psophreak3000

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About psophreak3000

  • Rank
    Newbie
  1. The computer is just running at an incredibly slow pace for what it is capable of. Thank you in advance for you help [attachment=7998:Attach.zip] [attachment=7999:DDS.txt]
  2. sorry for the delay in response Easter weekend is crazy in the resturaunt buseness [attachment=7962:ComboFix.txt] [attachment=7963:OTS.Txt] [attachment=7964:gmer.txt]
  3. As requested here is the DDS Thank you in advance for your help Ltangelic, this is greatly appreceated! DDS (Ver_10-03-17.01) - NTFSx86 Run by Josh at 21:06:39.41 on Fri 04/02/2010 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_19 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1200 [GMT -5:00] SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\rpcnet.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\sttray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B18KO0Q3\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.questionablecontent.net/ uWindow Title = Internet Explorer provided by Dell BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe" uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [<NO NAME>] mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [StormCodec_Helper] "c:\program files\ringz studio\storm codec\StormSet.exe" /S /opti mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [SigmatelSysTrayApp] sttray.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\6vd8ofn6.default\ FF - prefs.js: browser.startup.homepage - hxxp://questionablecontent.net/ FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\users\josh\appdata\roaming\move networks\plugins\npqmp071505000011.dll FF - plugin: c:\users\josh\appdata\roaming\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-5-15 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-5-15 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-5-15 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-15 56816] S3 cur_bus;Curitel USB Composite Device driver (WDM);c:\windows\system32\drivers\cur_bus.sys [2005-7-19 57744] S3 cur_mdfl;Curitel Packet Service Filter;c:\windows\system32\drivers\cur_mdfl.sys [2005-7-19 8336] S3 cur_mdm;Curitel Packet Service Drivers;c:\windows\system32\drivers\cur_mdm.sys [2005-7-19 93328] S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM);c:\windows\system32\drivers\cur_serd.sys [2005-7-19 73152] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-1-6 21504] S3 netr73;Belkin Wireless G Plus MIMO USB Network Adapter Driver for Vista;c:\windows\system32\drivers\netr73.sys [2007-11-12 468480] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] =============== Created Last 30 ================ 2010-04-02 02:46:29 0 d-----w- c:\programdata\Sun 2010-04-02 02:13:42 0 d-----w- c:\program files\CCleaner 2010-03-31 13:58:04 834048 ----a-w- c:\windows\system32\wininet.dll 2010-03-31 13:58:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-03-29 15:06:33 4449 ----a-w- c:\users\josh\dane.ashx 2010-03-12 23:30:13 0 d-----w- c:\programdata\NVIDIA 2010-03-12 03:44:23 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf 2010-03-12 03:42:18 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-03-12 03:42:15 411648 ----a-w- c:\windows\system32\drivers\http.sys 2010-03-12 03:42:15 30720 ----a-w- c:\windows\system32\httpapi.dll ==================== Find3M ==================== 2010-04-03 02:01:29 17408 ----a-w- c:\windows\system32\rpcnetp.exe 2010-04-03 02:01:26 56680 ----a-w- c:\windows\system32\rpcnet.dll 2010-04-02 02:40:40 40768 ----a-w- c:\users\josh\appdata\roaming\nvModes.dat 2010-03-12 03:44:18 51200 ----a-w- c:\windows\inf\infpub.dat 2010-03-12 03:44:18 143360 ----a-w- c:\windows\inf\infstrng.dat 2010-03-12 03:44:17 143360 ----a-w- c:\windows\inf\infstor.dat 2010-03-09 09:28:20 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-24 15:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-01-25 12:00:35 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2010-01-25 12:00:35 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-01-25 12:00:35 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-01-25 12:00:22 471552 ----a-w- c:\windows\system32\secproc.dll 2010-01-25 11:58:52 332288 ----a-w- c:\windows\system32\msdrm.dll 2010-01-25 08:21:20 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-01-25 08:21:20 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-01-25 08:21:18 518144 ----a-w- c:\windows\system32\RMActivate.exe 2010-01-25 08:21:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-01-23 09:26:13 2048 ----a-w- c:\windows\system32\tzres.dll 2010-01-06 15:39:38 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-01-06 15:38:47 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-01-06 13:30:41 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-11-27 04:49:51 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-01-28 04:57:45 174 --sha-w- c:\program files\desktop.ini 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib409\perfd.dat 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib409\perfc.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib409\perfi.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib409\perfh.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib00\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib00\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib00\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib00\perfc.dat 2009-06-10 08:12:14 2048 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat 2009-06-10 08:12:14 2048 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat 2007-05-13 01:13:52 8192 --sha-w- c:\windows\users\default\NTUSER.DAT ============= FINISH: 21:07:31.48 ===============
  4. This is the Hijackthis report, i can't figure out why the computer is running slow i'm hoping someone can help me figure this out Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trillian\trillian.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe C:\Users\Josh\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.questionablecontent.net/"]http://www.questionablecontent.net/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [url="http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab"]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url] O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab"]http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab[/url] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe