googleupdate.exe problem

ComboFix 10-01-04.01 - JC 01/07/2010 12:39:35.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3326.2550 [GMT -5:00]
Running from: c:\documents and settings\JC\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\JC\Desktop\cfscript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

FILE ::
"c:\windows\system32\wupd.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\wupd.dat

.
((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 )))))))))))))))))))))))))))))))
.

2010-01-07 08:17 . 2010-01-07 17:02 -------- d-----w- c:\documents and settings\JC\Application Data\skypePM
2010-01-07 08:17 . 2010-01-07 08:17 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-07 08:15 . 2010-01-07 17:04 -------- d-----w- c:\documents and settings\JC\Application Data\Skype
2010-01-07 08:15 . 2010-01-07 08:15 -------- d-----w- c:\program files\Common Files\Skype
2010-01-07 08:15 . 2010-01-07 08:15 -------- d-----r- c:\program files\Skype
2010-01-07 08:15 . 2010-01-07 08:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-07 02:25 . 2010-01-07 02:25 388096 ----a-r- c:\documents and settings\JC\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-01-07 02:25 . 2010-01-07 02:25 -------- d-----w- c:\program files\TrendMicro
2010-01-07 02:23 . 2010-01-07 02:23 -------- d-----w- c:\documents and settings\JC\Application Data\Malwarebytes
2010-01-07 02:23 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 02:23 . 2010-01-07 02:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-07 02:23 . 2010-01-07 02:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-07 02:23 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-19 07:31 . 2001-08-18 03:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-12-19 07:31 . 2001-08-18 03:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-12-19 07:31 . 2001-08-18 03:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-12-19 07:31 . 2001-08-18 03:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-12-19 07:31 . 2001-08-17 19:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-12-19 07:31 . 2001-08-17 19:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-12-19 07:31 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-12-13 14:46 . 2007-10-23 14:27 110592 ----a-w- c:\documents and settings\JC\Application Data\U3\temp\cleanup.exe
2009-12-13 06:05 . 2008-05-02 15:41 3493888 ---ha-w- c:\documents and settings\JC\Application Data\U3\temp\Launchpad Removal.exe
2009-12-13 06:04 . 2009-12-13 14:46 -------- d-----w- c:\documents and settings\JC\Application Data\U3
2009-12-08 23:57 . 2009-12-26 00:58 -------- d-----w- c:\program files\Garena

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 17:44 . 2009-09-04 15:27 -------- d-----w- c:\program files\Symantec AntiVirus
2010-01-07 17:44 . 2009-11-07 02:16 71960 ----a-w- c:\documents and settings\JC\Application Data\Mozilla\Plugins\npoctoshape.dll
2010-01-07 17:43 . 2009-03-16 17:36 16608 ----a-w- c:\windows\gdrv.sys
2010-01-07 06:14 . 2009-03-16 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-01-06 07:06 . 2009-07-28 04:40 -------- d-----w- c:\program files\Warcraft III
2009-12-20 14:22 . 2009-03-16 16:51 -------- d-----w- c:\program files\World of Warcraft
2009-12-16 01:13 . 2009-11-23 19:36 79488 ----a-w- c:\documents and settings\JC\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-08 16:50 . 2009-12-08 07:50 -------- d-----w- c:\program files\auto-clicker
2009-12-08 07:53 . 2009-12-08 07:53 -------- d-----w- c:\program files\AutoClick
2009-11-20 03:52 . 2009-11-20 03:52 -------- d-----w- c:\documents and settings\JC\Application Data\Smith Micro
2009-11-20 03:52 . 2009-03-16 17:08 44976 ----a-w- c:\documents and settings\JC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-20 03:51 . 2009-11-20 03:51 53248 ----a-r- c:\documents and settings\JC\Application Data\Microsoft\Installer\{A93762E6-8EA6-4E7F-9557-64E51AA3AB84}\ARPPRODUCTICON.exe
2009-11-20 03:51 . 2009-11-20 03:51 -------- d-----w- c:\program files\CASIO
2009-11-20 03:51 . 2009-03-16 17:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-20 03:51 . 2009-11-20 03:51 -------- d-----w- c:\program files\Samsung
2009-11-20 03:50 . 2009-11-20 03:50 -------- d-----w- c:\program files\V CAST Media Manager
2009-11-20 03:50 . 2009-11-20 03:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2009-11-20 02:02 . 2009-11-20 01:45 -------- d-----w- c:\program files\LG Outlook Sync
2009-11-20 01:48 . 2009-11-20 01:48 -------- d-----w- c:\documents and settings\JC\Application Data\LG Electronics
2009-11-20 01:47 . 2009-11-20 01:47 -------- d-----w- c:\program files\LG Electronics
2009-11-20 01:47 . 2009-03-16 17:37 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-20 01:45 . 2009-11-20 01:45 766 ----a-r- c:\documents and settings\JC\Application Data\Microsoft\Installer\{3E54A849-D29D-4105-9184-C07219055007}\NewShortcut3_ED5A8C011A3E4EAFA614157F455BF6BE.exe
2009-11-20 01:45 . 2009-11-20 01:45 68790 ----a-r- c:\documents and settings\JC\Application Data\Microsoft\Installer\{3E54A849-D29D-4105-9184-C07219055007}\NewShortcut2_ED5A8C011A3E4EAFA614157F455BF6BE_1.exe
2009-11-20 01:45 . 2009-11-20 01:45 40960 ----a-r- c:\documents and settings\JC\Application Data\Microsoft\Installer\{3E54A849-D29D-4105-9184-C07219055007}\ARPPRODUCTICON.exe
2009-11-10 01:51 . 2009-11-20 03:50 1470976 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{E7269FD6-34EA-4617-8752-6739AA384080}\_Setup.dll
2009-11-10 01:50 . 2009-11-20 03:50 16232 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{E7269FD6-34EA-4617-8752-6739AA384080}\_Setupx.dll
2009-10-29 05:48 . 2004-08-04 12:00 662016 ------w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-04 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-04 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-04 12:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-04 12:00 266752 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-04 12:00 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54 . 2004-08-04 12:00 112128 ----a-w- c:\windows\system32\rastls.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-07_04.27.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-07 17:43 . 2010-01-07 17:43 16384 c:\windows\temp\Perflib_Perfdata_734.dat
+ 2010-01-07 17:43 . 2010-01-07 17:43 16384 c:\windows\temp\Perflib_Perfdata_6c0.dat
+ 2010-01-07 08:15 . 2010-01-07 08:15 794112 c:\windows\Installer\6221ad.msi
+ 2010-01-07 08:15 . 2010-01-07 08:15 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-01-07 08:15 . 2010-01-07 08:15 1565696 c:\windows\Installer\6221a8.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Octoshape Streaming Services"="c:\documents and settings\JC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m‘|\ü" [X]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"GBTUpd"="c:\program files\GIGABYTE\GBTUpd\PreRun.exe" [2008-04-03 297480]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 77824]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 2808832]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1966080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-03 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-10-24 125120]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]

c:\documents and settings\JC\Start Menu\Programs\Startup\
V CAST Media Monitor.lnk - c:\program files\V CAST Media Manager\MEMonitor.exe [2009-11-19 2676072]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Network Monitor.lnk - c:\program files\Linksys\WUSB600N\WUSB600N.exe [2008-1-9 6922240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\resources\Themes\EXE\RONIZ.PO.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\GIGABYTE\\GBTUpd\\RunUpd.exe"=
"c:\\Program Files\\GIGABYTE\\GBTUpd\\GBTUpd.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\kjcx0\\counter-strike\\hl.exe"=
"c:\\Documents and Settings\\JC\\Local Settings\\Application Data\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=
"c:\\Documents and Settings\\JC\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [3/16/2009 12:40 PM 68136]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/4/2009 7:00 PM 102448]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\JC\LOCALS~1\Temp\YTC541.tmp --> c:\docume~1\JC\LOCALS~1\Temp\YTC541.tmp [?]
S3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [12/14/2007 5:04 PM 551680]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [10/24/2006 6:32 PM 116416]
.
Contents of the 'Scheduled Tasks' folder

2010-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\JC\Application Data\Mozilla\Firefox\Profiles\7ualz6w7.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\JC\Application Data\Mozilla\Firefox\Profiles\7ualz6w7.default\extensions\[email protected]\plugins\npDyyno.dll
FF - plugin: c:\documents and settings\JC\Application Data\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 12:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\JC\LOCALS~1\Temp\YTC541.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1572)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\RTHDCPL.EXE
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-01-07 12:47:00 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-07 17:46
ComboFix2.txt 2010-01-07 04:28

Pre-Run: 375,773,143,040 bytes free
Post-Run: 375,761,670,144 bytes free

- - End Of File - - B9A1A51E61109984FADC26449ECCCF6C
 
Yeah it seems to run really well thanks. Since I was infected before, would that make my computer crash time to time? I always have a game up and running full screen then minimize and sometimes my computer would just freeze and I would have to restart. Is that due to just video card or could a infection cause that too.

But anyways, thanks for your help and time.

Oh, one last quick question. Did it say how long I've had the infection for? Just curious.
 
Could be anything causing that issue. My first guess would be update your video drives.
 
Crashing like only MS can

Well for speed and problem fixes, +1 with johnb on the drivers. That could definitely be your problem.

As another though, when was the last time you cleaned your computer of dust and dirt? Has it been awhile??? In the case that it may be your computer overheating, try HWMONITOR to check the temp of your computer. And at the same time keep task manager running while you play a game and see what your CPU is running at. If your machine is running at 70C and your CPU is MAXED OUT, yeah there's a problem.

My other thought was, you seem to have a lot of (what I consider to be) unnecessary processes running all the time. All those up-daters and Java and i-tunes and i-pod, etc...

Well, judging from your Combofix and HJT logs, you play online games and I am guessing that you are using a laptop, eh? Thus the power saving options and the need to keep your anti-virus on at all times. Ya see, sometimes when I am playing a demanding game I turn off some of the programs I usually have running. For instance I turn off: my internet connection, my backup program, and my antivirus so that more system resources are free for the game I'm playing. (I only turn off my A/V because I am sure that my machine is clean. Be careful of doing this.)

If you want to just go to msconfig and kill some of those processes from running or even starting-up. Then check services.msc for items you don't need running. And before you start playing check task manager and make sure that those things aren't running.

(Oh an ha ha ha, spell check came up on "msconfig" and suggested the word "misconfiguration" as a fix. I had to include that, it really made me laugh.)
 
There are a few things we could disable on startup, if you don't mind posting a fresh hijackthis log. I'll let you know what could be disabled.
 
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 1:29:15 AM, on 1/13/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\JC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Linksys\WUSB600N\WUSB600N.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBTUpd] C:\Program Files\GIGABYTE\GBTUpd\PreRun.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\JC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - Startup: V CAST Media Monitor.lnk = C:\Program Files\V CAST Media Manager\MEMonitor.exe
O4 - Global Startup: Wireless Network Monitor.lnk = C:\Program Files\Linksys\WUSB600N\WUSB600N.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-client/DyynoCAB.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 7482 bytes
 
Rerun hijackthis and place a check next to these entries.

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Then click on fix checked at the bottom.
 
why not these too

You have a lot of programs running, more than I ever have. And most of the time these are the things I have disabled.

AppleMobileDeviceService.exe
Bonjour
Java: any quick-starter and/or updater services
iTunesHelper.exe
iPodService.exe
aim
aol

I also go into services.msc and set the priorities there as well. I also go into msconfig and stop anything from running at startup or in services that isn't absolutely necessary to my computer. But to make it run even better check out this guide to making XP work better. This is a great link: http://www.pcstats.com/articleview.cfm?articleID=1494, but you need to use it with a careful hand. If your unsure about a particular part then ask about it.

One big question I have for you is, why haven't you installed the service pack 3 update? If I were you I'd be going to Microsoft update page and getting all the updates once your system is in good running condition. To manually look for microsoft updates open IE and then go to the microsoft update page here: http://update.microsoft.com/microso...update.microsoft.com/microsoftupdate&ln=en-us

Just so you know: I will do not recommend things (i.e. programs, dl's, etc...) that I do not use, and any procedures I recommend are recommended because I have found that they add stability to my computer. I suggest them because I feel that they may help you or others. Remember though, when in doubt about a procedure just ask a moderator. They are here to help you.
 
You must log in or register to reply here.
Back
Top