Here are the new logs:
ComboFix 08-08-23.03 - Melissa 2008-08-27 14:24:55.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.563 [GMT -4:00]
Running from: C:\Documents and Settings\Melissa\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Melissa\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
C:\WINDOWS\system32\g6hIOlP3.exe
C:\WINDOWS\system32\g6hIOlP3.exe.a_a
C:\WINDOWS\system32\g6hIOlP3.exe_
C:\WINDOWS\system32\g6JR4L6F.exe
C:\WINDOWS\system32\g6JR4L6F.exe.a_a
C:\WINDOWS\system32\mdayahvi.ini
C:\WINDOWS\system32\uyivvmvn.dll_old
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\g6hIOlP3.exe
C:\WINDOWS\system32\g6hIOlP3.exe.a_a
C:\WINDOWS\system32\g6hIOlP3.exe_
C:\WINDOWS\system32\g6JR4L6F.exe
C:\WINDOWS\system32\g6JR4L6F.exe.a_a
C:\WINDOWS\system32\mdayahvi.ini
C:\WINDOWS\system32\uyivvmvn.dll_old
.
((((((((((((((((((((((((( Files Created from 2008-07-27 to 2008-08-27 )))))))))))))))))))))))))))))))
.
2008-08-27 14:22 . 2008-08-27 14:22 <DIR> d-------- C:\Program Files\Sun
2008-08-27 14:22 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-27 14:19 . 2008-08-27 14:19 <DIR> d-------- C:\Program Files\Common Files\Java
2008-08-20 14:01 . 2008-08-20 14:01 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-16 21:22 . 2008-08-16 21:22 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\Windows Search
2008-08-13 22:38 . 2008-05-01 10:30 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-13 00:01 . 2008-08-13 00:01 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\Apple Computer
2008-08-13 00:00 . 2008-08-13 00:01 <DIR> d-------- C:\Program Files\Safari
2008-08-13 00:00 . 2008-08-13 00:00 <DIR> d-------- C:\Program Files\Apple Software Update
2008-08-13 00:00 . 2008-08-13 00:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-31 21:40 . 2008-07-31 21:40 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\Windows Desktop Search
2008-07-31 21:39 . 2008-07-31 21:39 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-07-31 21:39 . 2008-07-31 21:39 <DIR> d-------- C:\Program Files\Windows Desktop Search
2008-07-31 21:38 . 2008-03-07 12:56 192,000 -----c--- C:\WINDOWS\system32\dllcache\offfilt.dll
2008-07-31 21:38 . 2008-03-07 12:56 98,304 -----c--- C:\WINDOWS\system32\dllcache\nlhtml.dll
2008-07-31 21:38 . 2008-03-07 12:56 29,696 -----c--- C:\WINDOWS\system32\dllcache\mimefilt.dll
2008-07-28 16:39 . 2008-07-28 18:00 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-27 18:22 --------- d-----w C:\Program Files\Java
2008-08-26 04:04 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-26 02:07 3,302 ----a-w C:\Documents and Settings\Melissa\Application Data\wklnhst.dat
2008-08-18 03:31 --------- d-----w C:\Program Files\Dl_cats
2008-08-17 04:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-08-17 04:56 --------- d-----w C:\Program Files\Common Files\AOL
2008-08-17 04:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-08-15 23:49 --------- d-----w C:\Program Files\Google
2008-08-11 00:15 --------- d-----w C:\Program Files\Yahoo! Games
2008-07-07 20:06 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 20:23 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-05-29 15:16 633,344 ----a-w C:\WINDOWS\system32\gpprefcl.dll
2008-05-27 02:21 1,582,592 ----a-w C:\WINDOWS\system32\tquery.dll
2008-05-27 02:21 1,418,240 ----a-w C:\WINDOWS\system32\mssrch.dll
2008-05-27 02:19 97,792 ----a-w C:\WINDOWS\system32\UncCplExt.dll
2008-05-27 02:19 273,408 ----a-w C:\WINDOWS\system32\oeph.dll
2008-05-27 02:19 2,048 ----a-w C:\WINDOWS\system32\UncRes.dll
2008-05-27 02:19 143,872 ----a-w C:\WINDOWS\system32\UncDMS.dll
2008-05-27 02:19 131,072 ----a-w C:\WINDOWS\system32\UncPH.dll
2008-05-27 02:19 11,264 ----a-w C:\WINDOWS\system32\oephRes.dll
2008-05-27 02:19 108,032 ----a-w C:\WINDOWS\system32\UncNE.dll
2008-05-27 02:18 71,680 ----a-w C:\WINDOWS\system32\propdefs.dll
2008-05-27 02:18 56,320 ----a-w C:\WINDOWS\system32\xmlfilter.dll
2008-05-27 02:18 44,032 ----a-w C:\WINDOWS\system32\msstrc.dll
2008-05-27 02:18 439,808 ----a-w C:\WINDOWS\system32\searchindexer.exe
2008-05-27 02:18 38,400 ----a-w C:\WINDOWS\system32\rtffilt.dll
2008-05-27 02:18 350,208 ----a-w C:\WINDOWS\system32\mssph.dll
2008-05-27 02:18 231,936 ----a-w C:\WINDOWS\system32\msshsq.dll
2008-05-27 02:18 203,776 ----a-w C:\WINDOWS\system32\mssphtb.dll
2008-05-27 02:18 184,832 ----a-w C:\WINDOWS\system32\searchprotocolhost.exe
2008-05-27 02:17 87,552 ----a-w C:\WINDOWS\system32\searchfilterhost.exe
2008-05-27 02:17 87,552 ----a-w C:\WINDOWS\system32\mssitlb.dll
2008-05-27 02:17 754,176 ----a-w C:\WINDOWS\system32\propsys.dll
2008-05-27 02:17 60,416 ----a-w C:\WINDOWS\system32\msscntrs.dll
2008-05-27 02:17 34,816 ----a-w C:\WINDOWS\system32\msscb.dll
2008-05-27 02:17 32,768 ----a-w C:\WINDOWS\system32\mssprxy.dll
2008-05-27 02:17 301,568 ----a-w C:\WINDOWS\system32\srchadmin.dll
2008-05-27 02:17 11,776 ----a-w C:\WINDOWS\system32\msshooks.dll
2008-05-27 01:59 18,904 ----a-w C:\WINDOWS\system32\structuredqueryschematrivial.bin
2008-05-27 01:59 106,605 ----a-w C:\WINDOWS\system32\structuredqueryschema.bin
2007-02-22 21:48 251 ----a-w C:\Program Files\wt3d.ini
2007-01-02 22:11 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2008-01-24 01:08 56 --sh--r C:\WINDOWS\system32\E89DC9EBC3.sys
2008-01-24 01:08 3,766 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( snapshot@2008-08-25_23.50.16.34 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-06-03 10:24:06 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-06-10 05:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2005-06-03 10:24:14 49,250 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-10 05:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2005-06-03 11:52:56 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-10 06:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 08:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 01:55 98304]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 01:55 118784]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-26 20:13 122880]
"dla"="C:\WINDOWS\system32\dla\DLACTRLW.exe" [2005-10-06 09:20 122940]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 16:37 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 15:41 602182]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 08:20 1024000]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-12-16 04:34 82009]
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [2005-11-30 16:25 73728]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"TFncKy"="TFncKy.exe" [BU]
"TDispVol"="TDispVol.exe" [2005-03-11 19:03 73728 C:\WINDOWS\system32\TDispVol.exe]
"TPSMain"="TPSMain.exe" [2005-06-01 01:00 282624 C:\WINDOWS\system32\TPSMain.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 22:19 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAMASST.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk
backup=C:\WINDOWS\pss\RAMASST.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ZoneAlarm Pro.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ZoneAlarm Pro.lnk
backup=C:\WINDOWS\pss\ZoneAlarm Pro.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Melissa^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=C:\Documents and Settings\Melissa\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
--a------ 2006-03-21 21:30 1191936 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 17:56 64512 C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2005-11-28 01:52 77824 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
--a------ 2004-08-18 07:37 184320 C:\Program Files\ltmoh\ltmoh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
--a------ 2006-11-07 18:49 1121280 C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinger]
--a------ 2005-03-17 21:37 151552 c:\TOSHIBA\IVP\ISM\pinger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2007-12-06 08:20 1024000 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2005-12-16 04:34 82009 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THotkey]
--a------ 2006-01-05 18:02 352256 C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
--a------ 2004-12-30 04:32 65536 C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]
--a------ 2005-11-30 16:25 73728 C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2005-10-15 10:29 88203 C:\WINDOWS\agrsmmsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TDispVol]
--a------ 2005-03-11 19:03 73728 C:\WINDOWS\system32\TDispVol.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
--a------ 2005-06-01 01:00 282624 C:\WINDOWS\system32\TPSMain.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=2 (0x2)
"aawservice"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= C:\\TOSHIBA\\IVP\\ISM\\pinger.exe
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Common Files\\AOL\\1147563008\\EE\\AOLServiceHost.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dlcxcoms.exe"=
R2 dlcx_device;dlcx_device;C:\WINDOWS\system32\dlcxcoms.exe [2006-10-11 17:48]
S3 IO_Memory;IO_Memory;c:\sysprep\Drivers\ioport.sys []
S3 SVRPEDRV;SVRPEDRV;C:\SYSPREP\PEDrv.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d7d2688-e583-11db-a0ae-00038a000015}]
\Shell\AutoRun\command - E:\Win95\Maxis.exe Win95
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-08-27 14:28:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\NavLogon.dll
.
Completion time: 2008-08-27 14:29:55
ComboFix-quarantined-files.txt 2008-08-27 18:29:33
ComboFix2.txt 2008-08-26 03:50:53
Pre-Run: 124,897,624,064 bytes free
Post-Run: 124,895,223,808 bytes free
229 --- E O F --- 2008-08-26 04:04:18
Malwarebytes' Anti-Malware 1.25
Database version: 1089
Windows 5.1.2600 Service Pack 2
3:52:57 PM 8/27/2008
mbam-log-08-27-2008 (15-52-57).txt
Scan type: Full Scan (C:\|)
Objects scanned: 117507
Time elapsed: 42 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 92
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\acnqxnpo.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awturPHy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bfwnhgfg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cwiqffee.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cylhsb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dhqrpbdm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dlemynqt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ewkhcyyb.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ghwtqcor.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gyvglcpm.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hvfrvqpq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ivoltoap.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jbalyq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jqjhoh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kgleokyh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kpatlaps.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kuijqwdf.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lcqjtgrr.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lwbtshcp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\mxnqjyxh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ngjwrafc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nvvnwg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nykbnnmq.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\oebvoirm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pflnqc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\psmtujmm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rxcrmxuk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\thnwjfla.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tjxrmvwf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ubtealdt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\uyivvmvn.dll_old.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vncfwaoc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vrqfuiwm.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wasbdnnr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wqmwrd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wyukiakh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\xkeyec.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\yghbfocr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\zqidgk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0054068.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0054070.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055209.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055210.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0054066.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055438.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055486.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055495.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055504.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0055539.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0056529.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0056580.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0057745.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP308\A0057746.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057914.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057915.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057916.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057917.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057918.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057919.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057920.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057921.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057922.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057923.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057924.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057925.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057926.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057928.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057929.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057931.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057932.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057933.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057934.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057935.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057936.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057937.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057938.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057939.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057940.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057941.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057942.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057943.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057946.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057947.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057948.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057949.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057950.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057951.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057952.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057953.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057954.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP310\A0057927.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:08:25 PM, on 8/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://www.myfamily.com/Controls/Upload/ImageUploader5.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178127861781
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) -
http://onlinedesigner.hgtv.com/images/app/view22rte.cab
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
--
End of file - 8210 bytes
The machine seems to be running much better now, but I will let you know if there are any further problems. Thank you so much for all your help!