009-10-20 13:40 . 2009-10-20 13:40 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
    2009-10-20 13:38 . 2009-10-20 13:38 385024 ----a-r- c:\windows\system32\IS3UI5.dll
    2009-10-20 13:37 . 2009-10-20 13:37 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
    2009-10-20 13:37 . 2009-10-20 13:37 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
    2009-10-20 13:35 . 2009-10-20 13:35 225280 ----a-r- c:\windows\system32\IS3Win325.dll
    2009-10-20 13:35 . 2009-10-20 13:35 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
    2009-10-20 13:35 . 2009-10-20 13:35 90112 ----a-r- c:\windows\system32\IS3Svc5.dll
    2009-10-20 13:31 . 2009-10-20 13:31 729088 ----a-r- c:\windows\system32\IS3Base5.dll
    2009-10-18 15:23 . 2009-10-18 15:23
    d
    w- c:\users\neil\AppData\Roaming\Princess Isabella
    2009-10-11 09:31 . 2009-10-11 09:26
    d
    w- c:\users\neil\AppData\Roaming\Epson
    2009-10-11 04:17 . 2008-11-01 09:15 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-10-09 22:21 . 2009-10-09 22:04
    d
    w- c:\program files\Common Files\EPSON
    2009-10-09 22:20 . 2009-10-09 21:58 4096 d
    w- c:\programdata\EPSON
    2009-10-09 22:13 . 2009-10-09 21:55
    d
    w- c:\program files\epson
    2009-10-09 22:12 . 2009-10-09 22:12
    d
    w- c:\programdata\UDL
    2009-10-09 22:11 . 2009-10-09 22:07
    d
    w- c:\program files\Epson Software
    2009-10-09 22:11 . 2006-12-02 07:31 12288 d--h--w- c:\program files\InstallShield Installation Information
    2009-10-09 22:06 . 2009-10-09 22:05
    d
    w- c:\program files\ABBYY FineReader 6.0 Sprint
    2009-10-09 22:04 . 2009-10-09 22:02
    d
    w- c:\program files\EpsonNet
    2009-10-01 01:02 . 2009-11-18 20:47 2537472 ----a-w- c:\windows\system32\wpdshext.dll
    2009-10-01 01:02 . 2009-11-18 20:47 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2009-10-01 01:02 . 2009-11-18 20:47 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
    2009-10-01 01:02 . 2009-11-18 20:47 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
    2009-10-01 01:01 . 2009-11-18 20:47 546816 ----a-w- c:\windows\system32\wpd_ci.dll
    2009-10-01 01:01 . 2009-11-18 20:47 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2009-10-01 01:01 . 2009-11-18 20:47 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
    2009-10-01 01:01 . 2009-11-18 20:47 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
    2009-10-01 01:01 . 2009-11-18 20:47 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2009-10-01 01:01 . 2009-11-18 20:47 350208 ----a-w- c:\windows\system32\WPDSp.dll
    2009-10-01 01:01 . 2009-11-18 20:47 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2009-10-01 01:01 . 2009-11-18 20:47 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
    2009-10-01 01:01 . 2009-11-18 20:47 226816 ----a-w- c:\windows\system32\WpdMtp.dll
    2009-10-01 01:01 . 2009-11-18 20:47 33280 ----a-w- c:\windows\system32\WpdConns.dll
    2009-10-01 01:01 . 2009-11-18 20:47 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
    2009-09-29 20:40 . 2009-02-02 19:48
    d
    w- c:\users\neil\AppData\Roaming\Image Zone Express
    2009-09-28 20:01 . 2009-09-27 08:29 8192 d
    w- c:\users\neil\AppData\Roaming\Azureus
    2009-09-27 08:30 . 2009-09-27 08:30
    d
    w- c:\programdata\Azureus
    2009-09-27 08:30 . 2009-09-27 08:29 4096 d
    w- c:\program files\Mininova-Vuze
    2009-09-27 08:29 . 2009-09-27 08:29 51200 ----a-w- c:\users\neil\AppData\Roaming\Mozilla\Firefox\Profiles\3ppyjx41.default\extensions\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}\components\FFExternalAlert.dll
    2009-09-27 08:29 . 2009-09-27 08:29 114688 ----a-w- c:\users\neil\AppData\Roaming\Mozilla\Firefox\Profiles\3ppyjx41.default\extensions\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}\components\npmozax.dll
    2009-09-27 08:29 . 2009-09-27 08:28 4096 d
    w- c:\program files\Vuze
    2009-09-26 11:36 . 2009-09-26 11:36
    d
    w- c:\users\neil\AppData\Roaming\GameHouse
    2009-09-26 11:36 . 2009-09-26 11:36
    d
    w- c:\programdata\n7-89-o9-3r-4t-r9
    2009-09-25 02:10 . 2009-11-18 20:49 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2009-09-25 02:07 . 2009-11-18 20:49 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2009-09-25 02:04 . 2009-11-18 20:49 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2009-09-25 01:49 . 2009-11-18 20:49 1554432 ----a-w- c:\windows\system32\xpsservices.dll
    2009-09-25 01:48 . 2009-11-18 20:49 351232 ----a-w- c:\windows\system32\XpsPrint.dll
    2009-09-25 01:38 . 2009-11-18 20:49 847360 ----a-w- c:\windows\system32\OpcServices.dll
    2009-09-25 01:33 . 2009-11-18 20:49 195584 ----a-w- c:\windows\system32\dxdiagn.dll
    2009-09-25 01:32 . 2009-11-18 20:49 252928 ----a-w- c:\windows\system32\dxdiag.exe
    2009-09-25 01:31 . 2009-11-18 20:49 519680 ----a-w- c:\windows\system32\d3d11.dll
    2009-09-25 01:31 . 2009-11-18 20:49 486912 ----a-w- c:\windows\system32\d3d10level9.dll
    2009-09-25 01:31 . 2009-11-18 20:49 161280 ----a-w- c:\windows\system32\d3d10_1.dll
    2009-09-25 01:31 . 2009-11-18 20:49 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
    2009-09-25 01:31 . 2009-11-18 20:49 1030144 ----a-w- c:\windows\system32\d3d10.dll
    2009-09-25 01:31 . 2009-11-18 20:49 828928 ----a-w- c:\windows\system32\d2d1.dll
    2009-09-25 01:30 . 2009-11-18 20:49 190464 ----a-w- c:\windows\system32\d3d10core.dll
    2009-09-25 01:30 . 2009-11-18 20:49 481792 ----a-w- c:\windows\system32\dxgi.dll
    2009-09-25 01:27 . 2009-11-18 20:49 793088 ----a-w- c:\windows\system32\FntCache.dll
    2009-09-25 01:27 . 2009-11-18 20:49 1064448 ----a-w- c:\windows\system32\DWrite.dll
    2009-09-24 22:54 . 2009-11-18 20:49 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
    2009-09-22 18:04 . 2009-09-22 17:53 4096 d
    w- c:\program files\Little Shop - World Traveler
    2009-09-14 09:29 . 2009-10-15 19:55 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
    2009-09-10 16:48 . 2009-10-15 19:57 218624 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-04 11:41 . 2009-10-15 19:55 60928 ----a-w- c:\windows\system32\msasn1.dll
    2009-08-29 00:27 . 2009-09-03 06:16 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2009-08-29 00:14 . 2009-09-03 06:16 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2009-08-27 05:22 . 2009-10-15 19:55 916480 ----a-w- c:\windows\system32\wininet.dll
    2009-08-27 05:17 . 2009-10-15 19:55 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2009-08-27 05:17 . 2009-10-15 19:55 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-08-27 03:42 . 2009-10-15 19:55 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-08-26 20:26 . 2009-08-26 20:26 10134 ----a-r- c:\users\neil\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2009-07-15 2224152]
    "{D51D388B-F5DC-471A-A1CE-5E2D671091C0}"= "c:\program files\Mininova-Vuze\tbMini.dll" [2009-05-20 2085400]
    [HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]
    [HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
    2009-05-20 17:05 2085400 ----a-w- c:\program files\Mininova-Vuze\tbMini.dll
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
    2009-07-15 09:09 2224152 ----a-w- c:\program files\Mininova\tbMini.dll
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2009-07-15 2224152]
    "{d51d388b-f5dc-471a-a1ce-5e2d671091c0}"= "c:\program files\Mininova-Vuze\tbMini.dll" [2009-05-20 2085400]
    [HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]
    [HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2009-07-15 2224152]
    "{D51D388B-F5DC-471A-A1CE-5E2D671091C0}"= "c:\program files\Mininova-Vuze\tbMini.dll" [2009-05-20 2085400]
    [HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]
    [HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
    [HKEY_LOCAL_MACHINE\s
  • jewls
    jewls Posts: 165 Forumite
    oftware\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-04-13 13:47 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-28 68856]
    "Trust Mouse 15349&15350.exe"="c:\program files\Trust Mouse 15349&15350\Trust Mouse 15349&15350.exe" [2007-09-05 578560]
    "AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2009-03-25 2135168]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
    "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-06 57344]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
    "HostManager"="c:\program files\Common Files\AOL\1177368183\ee\AOLSoftware.exe" [2008-06-24 41824]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-02 267048]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2009-04-13 526896]
    "EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-01-12 669520]
    "Trust Mouse 15349&15350.exe"="c:\program files\Trust Mouse 15349&15350\Trust Mouse 15349&15350.exe" [2007-09-05 578560]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-7 528384]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\eNetHook.dll
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    @="FSFilter Activity Monitor"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):cc,02,56,58,3b,5b,ca,01
    R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-05-12 61328]
    R2 gupdate1c931e132f8f970;Google Update Service (gupdate1c931e132f8f970);c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 133104]
    R2 JeaksSvr;Jeaks Toolbar Update Launcher;c:\program files\FileVOoM Pro\Jeaks Music\JeaksSvr.exe [2008-12-01 221184]
    R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
    R3 UniCamDr.Samsung;Samsung Miniket USB-D07 Capture Device;c:\windows\system32\Drivers\UniCamDr.sys [2004-11-11 27176]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SYMEFA.SYS [2009-08-22 310320]
    S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-05-12 61328]
    S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0305020.00B\BHDrvx86.sys [2009-08-22 259632]
    S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0305020.00B\ccHPx86.sys [2009-08-22 482432]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-10-28 343088]
    S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2009-08-22 117640]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-11-02 102448]
    S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0305020.00B\SYMNDISV.SYS [2009-08-22 48688]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder
    2009-11-07 c:\windows\Tasks\Epson Printer Software Downloader.job
    - c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 14:03]
    2009-11-19 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-28 16:28]
    2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 12:16]
    2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 12:16]
    2009-11-19 c:\windows\Tasks\User_Feed_Synchronization-{A242B5C8-FFD3-4FF3-A302-E1B51EC6774F}.job
    - c:\windows\system32\msfeedssync.exe [2009-10-15 03:41]
    .
    .
    Supplementary Scan
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uStart Page = hxxp://www.aol.co.uk/
    mStart Page = hxxp://www.myaolbroadband.co.uk
    uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s
    IE: &AOL Toolbar Search - c:\program files\aol\aol broadband toolbar 5.0\resources\en-GB\local\search.html
    LSP: c:\program files\Common Files\iS3\Anti-Spyware\iS3lsp.dll
    DPF: Microsoft XML Parser for Java - [URL]file:///C:/Windows/Java/classes/xmldso.cab[/URL]
    DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090820164211
    DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://driftwoodbeachbar.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    .
    - - - - ORPHANS REMOVED - - - -
    BHO-{CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - (no file)
    Toolbar-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)
    WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)
    HKCU-Run-Acer Tour Reminder - (no file)
    AddRemove-Earth Viewpoint_is1 - c:\program files\Earth Viewpoint\unins001.exe
    AddRemove-Mystery P.I.™ - Lost in Los Angeles 1.00 - c:\program files\kellygame\Mystery P.I.™

    **************************************************************************
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files:
    **************************************************************************
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
    "ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MysqlInventime]
    "ImagePath"="c:\progra~1\MYSOFT~1\SMALLB~1\mysql\bin\mysqld-nt \"--defaults-file=c:\program files\MySoftware\Small Business Manager\mysql\my.ini\" MysqlInventime"
    .
    LOCKED REGISTRY KEYS
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\S-1-5-21-2570473948-2623807429-1831362901-1000\¬ î**]
    @Allowed: (Read) (RestrictedCode)
    "MachineID"=hex:f3,1b,b1,57,6a,7d,48,00
    DUMPHIVE0.003 (REGF)
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    DLLs Loaded Under Running Processes
    - - - - - - - > 'winlogon.exe'(628)
    c:\windows\system32\eNetHook.dll
    - - - - - - - > 'lsass.exe'(612)
    c:\windows\system32\eNetHook.dll
    .
    Completion time: 2009-11-19 23:06
    ComboFix-quarantined-files.txt 2009-11-19 23:06
    Pre-Run: 4,090,494,976 bytes free
    Post-Run: 4,053,663,744 bytes free
    - - End Of File - - B653E4E8F0EC4FFC9157E1F510920D6B
  • davester
    davester Posts: 4,079 Forumite
    Part of the Furniture Combo Breaker
    Norton can slow your computer to a crawl too,
    Survey earnings total 2009 £417, 2010 £875, 2011 £574
  • jewls
    jewls Posts: 165 Forumite
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-04-13 13:47 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-28 68856]
    "Trust Mouse 15349&15350.exe"="c:\program files\Trust Mouse 15349&15350\Trust Mouse 15349&15350.exe" [2007-09-05 578560]
    "AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2009-03-25 2135168]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
    "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-06 57344]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
    "HostManager"="c:\program files\Common Files\AOL\1177368183\ee\AOLSoftware.exe" [2008-06-24 41824]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-02 267048]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2009-04-13 526896]
    "EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-01-12 669520]
    "Trust Mouse 15349&15350.exe"="c:\program files\Trust Mouse 15349&15350\Trust Mouse 15349&15350.exe" [2007-09-05 578560]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-7 528384]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\eNetHook.dll
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    @="FSFilter Activity Monitor"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):cc,02,56,58,3b,5b,ca,01
    R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-05-12 61328]
    R2 gupdate1c931e132f8f970;Google Update Service (gupdate1c931e132f8f970);c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 133104]
    R2 JeaksSvr;Jeaks Toolbar Update Launcher;c:\program files\FileVOoM Pro\Jeaks Music\JeaksSvr.exe [2008-12-01 221184]
    R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
    R3 UniCamDr.Samsung;Samsung Miniket USB-D07 Capture Device;c:\windows\system32\Drivers\UniCamDr.sys [2004-11-11 27176]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SYMEFA.SYS [2009-08-22 310320]
    S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-05-12 61328]
    S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0305020.00B\BHDrvx86.sys [2009-08-22 259632]
    S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0305020.00B\ccHPx86.sys [2009-08-22 482432]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-10-28 343088]
    S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2009-08-22 117640]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-11-02 102448]
    S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0305020.00B\SYMNDISV.SYS [2009-08-22 48688]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder
    2009-11-07 c:\windows\Tasks\Epson Printer Software Downloader.job
    - c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 14:03]
    2009-11-19 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-28 16:28]
    2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 12:16]
    2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2008-10-19 12:16]
    2009-11-19 c:\windows\Tasks\User_Feed_Synchronization-{A242B5C8-FFD3-4FF3-A302-E1B51EC6774F}.job
    - c:\windows\system32\msfeedssync.exe [2009-10-15 03:41]
    .
    .
    Supplementary Scan
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uStart Page = hxxp://www.aol.co.uk/
    mStart Page = hxxp://www.myaolbroadband.co.uk
    uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s
    IE: &AOL Toolbar Search - c:\program files\aol\aol broadband toolbar 5.0\resources\en-GB\local\search.html
    LSP: c:\program files\Common Files\iS3\Anti-Spyware\iS3lsp.dll
    DPF: Microsoft XML Parser for Java - [URL]file:///C:/Windows/Java/classes/xmldso.cab[/URL]
    DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090820164211
    DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://driftwoodbeachbar.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    .
    - - - - ORPHANS REMOVED - - - -
    BHO-{CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - (no file)
    Toolbar-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)
    WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)
    HKCU-Run-Acer Tour Reminder - (no file)
    AddRemove-Earth Viewpoint_is1 - c:\program files\Earth Viewpoint\unins001.exe
    AddRemove-Mystery P.I.™ - Lost in Los Angeles 1.00 - c:\program files\kellygame\Mystery P.I.™

    **************************************************************************
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files:
    **************************************************************************
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
    "ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MysqlInventime]
    "ImagePath"="c:\progra~1\MYSOFT~1\SMALLB~1\mysql\bin\mysqld-nt \"--defaults-file=c:\program files\MySoftware\Small Business Manager\mysql\my.ini\" MysqlInventime"
    .
    LOCKED REGISTRY KEYS
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"
    [HKEY_USERS\S-1-5-21-2570473948-2623807429-1831362901-1000\¬ î**]
    @Allowed: (Read) (RestrictedCode)
    "MachineID"=hex:f3,1b,b1,57,6a,7d,48,00
    DUMPHIVE0.003 (REGF)
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    DLLs Loaded Under Running Processes
    - - - - - - - > 'winlogon.exe'(628)
    c:\windows\system32\eNetHook.dll
    - - - - - - - > 'lsass.exe'(612)
    c:\windows\system32\eNetHook.dll
    .
    Completion time: 2009-11-19 23:06
    ComboFix-quarantined-files.txt 2009-11-19 23:06
    Pre-Run: 4,090,494,976 bytes free
    Post-Run: 4,053,663,744 bytes free
    - - End Of File - - B653E4E8F0EC4FFC9157E1F510920D6B
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350K Banking & Borrowing
  • 252.7K Reduce Debt & Boost Income
  • 453.1K Spending & Discounts
  • 243K Work, Benefits & Business
  • 597.3K Mortgages, Homes & Bills
  • 176.5K Life & Family
  • 256K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture