|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
![]() |
|
Topic Tools |
#1
|
||||
|
||||
file association "change" button greyed out, ie sluggish
Hello :-)
I'm not sure if this post should be here in malware or in browsers forum. If it needs to be moved, just let me know. I have a neighbour who's XP system is having an unusual problem. He has Norton 360, 2012 version and it reports no infection. I also scanned his system with an up-to-date malwarebytes free version and no malware were found. I did an HJT scan, and include it at close of message. The problem is twofold 1) that the file association "change" button in the folder options section is greyed out for every file type and will not let me change ANY file associations, even in ADMIN mode; and 2) how to repair IE to run efficiently again. the curious thing is that I can change them in "Safe mode", but when booting in full mode the button is greyed out. Even when I go back in to full mode after sucessfully changing the association in safe mode, it is not changed in full mode. This suggests to me that something that loads in normal is interfering or corrupt. But I don't know where to look or what to adjust. by example: his Internet Explorer drags terribly, so until that is remedied, I installed firefox and all is well in terms of speed when surfing therein. Naturally, I wanted to put Firefox in as the default program for all .htm and .html so that when he opened a link from email, firefox would respond. No "change" button is available in normal mode, and IE is listed as the default. I then tried via safe mode and was able to change associations at will. I changed the .htm to firefox by default. I exited and went back to normal mode, and sadly IE is default and no "change" button is greyed still. So I went back to Safe mode to check that I wasn't losing my marbles and discovered the default was indeed still set at firefox for html and htm files. At this point, I need to a) be able to set the default to firefox so he doesn't accidentally surf with IE until the crawling IE issue is resolved, and b) resolve the IE issue. LIne 314 here http://www.kellys-korner-xp.com/xp_tweaks.htm offers a script for repairing the fact that there is no files association undo feature, however I didn't want to make changes until checking here in case doing so would obscure what the cause of the problem. I would appreciate a reply from someone who has some knowledge about the causes and remedies of this peculiar issue. I wasn't sure if this could be a xp, ie, or security issue. So if the post needs to be moved, let me know. have a great day. Riva hjt log... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:15:48 PM, on 4/4/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\SystemCare 5\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Administrator\Desktop\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.alot.com/web?q=&pr=aut...=2.5.15000.521 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.1.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.1.3\IPS\IPSBHO.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\s wg.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1238552613754 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\SystemCare 5\ASCService.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 7017 bytes |
#2
|
||||
|
||||
Hello Riva,
No infection showing in this limited view, and from what you describe this does not sound like an infection issue. The log does show you have that IObit's supposed Advanced SystemCare, which usually means advanced system problems. If that is still installed, why not uninstall it, reboot, and see if things correct themselves just doing that. But without any indication of infection, these issues really are things you may want to ask on in the CTH XP forum. |
#3
|
||||
|
||||
Hi Jintan
Thanks for the suggestion. I posted there first and they suggested I post here. I will take the iobit software off for him, but I don't think it'll help as even though it's only the free version, I booted with it disabled as a test. His IE is so slow, so it is corrupted somehow, hence the check for malware already. I will post back in Xp. Take care. |
#4
|
||||
|
||||
Do the Iobit change, reboot, then update me here on any improvements please. No reason to jump between threads, until we at least verify it is not something obvious.
|
#5
|
||||
|
||||
K. Will do.
|
#6
|
||||
|
||||
I just heard back from the neighbour, he only just put the free Iobit ASC on to try and fix the problem of IE speed being so sluggish. When it didn't make a difference, he called me for ideas.
Given that, there should be an option to set the system back to pre-iobit using system-restore. Is that advisable vs a simple uninstall? Also apparently iobit gets a 5star rating on Cnet, which is why he thought it safe. |
#7
|
||||
|
||||
For Cnet, other than many of their downloads currently include a Cnet bundled adware install with them, just really is a difference between good intended folks sharing their experiences, and folks like us seeing the many problems over and over again. Quite a few threads here where removal of Iobit's program(s) where the solution alone.
No, System restore should only be used when issues are just unsurmountable to correct. Always better to use the available uninstall to remove programs. |
#8
|
||||
|
||||
Hi Tom;
I removed ASC this morning, and low and behold I was able to tell Firefox to be the default browser again. :-) Unfortunately, it did not improve the crawl that his IE is at. IE takes quite a while to start up, and then runs sluggishly (example takes about a minute to open to point of usability, then surfing loads dialup slow, vs firefox that pops right up and loads pages at highspeed rate that it should). He is on DSL - this is just an example to show difference in speeds. So the question now remains, how to find the cause and then repair IE. Re-did a HJT scan, and it is below. The only other thing I noticed whilst there, was that Norton gives periodic notices that this or that program has "high memory usage". Whilst I was there, it was Firefox, then Outlook. fyi, as I'm not sure if it relates to the issue or not. Let me know if you want me to run anything else, and/or if this topic needs to jump forums. Have a great Easter weekend. I'll be back online late Monday. HJT log.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:34:02 AM, on 4/7/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Administrator\Desktop\hijackthis.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.1.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.1.3\IPS\IPSBHO.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\s wg.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1238552613754 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 6585 bytes |
#9
|
||||
|
||||
There may be some IE related programs you can uninstall to improve that. As for Norton's high cpu announcements and display, I reckon it looks pretty enough, but likely more a gimmick than an important tool. The rest of us seem to survive handily without it, and Task Manager (press ctrl - alt- delete) shows the same info.
In HijackThis, click Config - Misc Tools - Open Uninstall Manager. Click on Save List, then save that to a location you can locate again (such as the desktop). Copy/paste the contents of that back here please. |
#10
|
||||
|
||||
The Uninstall list as requested
32 Bit HP CIO Components Installer Adobe AIR Adobe AIR Adobe Flash Player 11 ActiveX Adobe Media Player Adobe Media Player Adobe Reader X (10.1.2) aMSN 0.98.4 Bonjour CCScore CleanUp! Critical Update for Windows Media Player 11 (KB959772) DVD Solution ESSBrwr ESSCDBK ESScore ESSgui ESShelp ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt essvcpt Google Earth Plug-in Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Google Update Helper High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 HLPPDOCK Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Customer Participation Program 8.0 HP Deskjet All-In-One Software 8.0 HP Imaging Device Functions 8.0 HP Photosmart Essential HP Product Assistant HP Solution Center 8.0 HP Update HPSSupply kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday Kodak EasyShare software KSU Malwarebytes Anti-Malware version 1.60.1.1000 Marvell Miniport Driver Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation Microsoft Internationalized Domain Names Mitigation APIs Microsoft LifeCam Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 9.0.1 (x86 en-US) MSN MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Launcher Nero OEM Norton 360 Notifier OfotoXMI OpenOffice.org 2.0 OTtBP OTtBPSDK PowerDVD QuickTime Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2482017) Security Update for Windows Internet Explorer 7 (KB2497640) Security Update for Windows Internet Explorer 7 (KB2530548) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2586448) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI SFR SHASTA SKIN0001 SKINXSDK Skype Click to Call Skype™ 5.5 Spell Checker For OE 2.1 staticcr Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VPRINTOL Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Management Framework Core Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WIRELESS Yahoo! Software Update Yahoo! Toolbar |
#11
|
||||
|
||||
Why not uninstall these, reboot and check for improvement. Most are really just resource wasters, but you reinstall them later:
Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper Yahoo! Software Update Yahoo! Toolbar |
#12
|
||||
|
||||
Morning Tom;
I was unable to uninstall two elements: - Google update helper - this was not listed in Add/Remove programs, (HJT shows it as a Registry key not an exe) Yahoo toolbar, is listed, but add/remove just hung on trying to uninstall it. Tried several times. Each time Task mgr processes showed 99% cpu going to Au_.exe the whole time. Tried in safe mode as well and same thing happened. Also tried using the yahoo toolbar uninstall file itself (in the directory where the toolbar is). Nothing appeared to happen with it whatsoever. The toolbar does not show up in IE display, or in manage addons etc. despite that it shows as still being installed. Of note Google Toolbar for IE was difficult to remove and that took several tries before it uninstalled. below is a current unintall list. Do you want me to use another method for uninstalling the remaining elements? No rush, can't get back to the pc til Mon next. uninstall log 32 Bit HP CIO Components Installer Adobe AIR Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Media Player Adobe Reader X (10.1.2) aMSN 0.98.4 Bonjour CCScore CleanUp! Critical Update for Windows Media Player 11 (KB959772) DVD Solution ESSBrwr ESSCDBK ESScore ESSgui ESShelp ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt essvcpt Google Update Helper High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 HLPPDOCK Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Customer Participation Program 8.0 HP Deskjet All-In-One Software 8.0 HP Imaging Device Functions 8.0 HP Photosmart Essential HP Product Assistant HP Solution Center 8.0 HP Update HPSSupply kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday Kodak EasyShare software KSU Malwarebytes Anti-Malware version 1.60.1.1000 Marvell Miniport Driver Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation Microsoft Internationalized Domain Names Mitigation APIs Microsoft LifeCam Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 11.0 (x86 en-US) Mozilla Thunderbird 11.0.1 (x86 en-US) MSN MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Launcher Nero OEM Norton 360 Notifier OfotoXMI OpenOffice.org 2.0 OTtBP OTtBPSDK PowerDVD QuickTime Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2482017) Security Update for Windows Internet Explorer 7 (KB2497640) Security Update for Windows Internet Explorer 7 (KB2530548) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2586448) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI SFR SHASTA SKIN0001 SKINXSDK Skype Click to Call Skype™ 5.5 Spell Checker For OE 2.1 staticcr Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VPRINTOL Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Management Framework Core Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WIRELESS Yahoo! Toolbar |
#13
|
||||
|
||||
We can try an uninstaller tool for the problem ones. In truth, even if you run the uninstall for Google's supposed "Update helper", it leaves it's active services behind. Have to assume Google can afford good coders for it's software, so not real clear why this might occur.
Let's go ahead and run a check-type scan first. Be sure to continue to temporarily disable any protective software when running the scan tools we use here. Download ComboFix.exe from here to your desktop, then click that to run that scan. Agree to any warnings you might receive. A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt. |
#14
|
||||
|
||||
Hi Tom
here's the combo log. I disabled norton autoprotect "permanently" whilst the scan ran. Although I see in the log that that did not disable norton firewall. Hopefully, that did not interfere. Manually re-enabled Norton after combo log produced. After the reboot, I notice that the au_.exe is still taking 99% of cpu, and the Yahoo toolbar is still listed in add/remove programs and trying to uninstall still hangs. ComboFix 12-04-15.02 - Owner 04/16/2012 10:38:21.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.157 [GMT -4:00] Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Application Data\alot c:\documents and settings\Emma\Application Data\PriceGong c:\documents and settings\Owner\Application Data\alot c:\documents and settings\Owner\Application Data\alot\BrowserSearch\BrowserSearch.xml c:\documents and settings\Owner\Application Data\alot\BrowserSearch\BrowserSearch.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_0\Button_0.xml c:\documents and settings\Owner\Application Data\alot\Button_0\Button_0.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_1\Button_1.xml c:\documents and settings\Owner\Application Data\alot\Button_1\Button_1.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_2\Button_2.xml c:\documents and settings\Owner\Application Data\alot\Button_2\Button_2.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_3\Button_3.xml c:\documents and settings\Owner\Application Data\alot\Button_3\Button_3.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_4\Button_4.xml c:\documents and settings\Owner\Application Data\alot\Button_4\Button_4.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_5\Button_5.xml c:\documents and settings\Owner\Application Data\alot\Button_5\Button_5.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_6\Button_6.xml c:\documents and settings\Owner\Application Data\alot\Button_6\Button_6.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_7\Button_7.xml c:\documents and settings\Owner\Application Data\alot\Button_7\Button_7.xml.backup c:\documents and settings\Owner\Application Data\alot\Button_8\Button_8.xml c:\documents and settings\Owner\Application Data\alot\Button_8\Button_8.xml.backup c:\documents and settings\Owner\Application Data\alot\configurator\configurator.xml c:\documents and settings\Owner\Application Data\alot\configurator\configurator.xml.backup c:\documents and settings\Owner\Application Data\alot\contextMenu\contextMenu.xml c:\documents and settings\Owner\Application Data\alot\contextMenu\contextMenu.xml.backup c:\documents and settings\Owner\Application Data\alot\ErrorSearch\ErrorSearch.xml c:\documents and settings\Owner\Application Data\alot\ErrorSearch\ErrorSearch.xml.backup c:\documents and settings\Owner\Application Data\alot\products\products.xml c:\documents and settings\Owner\Application Data\alot\products\products.xml.backup c:\documents and settings\Owner\Application Data\alot\Resources\BrowserSearch\alot_search_defe nd.html c:\documents and settings\Owner\Application Data\alot\Resources\BrowserSearch\images\favicon.i co c:\documents and settings\Owner\Application Data\alot\Resources\Button_0\images\alot_logo_butt on.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_0\images\alot_logo_butt on.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_image_sea rch.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_image_sea rch.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_news_sear ch.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_news_sear ch.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_search_bu tton.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_search_bu tton.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_shop_sear ch.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_shop_sear ch.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_videos_se arch.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_videos_se arch.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_web_searc h.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_1\images\alot_web_searc h.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_2\images\alot_configure .bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_2\images\alot_configure .png c:\documents and settings\Owner\Application Data\alot\Resources\Button_3\images\5154_icon.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_3\images\5154_icon.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_4\images\default_1588_s olitaire.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_4\images\default_1588_s olitaire.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_5\images\3562_icon.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_5\images\3562_icon.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_6\images\default_1612_a lot_widget_sudoku.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_6\images\default_1612_a lot_widget_sudoku.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_7\images\default_2254_e mail.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_7\images\default_2254_e mail.png c:\documents and settings\Owner\Application Data\alot\Resources\Button_7\images\icon_configure .JPG c:\documents and settings\Owner\Application Data\alot\Resources\Button_8\images\5003_icon.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Button_8\images\5003_icon.png c:\documents and settings\Owner\Application Data\alot\Resources\contextMenu\images\alot_icon.b mp c:\documents and settings\Owner\Application Data\alot\Resources\contextMenu\images\alot_icon.p ng c:\documents and settings\Owner\Application Data\alot\Resources\contextMenu\images\alot_logo_b utton.bmp c:\documents and settings\Owner\Application Data\alot\Resources\contextMenu\images\alot_logo_b utton.png c:\documents and settings\Owner\Application Data\alot\Resources\Shared\domains.dat c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\alot_brand.png c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\alot_splitter.pn g c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\discover.png c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\intro_popup.png c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\spinner.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_bottom.bm p c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnclose0 .bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnclose1 .bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnconfig 0.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnconfig 1.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnrefres h0.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_btnrefres h1.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_caption.b mp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_error_bg. bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_error_clo se.bmp c:\documents and settings\Owner\Application Data\alot\Resources\Shared\images\widget_error_ico n.bmp c:\documents and settings\Owner\Application Data\alot\TimerManager\TimerManager.xml c:\documents and settings\Owner\Application Data\alot\TimerManager\TimerManager.xml.backup c:\documents and settings\Owner\Application Data\alot\toolbar.xml c:\documents and settings\Owner\Application Data\alot\toolbar.xml.backup c:\documents and settings\Owner\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xm l c:\documents and settings\Owner\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xm l.backup c:\documents and settings\Owner\Application Data\alot\ToolbarSearch\ToolbarSearch.xml c:\documents and settings\Owner\Application Data\alot\Updater\Updater.xml c:\documents and settings\Owner\Application Data\alot\Updater\Updater.xml.backup c:\documents and settings\Owner\Application Data\PriceGong c:\documents and settings\Owner\Application Data\PriceGong\Data\1.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\a.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\b.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\c.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\d.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\e.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\f.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\g.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\h.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\i.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\J.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\k.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\l.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\m.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\n.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\o.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\p.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\q.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\r.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\s.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\t.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\u.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\v.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\w.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\x.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\y.xml c:\documents and settings\Owner\Application Data\PriceGong\Data\z.xml c:\documents and settings\Owner\WINDOWS c:\program files\INSTALL.LOG c:\windows\Help\BJC5100.HLP c:\windows\system32\SET8DA.tmp c:\windows\system32\SET8DB.tmp c:\windows\system32\SET8DE.tmp c:\windows\system32\SET8E0.tmp c:\windows\system32\SET8E3.tmp c:\windows\system32\SET8E8.tmp . . ((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 ))))))))))))))))))))))))))))))) . . 2012-04-13 13:05 . 2012-04-13 13:05 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2012-04-11 15:10 . 2012-04-11 15:10 -------- d--h--w- c:\windows\PIF 2012-04-11 14:45 . 2012-03-13 04:39 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-04-11 14:45 . 2012-03-13 04:39 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-04-11 14:45 . 2012-03-13 04:39 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-04-10 14:44 . 2012-04-10 14:44 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Thunderbird 2012-04-10 14:44 . 2012-04-10 14:44 -------- d-----w- c:\documents and settings\Owner\Application Data\Thunderbird 2012-04-10 14:43 . 2012-04-10 14:43 -------- d-----w- c:\program files\Mozilla Thunderbird 2012-04-10 14:11 . 2012-04-10 14:11 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-04 19:02 . 2012-04-04 19:02 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2012-04-04 17:55 . 2012-04-04 17:55 -------- d-----w- c:\windows\system32\winrm 2012-04-04 17:54 . 2012-04-04 17:55 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2012-04-04 17:44 . 2011-12-30 21:03 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-04-04 17:36 . 2012-04-04 17:36 -------- d-----w- c:\program files\CleanUp! 2012-04-04 17:30 . 1997-01-22 20:34 312320 ----a-w- c:\windows\IsUninst.exe 2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2012-04-03 22:03 . 2012-04-04 13:07 -------- d-----w- c:\windows\system32\drivers\N360\0502010.003 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2012-04-10 14:11 . 2011-11-23 04:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-01 11:01 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:01 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-03-01 11:01 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10 . 2004-08-04 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec 2012-02-07 15:02 . 2012-02-07 15:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-03 09:22 . 2004-08-04 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys 2004-10-01 19:00 . 2006-06-08 21:30 40960 ----a-w- c:\program files\Uninstall_CDS.exe 2012-03-13 04:39 . 2012-04-11 14:45 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "Persistence"="c:\windows\system32\igfxpers.ex e" [2005-04-05 114688] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14854144] "NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208] "RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-03 32768] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] . [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502010.003 \symds.sys [4/3/2012 6:04 PM 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\050201 0.003\symefa.sys [4/3/2012 6:04 PM 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\2 0120402.001\BHDrvx86.sys [4/2/2012 7:38 PM 821880] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502010.00 3\ironx86.sys [4/3/2012 6:04 PM 136312] R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.1.3\ccsvchst.exe [4/3/2012 6:04 PM 130008] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [4/4/2012 10:13 PM 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20 120413.001\IDSXpx86.sys [4/13/2012 7:39 PM 356280] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [1/9/2012 11:15 PM 30576] S2 gupdate;Google Update Service (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPl ayerUpdateService.exe [4/10/2012 10:12 AM 253600] S3 gupdatem;Google Update Service (gupdatem);"c:\program files\Google\Update\GoogleUpdate.exe" /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WINRM REG_MULTI_SZ WINRM . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 09:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2012-04-10 14:12] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.ca/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.2.1 DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\id8bekef.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/|about:home FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{1E7E4DE1-5EF4-4BAA-9250-C26258DC499A} - (no file) HKCU-Run-PowerBar - (no file) Notify-PFW - (no file) . . . ************************************************** ************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-04-16 10:53 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ????????????l?@?l?@?D?????B~????????????&?B~l?@?l? @????? ?????????????D~0?B~????&?B~?xB~x????????xB~??????? ? ???????????s??|x???0???????????Q?stA?B~??????????? ?????)???????W???????l?@?l?@?????zwB~????t?@?????l ?@?8?@?l?@????s????????????????????8?@?y??s8?@?8?@ . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************** ************************ . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N 360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.1.3\diMaster.dll\" /prefetch:1" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(772) c:\windows\system32\igfxdev.dll . Completion time: 2012-04-16 11:00:12 ComboFix-quarantined-files.txt 2012-04-16 15:00 . Pre-Run: 53,716,774,912 bytes free Post-Run: 53,891,244,032 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Home Edition" /fastdetect /NoExecute=OptOut . - - End Of File - - 156292C88AB73367F45A61F328529E05 |
#15
|
||||
|
||||
Yes, Norton's firewall can also cause scan problems, though apparently not for ComboFix. ComboFix did pick up a lot of adware remnants there. Let's see if that "au_.exe" is a Yahoo hung uninstaller.
Go here and download and install the free trial version of Revo's Uninstaller, and see if that shows Yahoo! Toolbar . If so, right click Yahoo! Toolbar , and select Uninstall, then follow the prompts to complete the uninstall. Be sure to leave the setting as "Moderate", and it is okay to use "Select All" to Delete what Revo finds. Reboot, then see if that removed au_.exe. |
![]() |
Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
![]() |
||||
Topic | Topic Starter | Forum | Replies | Last Post |
file association "change" button disabled for all types | Riva | Windows XP | 7 | April 6th, 2012 11:23 PM |
How to add paypal "add to cart" button to my new site built by "Web Page Maker". | nsazari | Web Development & Graphic Design | 1 | January 19th, 2011 04:53 AM |
File "Open with" Association problem | nikhiljain | Windows XP | 1 | October 7th, 2008 01:43 PM |
"save target as" greyed out and now can't print | Mrs.H | Windows XP | 3 | November 13th, 2007 07:43 PM |
"REPLY" button = "Quotes" | R4NG3R | Open Discussion | 6 | July 31st, 2003 04:53 AM |
All times are GMT +1. The time now is 01:59 PM.