Hi
I ran combofix again with the text files as requested
Please find below my latest combofix report and hijack log
I have to say even before running the latest combofix with the text file my laptop is running a lot better. What was the latest run for out of interest?
I am guessing you are still seeing some things are not quite right.
Thanks
David
COMBOFIX LOG
ComboFix 08-03-07.4 - David Turpie 2008-03-09 14:33:08.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.170 [GMT 0:00]
Running from: C:\Documents and Settings\David Turpie\My Documents\Downloads\To check\ComboFix2.exe
Command switches used :: C:\Documents and Settings\David Turpie\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-02-09 to 2008-03-09 )))))))))))))))))))))))))))))))
.
2008-03-08 10:21 . 2008-03-08 10:22 <DIR> d-------- C:\ComboFix
2008-03-04 20:31 . 2008-03-04 20:32 <DIR> d-------- C:\Program Files\Elf Bowling The Last Insult
2008-03-02 16:37 . 2008-03-02 16:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-03-02 15:48 . 1995-02-28 11:14 164,928 --a------ C:\WINDOWS\system\BWCC.DLL
2008-03-02 15:48 . 1995-02-28 11:16 97,072 --a------ C:\WINDOWS\system\BWCC0007.DLL
2008-03-02 15:48 . 1995-02-28 11:16 96,928 --a------ C:\WINDOWS\system\BWCC000C.DLL
2008-03-02 15:48 . 1995-02-28 11:17 96,912 --a------ C:\WINDOWS\system\BWCC0009.DLL
2008-03-02 15:47 . 1998-02-06 22:23 248,064 --a------ C:\WINDOWS\UNINST16.EXE
2008-03-02 15:47 . 1995-07-13 19:43 26,768 --a------ C:\WINDOWS\system\CTL3D.DLL
2008-03-02 15:29 . 2008-03-02 15:35 <DIR> d-------- C:\Program Files\STARWARS_TheBattleOfEndor_v21
2008-03-01 17:31 . 2008-03-01 17:31 <DIR> d-------- C:\Program Files\mackoy
2008-03-01 16:45 . 2008-03-01 16:46 <DIR> d-------- C:\Program Files\BVE
2008-03-01 16:12 . 2008-03-01 16:44 <DIR> d-------- C:\BMW M3 Challenge
2008-03-01 16:00 . 2008-03-01 16:00 <DIR> d-------- C:\Program Files\Rorschach Software
2008-03-01 15:55 . 2008-03-01 15:55 <DIR> d-------- C:\TCPoker
2008-03-01 14:32 . 2008-03-01 14:32 <DIR> d-------- C:\Documents and Settings\David Turpie\freecol
2008-03-01 14:31 . 2008-03-01 14:39 <DIR> d-------- C:\Program Files\freecol
2008-03-01 12:46 . 2004-08-16 20:00 116,736 --a------ C:\WINDOWS\system32\CNMLM6s.DLL
2008-03-01 12:46 . 2004-08-16 20:00 7,680 --a------ C:\WINDOWS\system32\CNMVS6s.DLL
2008-03-01 12:45 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-01 12:45 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-01 12:42 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-03-01 12:40 . 2008-03-01 12:40 <DIR> d--h----- C:\CanonMP
2008-03-01 12:40 . 2004-10-26 05:03 557,056 --a------ C:\WINDOWS\system32\CNCC130.DLL
2008-03-01 12:40 . 2002-05-24 03:04 389,180 --a------ C:\WINDOWS\system32\UCS32P.DLL
2008-03-01 12:40 . 2004-09-07 14:53 94,208 --a------ C:\WINDOWS\system32\CNCL130.DLL
2008-03-01 12:40 . 2004-10-26 05:03 90,112 --a------ C:\WINDOWS\system32\CNCI130.DLL
2008-03-01 12:40 . 2004-10-26 05:15 49,152 --a------ C:\WINDOWS\system32\cncisco.dll
2008-03-01 12:39 . 2008-03-01 12:51 <DIR> d-------- C:\Program Files\Canon
2008-03-01 12:36 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-03-01 12:36 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-03-01 12:36 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-03-01 12:36 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-23 13:05 . 2008-02-23 13:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-17 20:59 . 2008-02-17 20:59 1,794 ---hs---- C:\WINDOWS\system32\qxdjcdpb.tmp
2008-02-17 12:26 . 2008-02-17 20:59 1,734 ---hs---- C:\WINDOWS\system32\qxdjcdpb.ini
2008-02-15 19:45 . 2008-02-17 12:24 1,554 ---hs---- C:\WINDOWS\system32\lrsvcpno.ini
2008-02-13 21:16 . 2008-02-15 19:43 1,374 ---hs---- C:\WINDOWS\system32\hdhsgfxs.ini
2008-02-13 20:19 . 2008-02-13 20:19 1,254 ---hs---- C:\WINDOWS\system32\hnajnftk.ini
2008-02-12 20:14 . 2008-02-13 20:14 1,194 ---hs---- C:\WINDOWS\system32\yqlapats.ini
2008-02-10 19:15 . 2008-02-10 19:15 0 --a------ C:\WINDOWS\TPTray.INI
2008-02-10 12:26 . 2008-02-10 12:27 145 --a------ C:\WINDOWS\Eudcedit.ini
2008-02-10 11:33 . 2008-02-12 20:11 954 ---hs---- C:\WINDOWS\system32\ibanbsok.ini
2008-02-09 12:18 . 2008-02-23 12:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-02-09 11:46 . 2008-02-09 11:46 294 ---hs---- C:\WINDOWS\system32\oulbvmyq.tmp
2008-02-09 11:46 . 2008-02-09 11:46 233 ---hs---- C:\WINDOWS\system32\oulbvmyq.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-03-06 20:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-01 15:55 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-03-01 15:55 286,720 ------w C:\WINDOWS\Setup1.exe
2008-03-01 12:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-23 13:22 --------- d-----w C:\Program Files\NovaTech Network
2008-02-23 12:47 --------- d-----w C:\Program Files\AOL 9.0
2008-02-12 21:07 --------- d-----w C:\Program Files\PartyGaming
2008-02-10 09:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kontiki
2008-02-06 21:00 --------- d-----w C:\Documents and Settings\Wendy Proctor\Application Data\Comodo
2008-02-06 18:51 92,224 ----a-w C:\WINDOWS\system32\tkvssnjw.dll
2008-02-04 22:00 93,248 ----a-w C:\WINDOWS\system32\afyovcnn.dll
2008-02-01 15:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-27 10:12 --------- d-----w C:\Program Files\Comodo
2008-01-26 16:44 73,728 ----a-w C:\WINDOWS\system32\CavEmLSP.dll
2008-01-26 16:44 499,712 ----a-w C:\WINDOWS\system32\MSVCP71.DLL
2008-01-26 16:44 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-26 16:44 348,160 ----a-w C:\WINDOWS\system32\MSVCR71.DLL
2008-01-26 16:44 216,576 ----a-w C:\WINDOWS\system32\monln.dll
2008-01-26 16:44 102,400 ----a-w C:\WINDOWS\system32\drivers\cavasm.sys
2008-01-26 16:44 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2008-01-26 16:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Comodo
2008-01-26 15:59 --------- d-----w C:\Documents and Settings\David Turpie\Application Data\Comodo
2008-01-26 15:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-26 14:49 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-20 17:06 --------- d-----w C:\Program Files\Symantec
2008-01-20 17:06 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-20 16:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-20 12:50 --------- d-----w C:\Program Files\Crawler
2008-01-20 12:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-20 12:17 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-19 15:41 --------- d-----w C:\Program Files\XoftSpySE
2008-01-19 15:28 --------- d-----w C:\Program Files\Unlocker
2008-01-19 14:17 --------- d-----w C:\Program Files\jZip
2008-01-19 12:02 --------- d-----w C:\Program Files\Windows Installer Clean Up
2008-01-19 12:02 --------- d-----w C:\Program Files\MSECACHE
2008-01-19 08:50 --------- d-----w C:\Documents and Settings\David Turpie\Application Data\LimeWire
2008-01-17 21:19 --------- d-----w C:\Program Files\Kontiki
2008-01-15 21:21 --------- d-----w C:\Program Files\Common Files\AOL
2008-01-15 20:14 --------- d-----w C:\Program Files\Viewpoint
2008-01-06 10:21 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-11-25 07:59 40,960 ----a-w C:\Documents and Settings\David Turpie\f.exe
2007-11-25 07:59 0 -c--a-w C:\Documents and Settings\David Turpie\z.dat
2007-11-25 07:59 0 -c--a-w C:\Documents and Settings\David Turpie\x.dat
2007-10-28 14:47 28,677 ----a-w C:\Documents and Settings\David Turpie\update.exe
2006-10-20 20:34 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-09-10 11:22 2,594 ----a-w C:\Documents and Settings\David Turpie\Application Data\wklnhst.dat
2005-12-30 13:14 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\
Pr ocs]
@={51D8EAB2-A055-487F-BBE0-DFB79DD0E76D}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 10:26 65536]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-05-27 09:01 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 05:40 196608]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 15:25 73728]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-22 08:10 88358 C:\WINDOWS\agrsmmsg.exe]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2005-05-10 13:13 675840]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-11-29 20:06 53248]
"TOSHIBA Accessibility"="C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe" [2004-04-30 22:02 24576]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-04-30 22:02 28672]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2005-02-25 14:59 65536]
"Zooming"="ZoomingHook.exe" [2004-07-14 15:07 24576 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [2005-03-30 17:01 28672 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [2005-01-21 07:53 266240 C:\WINDOWS\system32\TPSMain.exe]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-11 09:12 118784]
"NDSTray.exe"="NDSTray.exe" []
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 09:56 1077327]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-01-14 00:05 122939]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-08-14 13:39 98304]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-08-14 13:41 114688]
"Persistence"="C:\WINDOWS\system32\igfxpers.ex e" [2006-08-14 13:38 94208]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 23:38 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 23:32 696320]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-17 08:10 185896]
"HostManager"="C:\Program Files\Common Files\AOL\1135854072\ee\AOLSoftware.exe" [2006-11-17 13:21 50736]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-01-26 15:56 1115728]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2008-01-26 16:44 110592]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Norton GoBack.lnk - C:\Program Files\Norton GoBack\GBTray.exe [2004-08-13 10:26:46 803976]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2005-10-01 16:40:42 155648]
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"= shdocvw.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccawxu]
fccawxu.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
monln.dll 2008-01-26 16:44 216576 C:\WINDOWS\system32\monln.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnolll]
opnolll.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyxxxv]
xxyxxxv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^David Turpie^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
-ra------ 2007-12-07 15:30 71008 C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 12:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Host Process]
C:\WINDOWS\Fonts\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2006-11-17 13:21 50736 C:\Program Files\Common Files\AOL\1135854072\ee\AOLSoftware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-12-11 12:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\postSetupCheck]
C:\WINDOWS\system32\gzmrt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-12-11 10:56 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 03:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-05-27 09:01 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-03-17 08:10 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)
"GBPoll"=2 (0x2)
"aawservice"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135854072\\ee\\aolsoftware.exe"=
"C:\\Program Files\\Kontiki\\KService.exe"=
"C:\\Program Files\\Kontiki\\KHost.exe"=
S3 SaiH5F0D;SaiH5F0D;C:\WINDOWS\system32\DRIVERS\SaiH 5F0D.sys [2005-11-14 06:19]
S3 SaiU5F0D;SaiU5F0D;C:\WINDOWS\system32\DRIVERS\SaiU 5F0D.sys [2005-11-14 06:19]
S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 15:36]
.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 13:56:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-09 13:57:33 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-02-01 15:01:18 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2005-10-01 16:16:27 C:\WINDOWS\Tasks\Registration reminder 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-01-21 19:55:34 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
"2008-03-09 14:33:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
"2007-11-25 08:39:28 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2007-11-25 08:39:27 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
************************************************** ************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-03-09 14:36:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
Completion time: 2008-03-09 14:37:16
ComboFix-quarantined-files.txt 2008-03-09 14:37:12
ComboFix2.txt 2008-03-08 10:49:05
.
2008-02-17 12:30:07 --- E O F ---
HIJACKTHIS LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:38:30, on 09/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1135854072\ee\AOLSoftware.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\common files\aol\1135854072\ee\services\antiSpywareApp\ve r2_0_12\AOLSP Scheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
Google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 -
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
gbtray.exe taking up CPU
gbtray.exe taking up CPU
