TechSpot

Typing and mouse actions in browser VERY slow

By mannclann
Feb 29, 2012
  1. Hi,

    On my wife's computer the mouse performance and keying text when in browser very slow and sometimes browser hangs when typing or clicking mouse. Characters can't keep up with typing speed.

    Thanks in advance.

    Rick


    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.02.29.07

    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 8.0.6001.19190
    Stacey Mann :: HP-A6750Y [administrator]

    2/29/2012 8:54:12 PM
    mbam-log-2012-02-29 (20-54-12).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 195824
    Time elapsed: 4 minute(s), 29 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)



    No GMER Log produced

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.6001.19190 BrowserJavaVersion: 1.6.0_31
    Run by Stacey Mann at 20:39:18 on 2012-02-29
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7927.2262 [GMT -7:00]
    .
    AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\1Password\Agile1pService.exe
    C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
    C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
    C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
    C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
    C:\Users\Stacey Mann\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\RunDll32.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files (x86)\1Password\Agile1pAgent.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\SysWOW64\WinMsgBalloonServer.exe
    C:\Windows\SysWOW64\WinMsgBalloonClient.exe
    C:\Windows\SysWOW64\BeepApp.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\splwow64.exe
    C:\Windows\System32\svchost.exe -k wdisvc
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://xfinity.comcast.net/?cid=cgps02282012
    uSearch Bar = Preserve
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
    BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
    BHO: 1Password: {cb1a24da-7416-4921-a0cf-5aa1160aae2a} - C:\PROGRA~2\1PASSW~1\AGILE1~1.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [HP Photosmart 7510 series (NET)] "C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BI351W505PX:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
    uRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [Agile1pAgent] "C:\Program Files (x86)\1Password\Agile1pAgent.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
    StartupFolder: C:\Users\STACEY~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Stacey Mann\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\STACEY~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\system32\RunDll32.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - {5D7B119E-062F-476B-A5E7-797FAF554BA2} - C:\PROGRA~2\1PASSW~1\AGILE1~1.DLL
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{4C6875B5-B67C-40AF-A67B-764DA640E3AC} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9C3518EA-7099-473F-AEE0-9430F3767C7D} : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    BHO-X64: Symantec NCO BHO - No File
    BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL
    BHO-X64: Symantec Intrusion Prevention - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
    BHO-X64: Constant Guard Protection Suite (COM) - No File
    BHO-X64: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
    BHO-X64: Updater For XFIN_PORTAL - No File
    BHO-X64: 1Password: {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - C:\PROGRA~2\1PASSW~1\AGILE1~1.DLL
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
    mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    mRun-x64: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    mRun-x64: [Agile1pAgent] "C:\Program Files (x86)\1Password\Agile1pAgent.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Stacey Mann\AppData\Roaming\Mozilla\Firefox\Profiles\r56gd02w.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.digitalscrapbookpages.com/digitals/|http://digitalscrapbookpages.com/digitals/SDLu3249085lFJl3/login.php
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: capability.policy.policynames - allowclipboard
    FF - user.js: capability.policy.allowclipboard.sites - hxxps://digitalscrapbookpages.com https://http://digitalscrapbookpages.com/digitals/SDLu3249085lFJl3/ http://digitalscrapbookpages.com
    FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
    FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
    ============= SERVICES / DRIVERS ===============
    .
    R0 ahcix64s;ahcix64s;C:\Windows\system32\drivers\ahcix64s.sys --> C:\Windows\system32\drivers\ahcix64s.sys [?]
    R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-2-15 1157240]
    R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\elrawdsk.sys --> C:\Windows\system32\drivers\elrawdsk.sys [?]
    R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120229.002\IDSviA64.sys [2012-2-29 488568]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMTDIV.SYS [?]
    R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 Agile1Password;1Password;C:\Program Files (x86)\1Password\Agile1pService.exe [2011-5-6 768776]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2008-9-4 122880]
    R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
    R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe [2012-2-28 130008]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-1-21 1153368]
    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-10-28 6583160]
    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-10-28 528760]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-28 138360]
    R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-2-15 65096]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
    S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-1-28 1038088]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-16 89920]
    .
    =============== File Associations ===============
    .
    JSEFile=NOTEPAD.EXE %1
    VBEFile=NOTEPAD.EXE %1
    VBSFile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-02-28 22:02:19 432760 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symtdiv.sys
    2012-02-28 22:02:19 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symnets.sys
    2012-02-28 22:02:18 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symefa64.sys
    2012-02-28 22:02:18 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtsp64.sys
    2012-02-28 22:02:18 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symds64.sys
    2012-02-28 22:02:18 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtspx64.sys
    2012-02-28 22:02:18 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\ironx64.sys
    2012-02-28 22:01:48 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502000.00D
    2012-02-28 16:40:23 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-02-28 16:40:18 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2012-02-28 16:40:18 -------- d-----w- C:\Program Files\Symantec
    2012-02-28 16:40:18 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2012-02-28 16:39:22 -------- d-----w- C:\Windows\System32\drivers\N360x64
    2012-02-28 16:39:19 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
    2012-02-28 16:39:11 -------- d-----w- C:\Program Files (x86)\NortonInstaller
    2012-02-28 16:22:34 -------- d-----w- C:\ProgramData\IsolatedStorage
    2012-02-28 16:22:33 -------- d-----w- C:\Users\Stacey Mann\AppData\Local\ID Vault
    2012-02-28 16:22:06 91720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\IdVaultCore.XmlSerializers.dll
    2012-02-28 16:22:06 8007680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Microsoft.mshtml.dll
    2012-02-28 16:22:06 1644616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\IdVaultCore.dll
    2012-02-28 16:22:06 136264 ----a-w- C:\Program Files (x86)\Mozilla Firefox\CommonDotNET.dll
    2012-02-28 16:22:03 -------- d-----w- C:\Users\Stacey Mann\AppData\Roaming\ID Vault
    2012-02-28 16:21:40 29288 ------w- C:\Windows\System32\drivers\gidv2.sys
    2012-02-28 16:21:36 65816 ------w- C:\Windows\System32\GIDLogonCP64.dll
    2012-02-28 16:21:36 467224 ------w- C:\Windows\System32\GIDHOOK64.DLL
    2012-02-28 16:21:36 446752 ------w- C:\Windows\System32\GIDHookLogon64.dll
    2012-02-28 16:21:36 206608 ------w- C:\Windows\System32\GIDBIN1.DLL
    2012-02-28 16:21:36 109064 ------w- C:\Windows\System32\EasyHook64.dll
    2012-02-28 16:21:36 102160 ------w- C:\Windows\System32\GIDBIN3.DLL
    2012-02-28 16:21:33 -------- d-----w- C:\ProgramData\GID
    2012-02-28 16:21:27 -------- d-----w- C:\Program Files (x86)\SFT
    2012-02-28 16:21:00 -------- d-----w- C:\Program Files (x86)\Common Files\scanner
    2012-02-28 16:20:59 -------- d-----w- C:\Program Files (x86)\comcasttb
    2012-02-28 16:20:46 -------- d-----w- C:\Program Files (x86)\CA
    2012-02-28 16:20:44 -------- d-----w- C:\Windows\Downloaded Installations
    2012-02-28 16:19:29 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite
    2012-02-28 16:19:16 -------- d-----w- C:\ProgramData\White Sky, Inc
    2012-02-28 16:13:16 -------- d-----w- C:\Users\Stacey Mann\AppData\Local\Secunia PSI
    2012-02-28 16:13:02 -------- d-----w- C:\Program Files (x86)\Secunia
    2012-02-28 02:31:49 -------- d-----w- C:\Users\Stacey Mann\AppData\Roaming\HpUpdate
    2012-02-28 02:31:37 778088 ------w- C:\Windows\System32\HPDiscoPMA611.dll
    2012-02-28 02:26:40 -------- d-----w- C:\Program Files\HP
    2012-02-28 02:25:20 -------- d-----w- C:\Users\Stacey Mann\AppData\Local\HP
    2012-02-14 01:44:49 19416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
    2012-02-14 01:44:48 97240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
    2012-02-14 01:44:47 437208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
    2012-02-14 01:44:47 1911768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2012-02-14 01:44:47 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
    2012-02-08 21:14:02 -------- d-----w- C:\Program Files (x86)\Coupons
    .
    ==================== Find3M ====================
    .
    2012-02-28 16:32:34 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-02-28 16:24:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-01-12 20:16:28 2765824 ----a-w- C:\Windows\System32\win32k.sys
    2012-01-03 14:25:21 404992 ----a-w- C:\Windows\System32\drivers\afd.sys
    2011-12-17 19:50:30 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
    2011-12-15 06:47:13 1147392 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-15 06:43:19 56832 ----a-w- C:\Windows\System32\licmgr10.dll
    2011-12-15 06:43:00 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-12-15 06:42:43 77312 ----a-w- C:\Windows\System32\iesetup.dll
    2011-12-15 06:42:43 132096 ----a-w- C:\Windows\System32\iesysprep.dll
    2011-12-15 06:22:01 916992 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-15 06:18:03 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2011-12-15 06:17:51 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-12-15 06:17:35 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2011-12-15 06:17:35 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2011-12-15 05:49:57 479232 ----a-w- C:\Windows\System32\html.iec
    2011-12-15 05:21:27 385024 ----a-w- C:\Windows\SysWow64\html.iec
    2011-12-15 05:07:26 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
    2011-12-15 05:06:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-15 04:45:13 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2011-12-15 04:43:48 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-12-14 16:38:07 621056 ----a-w- C:\Windows\System32\msvcrt.dll
    2011-12-14 16:17:47 680448 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2011-12-10 22:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2009-01-21 16:14:40 9780224 ----a-w- C:\Program Files\openofficeorg30.msi
    2002-03-11 09:06:30 1822520 ----a-w- C:\Program Files\instmsiw.exe
    2002-03-11 08:45:04 1708856 ----a-w- C:\Program Files\instmsia.exe
    .
    ============= FINISH: 20:39:55.02 ===============


    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/4/2008 11:56:29 PM
    System Uptime: 2/28/2012 7:42:02 PM (25 hours ago)
    .
    Motherboard: MSI | | Aspen
    Processor: AMD Phenom(tm) 9650 Quad-Core Processor | Socket AM2 | 1200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 685 GiB total, 441.365 GiB free.
    D: is FIXED (NTFS) - 13 GiB total, 1.838 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    K: is FIXED (NTFS) - 932 GiB total, 732.329 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Realtek RTL8168C(P)/8111C(P) Family PCI-E GBE NIC
    Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A7F103C&REV_02\4&13D4822C&0&0028
    Manufacturer: Realtek
    Name: Realtek RTL8168C(P)/8111C(P) Family PCI-E GBE NIC
    PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A7F103C&REV_02\4&13D4822C&0&0028
    Service: RTL8169
    .
    ==== System Restore Points ===================
    .
    RP1583: 2/28/2012 7:19:32 PM - Windows Update
    RP1584: 2/28/2012 7:33:40 PM - Installed Skype™ 5.8
    RP1585: 2/28/2012 8:00:36 PM - Removed Java(TM) 6 Update 29 (64-bit)
    RP1586: 2/29/2012 3:00:11 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    1Password 1.0.9.272
    3ivx MPEG-4 5.0.3 (remove only)
    Adobe AIR
    Adobe Anchor Service CS4
    Adobe Bridge CS4
    Adobe CMaps CS4
    Adobe Color - Photoshop Specific CS4
    Adobe Color EU Extra Settings CS4
    Adobe Color JA Extra Settings CS4
    Adobe Color NA Recommended Settings CS4
    Adobe Color Video Profiles CS CS4
    Adobe CSI CS4
    Adobe Default Language CS4
    Adobe Device Central CS4
    Adobe Drive CS4
    Adobe ExtendScript Toolkit CS4
    Adobe Extension Manager CS4
    Adobe Flash Player 11 ActiveX
    Adobe Fonts All
    Adobe Linguistics CS4
    Adobe Media Player
    Adobe Output Module
    Adobe PDF Library Files CS4
    Adobe Photoshop CS4
    Adobe Photoshop CS4 Support
    Adobe Reader X (10.1.2)
    Adobe Search for Help
    Adobe Service Manager Extension
    Adobe Setup
    Adobe Type Support CS4
    Adobe Update Manager CS4
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS4
    AdobeColorCommonSetCMYK
    AdobeColorCommonSetRGB
    Amazon MP3 Downloader 1.0.12
    AMD USB Audio Driver Filter
    Apple Application Support
    Apple Software Update
    Bulk Rename Utility 2.7.1.1
    CA Pest Patrol Realtime Protection
    Camera Support Core Library
    Camera Window DS
    Camera Window DVC
    Camera Window MC
    Canon Camera Support Core Library
    Canon Camera WIA Driver
    Canon Camera Window DC_DV 5 for ZoomBrowser EX
    Canon Camera Window DSLR 5 for ZoomBrowser EX
    Canon Camera Window MC 5 for ZoomBrowser EX
    Canon EOS Kiss_N REBEL_XT 350D WIA Driver
    Canon PhotoRecord
    Canon RAW Image Task for ZoomBrowser EX
    Canon Utilities Digital Photo Professional 2.0
    Canon Utilities EOS Capture 1.5
    Canon Utilities PhotoStitch 3.1
    Canon ZoomBrowser EX (E)
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization Chinese Standard
    Catalyst Control Center Localization Chinese Traditional
    Catalyst Control Center Localization Czech
    Catalyst Control Center Localization Danish
    Catalyst Control Center Localization Dutch
    Catalyst Control Center Localization Finnish
    Catalyst Control Center Localization French
    Catalyst Control Center Localization German
    Catalyst Control Center Localization Greek
    Catalyst Control Center Localization Hungarian
    Catalyst Control Center Localization Italian
    Catalyst Control Center Localization Japanese
    Catalyst Control Center Localization Korean
    Catalyst Control Center Localization Norwegian
    Catalyst Control Center Localization Polish
    Catalyst Control Center Localization Portuguese
    Catalyst Control Center Localization Russian
    Catalyst Control Center Localization Spanish
    Catalyst Control Center Localization Swedish
    Catalyst Control Center Localization Thai
    Catalyst Control Center Localization Turkish
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Color Schemer Studio
    Compatibility Pack for the 2007 Office system
    Connect
    Constant Guard Protection Suite
    Coupon Printer for Windows
    CyberLink DVD Suite Deluxe
    D3DX10
    Dropbox
    Enhanced Multimedia Keyboard Solution
    EOS Capture 1.5
    EPSON Scan
    FlipShare
    GuardedID
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP Photosmart 7510 series Help
    HP Picasso Media Center Add-In
    HP Recovery Manager RSS
    HP Update
    iLumina Gold Premium
    Ipswitch WS_FTP Professional 2007
    Java Auto Updater
    Java(TM) 6 Update 31
    kuler
    LabelPrint
    LightScribe System Software 1.14.25.1
    LightScribe Template Labeler
    Macromedia Shockwave Player
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Application Error Reporting
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    Mozilla Firefox 10.0.2 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyFonts Order M1013466
    MyFonts Order M1399868
    MyFonts Order M1606301
    MyFonts Order M2054173
    MyFonts Order M3451048
    Norton Security Suite
    OpenOffice.org 3.2
    PDF Settings CS4
    Photoshop Camera Raw
    PhotoStitch
    Power2Go
    PowerDirector
    Python 2.5.2
    QuickTime
    RAIDXpert
    RAW Image Task 2.2
    Realtek 8169 8168 8101E 8102E Ethernet Driver
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Segoe UI
    Skins
    Skype Click to Call
    Skype™ 5.8
    Spybot - Search & Destroy
    Suite Shared Configuration CS4
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Visual Studio 2008 x64 Redistributables
    WebEx Support Manager for Internet Explorer
    WebTablet FB Plugin
    WebTablet IE Plugin
    WebTablet Netscape Plugin
    Windows Installer Clean Up
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    ZipGenius 6 (6.0.3.1150)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/29/2012 3:01:53 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Server 2003, Vista, and Server 2008 for x64 (KB2656353).
    2/28/2012 9:48:51 AM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).
    2/28/2012 9:39:24 AM, Error: Service Control Manager [7034] - The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).
    2/28/2012 9:33:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep FileDisk
    2/28/2012 9:22:10 AM, Error: Service Control Manager [7030] - The CGPS Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    2/28/2012 7:56:17 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    2/28/2012 7:55:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    2/28/2012 7:52:11 PM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
    2/28/2012 7:46:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
    2/28/2012 7:46:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CGPS Service service to connect.
    2/28/2012 7:46:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
    2/28/2012 7:46:23 PM, Error: Service Control Manager [7000] - The CGPS Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2/28/2012 7:46:23 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2/28/2012 7:43:27 PM, Error: Microsoft-Windows-HttpEvent [15021] - An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data.
    2/28/2012 7:08:14 PM, Error: volsnap [20] - The shadow copies of volume C: were aborted because of a failed free space computation.
    2/28/2012 11:26:06 AM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
    2/28/2012 11:21:27 AM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting.
    2/28/2012 11:21:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    2/28/2012 11:21:27 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2/28/2012 11:19:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
    2/28/2012 11:19:05 AM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2/28/2012 11:19:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
    2/28/2012 11:15:28 AM, Error: Service Control Manager [7022] - The CGPS Service service hung on starting.
    2/28/2012 11:02:31 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: After starting, the service hung in a start-pending state.
    2/28/2012 11:02:30 AM, Error: Service Control Manager [7022] - The Remote Access Connection Manager service hung on starting.
    2/28/2012 11:02:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
    2/28/2012 11:02:29 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2/28/2012 10:59:27 AM, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.4. The computer with the IP address 192.168.1.1 did not allow the name to be claimed by this computer.
    2/28/2012 10:35:49 AM, Error: Service Control Manager [7024] - The Norton Security Suite service terminated with service-specific error 4294967295 (0xFFFFFFFF).
    2/28/2012 10:34:01 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the service.
    2/28/2012 10:33:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.
    2/26/2012 7:30:49 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document DigitalsDesignerLinks - Notepad, owned by Stacey Mann, failed to print on printer Canon iP4500 series. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536. Number of bytes printed: 24668. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\HP-A6750Y. Win32 error code returned by the print processor: 1. Incorrect function.
    2/26/2012 7:26:29 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document DigitalsDesignerLinks - Notepad, owned by Stacey Mann, failed to print on printer Canon iP4500 series. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536. Number of bytes printed: 24700. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\HP-A6750Y. Win32 error code returned by the print processor: 1. Incorrect function.
    .
    ==== End Of File ===========================
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I'll be glad to check for malware, but the problem could be driver related. You are also using the Comcast Xfinity for your Start page:
    uStart Page = hxxp://xfinity.comcast.net/?cid=cgps02282012
    Suggest you change that. Also, since you have Norton, make sure you're not doubled up on AV or firewall.
    ====================================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe [​IMG]& follow the prompts.
    • If prompted for Recovery Console, please allow.
    • Once installed, you should see a blue screen prompt that says:
      • The Recovery Console was successfully installed.[/b]
      • Note: If Combofix was downloaded to a flash drive, the Recovery Console will not install- just bypass and go on.[/b]
      • Note: No query will be made if the Recovery Console is already on the system.
    • .Close/disable all anti virus and anti malware programs
      (If you need help with this, please see HERE)
    • .Close any open browsers.
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.
    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2:If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart the computer.
    Note 3:CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    =====================================
    To run the Eset Online Virus Scan:
    If you use Internet Explorer:
    1. Open the ESETOnlineScan
    2. Skip to #4 to "Continue with the directions"

      If you are using a browser other than Internet Explorer
    3. Open Eset Smart Installer
      [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
      [o] Double click on the desktop icon to run.
      [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
    4. Continue with the directions.
    5. Check 'Yes I accept terms of use.'
    6. Click Start button
    7. Accept any security warnings from your browser.
      [​IMG]
    8. Uncheck 'Remove found threats'
    9. Check 'Scan archives/
    10. Leave remaining settings as is.
    11. Press the Start button.
    12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    13. When the scan completes, press List of found threats
    14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    15. Push the Back button, then Finish
    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
    ========================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.

    If I haven't replied back to you within 48 hours, you can send a PM with your thread link in it as a reminder. Do not include technical problems from your thread. Support is given only in the forum.
    Threads are closed after 5 days if there is no reply.
     
  3. mannclann

    mannclann TS Rookie Topic Starter Posts: 20

    ComboFix 12-03-02.01 - Stacey Mann 03/03/2012 9:23.2.4 - x64
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7927.5666 [GMT -7:00]
    Running from: c:\users\Stacey Mann\Desktop\ComboFix.exe
    AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Stacey Mann\AppData\Roaming\EurekaLog
    c:\users\Stacey Mann\AppData\Roaming\EurekaLog\1Password\1Password.elf
    c:\users\Stacey Mann\AppData\Roaming\EurekaLog\firefox\Agile1pFF.elf
    c:\users\Stacey Mann\Favorites\groupon.url
    c:\windows\SysWow64\oobe\audit.exe
    c:\windows\SysWow64\oobe\msoobe.exe
    c:\windows\SysWow64\oobe\oobeldr.exe
    c:\windows\SysWow64\oobe\Setup.exe
    c:\windows\SysWow64\oobe\windeploy.exe
    K:\autorun.inf
    c:\windows\system32\oobe\audit.exe . . . . Failed to delete
    c:\windows\system32\oobe\msoobe.exe . . . . Failed to delete
    c:\windows\system32\oobe\oobeldr.exe . . . . Failed to delete
    c:\windows\system32\oobe\Setup.exe . . . . Failed to delete
    c:\windows\system32\oobe\windeploy.exe . . . . Failed to delete
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-02-03 to 2012-03-03 )))))))))))))))))))))))))))))))
    .
    .
    2012-03-03 16:34 . 2012-03-03 16:41 -------- d-----w- c:\users\Stacey Mann\AppData\Local\temp
    2012-03-03 16:34 . 2012-03-03 16:34 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-03-03 16:34 . 2012-03-03 16:34 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-03-02 03:59 . 2012-03-02 03:59 -------- d-----w- c:\program files\Microsoft IntelliType Pro
    2012-03-02 03:49 . 2012-03-02 03:49 -------- d-----w- c:\programdata\Driver Manager
    2012-02-29 02:34 . 2012-02-29 02:34 -------- d-----w- c:\program files (x86)\Common Files\Skype
    2012-02-28 16:40 . 2010-08-21 04:59 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2012-02-28 16:40 . 2012-02-28 17:20 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
    2012-02-28 16:40 . 2012-02-28 17:20 -------- d-----w- c:\program files\Symantec
    2012-02-28 16:40 . 2012-02-28 16:40 -------- d-----w- c:\program files\Common Files\Symantec Shared
    2012-02-28 16:39 . 2012-02-29 02:48 -------- d-----w- c:\windows\system32\drivers\N360x64
    2012-02-28 16:39 . 2012-02-28 16:39 -------- d-----w- c:\program files (x86)\Norton Security Suite
    2012-02-28 16:39 . 2012-02-28 16:39 -------- d-----w- c:\program files (x86)\NortonInstaller
    2012-02-28 16:24 . 2012-02-28 16:24 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-02-28 16:22 . 2012-02-28 16:22 -------- d-----w- c:\programdata\IsolatedStorage
    2012-02-28 16:22 . 2012-03-03 15:56 -------- d-----w- c:\users\Stacey Mann\AppData\Local\ID Vault
    2012-02-28 16:22 . 2012-03-03 15:56 -------- d-----w- c:\users\Stacey Mann\AppData\Roaming\ID Vault
    2012-02-28 16:21 . 2012-02-28 16:21 -------- d-----w- c:\program files (x86)\Common Files\scanner
    2012-02-28 16:20 . 2012-02-28 16:20 -------- d-----w- c:\program files (x86)\comcasttb
    2012-02-28 16:20 . 2012-02-28 16:20 -------- d-----w- c:\program files (x86)\CA
    2012-02-28 16:20 . 2012-02-28 16:20 -------- d-----w- c:\windows\Downloaded Installations
    2012-02-28 16:19 . 2012-03-03 15:58 -------- d-----w- c:\program files (x86)\Constant Guard Protection Suite
    2012-02-28 16:19 . 2012-02-28 16:19 -------- d-----w- c:\programdata\White Sky, Inc
    2012-02-28 16:13 . 2012-02-28 16:13 -------- d-----w- c:\users\Stacey Mann\AppData\Local\Secunia PSI
    2012-02-28 16:13 . 2012-02-28 16:13 -------- d-----w- c:\program files (x86)\Secunia
    2012-02-28 02:31 . 2012-02-28 02:31 -------- d-----w- c:\users\Stacey Mann\AppData\Roaming\HpUpdate
    2012-02-28 02:31 . 2011-09-01 01:37 778088 ------w- c:\windows\system32\HPDiscoPMA611.dll
    2012-02-28 02:27 . 2012-02-28 02:27 -------- d-----w- c:\programdata\HP
    2012-02-28 02:26 . 2012-02-28 02:26 -------- d-----w- c:\program files\HP
    2012-02-28 02:25 . 2012-02-28 02:44 -------- d-----w- c:\users\Stacey Mann\AppData\Local\HP
    2012-02-14 01:44 . 2012-02-17 19:50 19416 ----a-w- c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
    2012-02-14 01:44 . 2012-02-17 19:50 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
    2012-02-14 01:44 . 2012-02-17 19:50 437208 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
    2012-02-14 01:44 . 2012-02-17 19:50 1911768 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
    2012-02-14 01:44 . 2012-02-17 19:50 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
    2012-02-08 21:14 . 2012-02-08 21:14 -------- d-----w- c:\program files (x86)\Coupons
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-02-28 16:32 . 2011-05-26 21:24 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-02-28 16:24 . 2011-01-25 04:27 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2011-12-17 19:50 . 2011-12-17 19:50 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
    2011-12-10 22:24 . 2011-01-24 03:06 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-01-21 16:14 . 2009-01-21 16:14 9780224 ----a-w- c:\program files\openofficeorg30.msi
    2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w- c:\program files\instmsiw.exe
    2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w- c:\program files\instmsia.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 94208 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
    "HP Photosmart 7510 series (NET)"="c:\program files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe" [2011-09-01 2676584]
    "ComcastAntispyClient"="c:\program files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-15 17146504]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-10-18 1152296]
    "CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-10-18 189736]
    "DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "Agile1pAgent"="c:\program files (x86)\1Password\Agile1pAgent.exe" [2012-01-31 2188552]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-17 421736]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
    .
    c:\users\Stacey Mann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
    Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk - c:\windows\system32\RunDll32.exe [2006-11-2 46592]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck
    .
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-03-03 c:\windows\Tasks\User_Feed_Synchronization-{66A418A5-9DBE-4504-BDB6-715521C388A6}.job
    - c:\windows\system32\msfeedssync.exe [2012-02-16 04:44]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2010-10-06 23:36 97792 ----a-w- c:\users\Stacey Mann\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-12 2345848]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://xfinity.comcast.net/?cid=cgps02282012
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    uInternet Settings,ProxyOverride = *.local
    IE: {{00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - {5D7B119E-062F-476B-A5E7-797FAF554BA2} - c:\progra~2\1PASSW~1\AGILE1~1.DLL
    TCP: DhcpNameServer = 192.168.1.1
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    FF - ProfilePath - c:\users\Stacey Mann\AppData\Roaming\Mozilla\Firefox\Profiles\r56gd02w.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.digitalscrapbookpages.com/digitals/|http://digitalscrapbookpages.com/digitals/SDLu3249085lFJl3/login.php
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: capability.policy.policynames - allowclipboard
    FF - user.js: capability.policy.allowclipboard.sites - hxxps://digitalscrapbookpages.com https://http://digitalscrapbookpages.com/digitals/SDLu3249085lFJl3/ http://digitalscrapbookpages.com
    FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
    FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
    .
    .
    ------- File Associations -------
    .
    JSEFile=NOTEPAD.EXE %1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
    "ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
    "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
    @="131473"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\1Password\Agile1pService.exe
    c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
    c:\program files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe
    c:\program files (x86)\CA\PPRT\bin\ITMRTSVC.exe
    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
    c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    c:\windows\SysWOW64\WinMsgBalloonServer.exe
    c:\windows\SysWOW64\WinMsgBalloonClient.exe
    c:\windows\SysWOW64\BeepApp.exe
    c:\program files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\windows\SysWOW64\DllHost.exe
    .
    **************************************************************************
    .
    Completion time: 2012-03-03 09:49:06 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-03-03 16:49
    .
    Pre-Run: 480,174,891,008 bytes free
    Post-Run: 479,904,538,624 bytes free
    .
    - - End Of File - - 955D85B823AE15A98FF8CC3D826AA062


    No file produced for Eset scan
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...