Would like a look over plz

M

Muffin Man

muffin enthusiast
Messages
2,724
Location
new york
i'm looking for some help diagnosing my roomy's laptop >.<

here are the logs:

Code: 
ComboFix 11-03-08.03 - owner 03/09/2011   7:18.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1790.828 [GMT -8:00]
Running from: c:\users\owner\Desktop\Documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hNmDhHf06504
c:\programdata\hNmDhHf06504\hNmDhHf06504
c:\programdata\hNmDhHf06504\hNmDhHf06504.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-02-09 to 2011-03-09  )))))))))))))))))))))))))))))))
.
.
2011-03-09 15:27 . 2011-03-09 15:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-03-09 15:27 . 2011-03-09 15:27	--------	d-----w-	c:\users\Joshua McVayBennett\AppData\Local\temp
2011-03-09 14:48 . 2011-03-09 14:48	28752	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE819B58-6F47-4F48-8A13-062D309A0F3A}\MpKsl0a964329.sys
2011-03-09 14:48 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE819B58-6F47-4F48-8A13-062D309A0F3A}\mpengine.dll
2011-02-25 11:02 . 2009-10-09 21:56	2048	----a-w-	c:\windows\system32\winrsmgr.dll
2011-02-11 15:44 . 2011-02-11 15:43	439632	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B4C80A3-D8AD-40B8-A53B-45B2151AF080}\gapaengine.dll
2011-02-11 15:31 . 2011-01-13 09:41	5890896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-02-11 15:30 . 2011-02-11 15:32	--------	d-----w-	c:\program files\Microsoft Security Client
2011-02-11 15:29 . 2010-04-05 20:00	221568	----a-w-	c:\windows\system32\drivers\netio.sys
2011-02-10 17:39 . 2011-01-20 13:44	797184	----a-w-	c:\windows\system32\FntCache.dll
2011-02-10 17:39 . 2011-01-20 14:12	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2011-02-10 17:39 . 2011-01-20 13:44	1068544	----a-w-	c:\windows\system32\DWrite.dll
2011-02-10 17:39 . 2011-01-20 14:15	979456	----a-w-	c:\windows\system32\MFH264Dec.dll
2011-02-10 17:39 . 2011-01-20 13:47	683008	----a-w-	c:\windows\system32\d2d1.dll
2011-02-10 17:39 . 2011-01-20 14:24	135680	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-02-10 17:39 . 2011-01-20 14:28	1554432	----a-w-	c:\windows\system32\xpsservices.dll
2011-02-10 17:39 . 2011-01-20 14:27	876032	----a-w-	c:\windows\system32\XpsPrint.dll
2011-02-10 17:39 . 2011-01-20 14:24	288768	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-02-10 17:39 . 2011-01-20 14:14	357376	----a-w-	c:\windows\system32\MFHEAACdec.dll
2011-02-10 17:39 . 2011-01-20 14:14	302592	----a-w-	c:\windows\system32\mfmp4src.dll
2011-02-10 17:39 . 2011-01-20 14:14	261632	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-02-10 17:31 . 2010-10-15 13:48	1205080	----a-w-	c:\windows\system32\ntdll.dll
2011-02-10 17:31 . 2010-10-15 14:08	3602320	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-02-10 17:31 . 2010-10-15 14:08	3550096	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-02-10 17:02 . 2011-01-06 10:51	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-02-10 16:55 . 2010-12-31 13:57	2039808	----a-w-	c:\windows\system32\win32k.sys
2011-02-10 16:41 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-10 16:41 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-10-15 06:21	5943120	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-28 15:55 . 2011-01-23 12:13	413696	----a-w-	c:\windows\system32\odbc32.dll
2010-12-20 09:50 . 2010-11-01 12:33	22328	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-12-20 09:50 . 2010-11-01 12:32	103736	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-12-14 14:49 . 2011-01-23 12:13	1169408	----a-w-	c:\windows\system32\sdclt.exe
2010-12-09 20:36 . 2010-12-09 20:36	749832	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080]
"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2009-04-11 1233920]
"Google Update"="c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-14 136176]
"SpeedItUpEX"="c:\program files\SpeedItup Free\SpeedItUp.exe" [2009-06-25 2275328]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Aim"="c:\program files\AIM\aim.exe" [2010-10-12 4258136]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-10-13 148888]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
c:\users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl761b603e;MpKsl761b603e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EAA68A1-0499-48D9-A318-92D409E3059F}\MpKsl761b603e.sys [x]
R1 MpKsl786a8267;MpKsl786a8267;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2977D7B5-FF84-4FA4-B7FA-88EFEFEDC497}\MpKsl786a8267.sys [x]
R1 MpKsl8928be70;MpKsl8928be70;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70CF08EA-A190-436C-AB76-1529D131F277}\MpKsl8928be70.sys [x]
R1 MpKsle2f0dd29;MpKsle2f0dd29;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20C897D2-55B4-418F-B1C8-FA8DB4CC6940}\MpKsle2f0dd29.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-25 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 MpKsl0a964329;MpKsl0a964329;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE819B58-6F47-4F48-8A13-062D309A0F3A}\MpKsl0a964329.sys [2011-03-09 28752]
S1 MpKslbe05c909;MpKslbe05c909;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CABE0953-1D91-4FDB-8102-59E8734D28B7}\MpKslbe05c909.sys [x]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL0A964329
*NewlyCreated* - MPKSL6AF57F3B
*Deregistered* - MpKsl6af57f3b
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-19 22:15]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-19 22:15]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1836387174-2195323629-3464624386-1000Core.job
- c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-14 13:34]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1836387174-2195323629-3464624386-1000UA.job
- c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-14 13:34]
.
2009-05-01 c:\windows\Tasks\HPCeeScheduleForowner.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-25 18:34]
.
2011-03-08 c:\windows\Tasks\Norton Security Scan for owner.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-15 17:06]
.
2011-03-09 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2010-10-15 21:48]
.
2011-03-09 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe [2010-10-15 21:34]
.
2011-03-09 c:\windows\Tasks\User_Feed_Synchronization-{EBB3FE4E-2069-4721-97A9-8F45ED7D10E7}.job
- c:\windows\system32\msfeedssync.exe [2011-02-10 04:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKCU-Run-Weather - c:\program files\AWS\WeatherBug\Weather.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-09 07:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-03-09  07:30:47
ComboFix-quarantined-files.txt  2011-03-09 15:30
.
Pre-Run: 159,483,834,368 bytes free
Post-Run: 159,843,389,440 bytes free
.
- - End Of File - - 518CCD050AC854D9932A03A32A62296F

Code: 
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5994

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

3/9/2011 7:57:48 AM
mbam-log-2011-03-09 (07-57-48).txt

Scan type: Quick scan
Objects scanned: 161596
Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Code: 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:03:34 AM, on 3/9/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\owner\Desktop\Documents\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\SpeedItup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7277 bytes
 
You must log in or register to reply here.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
J
Freezing up
Replies
5
Views
3K
jetsmell
J
C
Hacked by malware
2
Replies
10
Views
9K
PP Mguire
PP Mguire
Back
Top Bottom