Hi Ried,
Again my laptop causing me same problem. This time problem seems more serious. When I tried to run explorer.exe, taskbar flashes for a second and disappera. I even can not run IE. I have attached all logs as per your instruction in last reply.
Combofix log
ComboFix 07-07-31 - "Sohil Patel" 2007-10-31 3:39:36.6 [GMT 0:00] - NTFS
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.True
Command switches used :: C:\Documents and Settings\Sohil Patel\Desktop\CFScript.txt
* Created a new restore point
Dr.Web reults
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\music\indi\MyFunCardsFWBInitialSetup1.0.0.15-3.exe
C:\NTDETECT.EXE
c:\program files\bho
c:\program files\bho\date.ini
C:\WINDOWS\d04.exe
C:\WINDOWS\system32\kilb.dll
C:\WINDOWS\system32\servet.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_ACVRSTHE
-------\LEGACY_VSADFG
-------\LEGACY_WINDOWSDOWN
-------\acvrsthe
-------\vsadfg
-------\WindowsDown
((((((((((((((((((((((((( Files Created from 2007-09-28 to 2007-10-31 )))))))))))))))))))))))))))))))
2007-10-31 00:55 18,944 -r-h----- C:\servet.exe
2007-10-30 04:14 <DIR> d-------- C:\Program Files\Grisoft(2)
2007-10-23 16:21 5,767,168 --a------ C:\DOCUME~1\SOHILP~1\ntuser.dat
2007-10-17 11:59 <DIR> d-------- C:\New Folder
2007-10-15 14:16 77,824 --a------ C:\WINDOWS\system32\csnp2std.dll
2007-10-15 14:16 675,840 --a------ C:\WINDOWS\vsnp2std.exe
2007-10-15 14:16 349,472 --a------ C:\WINDOWS\WindowsXP-KB822603-x86.exe
2007-10-15 14:16 258,048 --a------ C:\WINDOWS\tsnp2std.exe
2007-10-15 14:16 25,472 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2007-10-15 14:16 249,856 --a------ C:\WINDOWS\system32\vsnp2std.dll
2007-10-15 14:16 20,480 --a------ C:\WINDOWS\FixCamera.exe
2007-10-15 14:16 151,552 --a------ C:\WINDOWS\system32\rsnp2std.dll
2007-10-15 14:16 12,028,032 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2007-10-15 14:16 <DIR> d-------- C:\Program Files\Common Files\snp2std
2007-10-15 14:15 <DIR> d-------- C:\DOCUME~1\SOHILP~1\APPLIC~1\InstallShield
2007-10-09 00:26 45,056 --a------ C:\WINDOWS\system32\1zcyt.exe
2007-10-08 23:58 45,056 --a------ C:\WINDOWS\system32\lbpi.exe
2007-10-08 14:26 45,056 --a------ C:\WINDOWS\system32\ssxf.exe
2007-10-07 23:54 45,056 --a------ C:\WINDOWS\system32\bu4j15v92.exe
2007-10-01 05:16 <DIR> d-------- C:\Program Files\SopCast
2007-10-01 05:16 <DIR> d-------- C:\DOCUME~1\SOHILP~1\APPLIC~1\SopCast
2007-09-24 13:22 45,056 --a------ C:\WINDOWS\system32\lqpnq35gri.exe
2007-09-19 02:49 1,530 --a------ C:\microsofts.vbs
2007-09-15 12:15 94,208 --a------ C:\WINDOWS\amcap.exe
2007-09-15 12:15 81,920 --a------ C:\WINDOWS\system32\VM305STI.dll
2007-09-15 12:15 61,440 --a------ C:\WINDOWS\VM305_STI.EXE
2007-09-15 12:15 53,248 --a------ C:\WINDOWS\Sti305.exe
2007-09-15 12:15 391,615 --a------ C:\WINDOWS\system32\drivers\usbVM305.sys
2007-09-15 12:15 307,200 --a------ C:\WINDOWS\vidcap32.Exe
2007-09-15 12:15 114,688 --a------ C:\WINDOWS\VM305Cap.exe
2007-09-15 12:15 <DIR> d-------- C:\WINDOWS\EffectResources
2007-09-15 12:15 <DIR> d-------- C:\WINDOWS\CatRoot
2007-09-15 12:15 <DIR> d-------- C:\Program Files\Vimicro
2007-09-11 02:10 720,896 --a------ C:\WINDOWS\iun6002.exe
2007-09-11 02:09 <DIR> d-------- C:\Program Files\Multiicon
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-10-30 05:52 --------- d-------- C:\Program Files\Opera
2007-10-15 14:16 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-23 08:03 34 ---hs---- C:\Program Files\DLD.DAT
2007-08-23 07:59 69 --a------ C:\WINDOWS\system32\wlgini.dll
2007-08-23 07:59 65 --a------ C:\WINDOWS\system32\jziini.dll
2007-08-23 07:59 60 --a------ C:\WINDOWS\system32\qheini.dll
2007-08-23 07:59 52 --a------ C:\WINDOWS\system32\ztmini.dll
2007-08-23 07:59 102 --a------ C:\WINDOWS\system32\dhdini.dll
2007-08-23 07:58 61 --a------ C:\WINDOWS\system32\mxacfg.dll
2007-08-06 14:40 4096 --a------ C:\WINDOWS\system32\cdnprh.dll
2007-07-30 18:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 18:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 18:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 18:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 18:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 18:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 18:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 18:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-28 22:37 89 --a------ C:\WINDOWS\system32\baidu.dat
2007-07-28 10:27 23444 --a------ C:\WINDOWS\system32\emptyregdb.dat
2006-10-12 03:09:39 94,208 --sha-w C:\WINDOWS\system32\SalaatTime.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-10-24 16:10]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-07-27 05:25]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C51C4AFB-8A3A-6C1E-BA41-C20F02940701}"= C:\WINDOWS\system32\1.dll [ ]
"{91B1E846-2BEF-4345-8848-7699C7C9935F}"= C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysWFGQQ2.dll [ ]
"{42311A42-AC1B-158F-FD32-5674345F23A4}"= C:\WINDOWS\system32\dhdpri.dll [ ]
"{5D83AD9C-3BFC-43F5-979D-2904DBC54A8E}"= C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys [ ]
"{D544C22D-1F70-4B1E-873D-D8DABEB26695}"= C:\Program Files\Common Files\Microsoft Shared\MSINFO\atmQQ2.dll [ ]
"{A12BC423-3713-224D-3F55-32B35C62B11A}"= C:\WINDOWS\system32\WinFormA5.dll [ ]
"{1231A43A-1642-641A-64FD-146ADAB223B1}"= C:\WINDOWS\system32\mxaman.dll [ ]
"{5182C1EB-375C-573D-1F5E-234552345215}"= C:\WINDOWS\system32\wlhpri.dll [ ]
"{56368135-64FA-BC34-DA32-DCF4FD431C95}"= C:\WINDOWS\system32\qhepri.dll [ ]
"{D1351752-5628-1547-FFAB-BADC13512AFD}"= C:\WINDOWS\system32\ztmpri.dll [ ]
"{959AFD5B-159F-ACD8-954C-ACD545FA6589}"= C:\WINDOWS\system32\jzipri.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 16:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=dhdpri.dll
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sohil Patel^Start Menu^Programs^Startup^Camsplitter.lnk]
path=C:\Documents and Settings\Sohil Patel\Start Menu\Programs\Startup\Camsplitter.lnk
backup=C:\WINDOWS\pss\Camsplitter.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\DellSupport\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
"C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network Associates Error Reporting Service]
"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\psajvbfe]
D;]XJOEPXT]tztufn43]Svoemm43/fyf!D;]XJOEPXT]tztufn43]deoqsi/emm!Tubsu
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ravmsmon]
C:\Program Files\NetMeeting\ravmsmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ravzxmon]
C:\Program Files\NetMeeting\ravzxmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viewbar]
C:\Program Files\AGLOCO Viewbar\Viewbar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLANKEEPER"=2 (0x2)
"WindowsDown"=2 (0x2)
"vsadfg"=2 (0x2)
"usnjsvc"=3 (0x3)
"S24EventMonitor"=2 (0x2)
"RegSrvc"=2 (0x2)
"ose"=3 (0x3)
"NICCONFIGSVC"=2 (0x2)
"MySQL"=2 (0x2)
"MDM"=2 (0x2)
"McTaskManager"=2 (0x2)
"McShield"=2 (0x2)
"McAfeeFramework"=2 (0x2)
"kkdc"=2 (0x2)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"EvtEng"=2 (0x2)
"DSBrokerService"=3 (0x3)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"acvrsthe"=2 (0x2)
R0 BTHidMgr;Bluetooth HID Manager Service;C:\WINDOWS\system32\Drivers\BTHidMgr.sys
R0 uj7d9;uj7d;C:\WINDOWS\system32\DRIVERS\uj7d9.sys
R1 APPDRV;APPDRV;C:\WINDOWS\system32\DRIVERS\APPDRV.SYS
R1 NaiAvTdi1;NaiAvTdi1;C:\WINDOWS\system32\drivers\mvstdi5x.sys
R1 sscdbhk5;sscdbhk5;C:\WINDOWS\system32\drivers\sscdbhk5.sys
R1 ssrtln;ssrtln;C:\WINDOWS\system32\drivers\ssrtln.sys
R2 BthServ;Bluetooth Support Service;C:\WINDOWS\system32\svchost.exe -k bthsvcs
R2 drvnddm;drvnddm;C:\WINDOWS\system32\drivers\drvnddm.sys
R2 dsunidrv;DellSupport UniDriver;C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
R2 s24trans;WLAN Transport;C:\WINDOWS\system32\DRIVERS\s24trans.sys
R2 tfsnboio;tfsnboio;C:\WINDOWS\system32\dla\tfsnboio.sys
R2 tfsncofs;tfsncofs;C:\WINDOWS\system32\dla\tfsncofs.sys
R2 tfsndrct;tfsndrct;C:\WINDOWS\system32\dla\tfsndrct.sys
R2 tfsndres;tfsndres;C:\WINDOWS\system32\dla\tfsndres.sys
R2 tfsnifs;tfsnifs;C:\WINDOWS\system32\dla\tfsnifs.sys
R2 tfsnopio;tfsnopio;C:\WINDOWS\system32\dla\tfsnopio.sys
R2 tfsnpool;tfsnpool;C:\WINDOWS\system32\dla\tfsnpool.sys
R2 tfsnudf;tfsnudf;C:\WINDOWS\system32\dla\tfsnudf.sys
R2 tfsnudfa;tfsnudfa;C:\WINDOWS\system32\dla\tfsnudfa.sys
R2 vlvdakuw;vlvdakuw;\??\C:\WINDOWS\system32\drivers\vlvdakuw.sys
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver;C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
R3 HSFHWICH;HSFHWICH;C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP;C:\WINDOWS\system32\DRIVERS\iwca.sys
R3 msloop;Microsoft Loopback Adapter Driver;C:\WINDOWS\system32\DRIVERS\loop.sys
R3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\w29n51.sys
S2 gu127ji5h;gu127ji5h;\??\C:\WINDOWS\system32\drivers\gu127ji5h.sys
S2 VPCAppSv;Virtual PC Application Services;C:\WINDOWS\system32\DRIVERS\VPCAppSv.sys
S3 BlueletAudio;Bluetooth Audio Service;C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
S3 BT;Bluetooth PAN Network Adapter;C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
S3 Btcsrusb;Bluetooth USB For Bluetooth Service;C:\WINDOWS\system32\Drivers\btcusb.sys
S3 BthEnum;Bluetooth Enumerator Service;C:\WINDOWS\system32\DRIVERS\BthEnum.sys
S3 BTHidEnum;Bluetooth HID Enumerator;C:\WINDOWS\system32\DRIVERS\vbtenum.sys
S3 BTHPORT;Bluetooth Port Driver;C:\WINDOWS\system32\Drivers\BTHport.sys
S3 BTHUSB;Bluetooth Radio USB Driver;C:\WINDOWS\system32\Drivers\BTHUSB.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\WINDOWS\system32\drivers\BTNetFilter.sys
S3 DSproct;DSproct;\??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
S3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
S3 npkycryp;npkycryp;\??\C:\Program Files\Tencent\QQ\npkycryp.sys
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI);C:\WINDOWS\system32\DRIVERS\rfcomm.sys
S3 ROOTMODEM;Microsoft Legacy Modem Driver;C:\WINDOWS\system32\Drivers\RootMdm.sys
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
S3 SUSCOM;Susteen Serial port driver;C:\WINDOWS\system32\DRIVERS\SUSCOM.SYS
S3 usb_rndisx;USB RNDIS Adapter;C:\WINDOWS\system32\DRIVERS\usb8023x.sys
S3 VComm;Virtual Serial port driver;C:\WINDOWS\system32\DRIVERS\VComm.sys
S3 VcommMgr;Bluetooth VComm Manager Service;C:\WINDOWS\system32\Drivers\VcommMgr.sys
S3 VPCNetS2;Virtual PC Emulated Ethernet Switch;C:\WINDOWS\system32\DRIVERS\VPCNetS2.sys
S3 wanatw;WAN Miniport (ATW);C:\WINDOWS\system32\DRIVERS\wanatw4.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
S3 ZSMC0305;VIMICRO USB PC Camera VC0305;C:\WINDOWS\system32\Drivers\usbVM305.sys
S4 agpCPQ;Compaq AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
S4 kkdc;Kerberos Key Distribution Centers;C:\WINDOWS\lsass.exe -netsvcs
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-31 03:46:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Il\16\x178\x20ac{\xd1\x17e\xd8S ?(?T?r?u?e?T?y?p?e?)?"="HDZB_35.TTF"
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-10-31 3:48:23 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-31 03:48
C:\ComboFix2.txt ... 2007-10-30 13:15
C:\ComboFix3.txt ... 2007-10-30 11:04
--- E O F ---
Dr. Web results
Scanned files:- 313948
Infected:- 1192
Modifications:- 1
Suspicious:- 5
Adware:- 34
Dialers:- 0
Jokes:- 0
Riskware:- 1
Hacktools:-0
Cured:- 0
Deleted:- 836
Renamed:- 0
Moved:- 358
Ignored:- 0
Main.txt
Deckard's System Scanner v20071014.68
Run by Sohil Patel on 2007-11-01 08:56:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
79: 2007-11-01 08:56:27 UTC - RP94 - Deckard's System Scanner Restore Point
78: 2007-11-01 05:52:56 UTC - RP93 - System Checkpoint
77: 2007-10-31 03:39:31 UTC - RP92 - ComboFix created restore point
76: 2007-10-31 02:43:41 UTC - RP91 - Installed AVG 7.5
75: 2007-10-31 02:41:47 UTC - RP90 - Removed AVG 7.5
-- First Restore Point --
1: 2007-08-03 10:49:22 UTC - RP16 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 6.51 GiB (less than 15%) free.
-- HijackThis (run as Sohil Patel.exe) -----------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-01 08:57:56
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\ctfmon.exe
E:\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about
:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.google.com/search?q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about
:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send picture by MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/s...sh/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (file missing)
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\MSERO.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: dhdpri.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerberos Key Distribution Centers (kkdc) - Unknown owner - C:\WINDOWS\lsass.exe -netsvcs
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
--
End of file - 6812 bytes
-- HijackThis Fixed Entries (C:\software\backups\) -----------------------------
backup-20071030-120420-215 O8 - Extra context menu item: ?QQ??????? - C:\Program Files\Tencent\QQ\SendMMS.htm
backup-20071030-120420-296 O4 - HKCU\..\Run: [QQ Game] C:\Program Files\Tencent\QQ\QQGame.exe
backup-20071030-120420-307 O8 - Extra context menu item: ???QQ?? - C:\Program Files\Tencent\QQ\AddEmotion.htm
backup-20071030-120420-412 O8 - Extra context menu item: Add to QQ Emotions - C:\Program Files\Tencent\QQ\AddEmotion.htm
backup-20071030-120420-471 O8 - Extra context menu item: Upload to QQ Network Hard Disk - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
backup-20071030-120420-482 O8 - Extra context menu item: Add to QQ Customized Emoticons - C:\Program Files\Tencent\QQ\AddEmotion.htm
backup-20071030-120420-528 O4 - HKCU\..\Run: [QQ3DShow] C:\Program Files\Tencent\QQ\QQ3DShow.exe
backup-20071030-120420-579 O8 - Extra context menu item: ???QQ????? - C:\Program Files\Tencent\QQ\AddPanel.htm
backup-20071030-120420-717 O8 - Extra context menu item: Send Picture with QQ MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
backup-20071030-120420-743 O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files\Tencent\QQ\AddPanel.htm
backup-20071030-120420-765 O8 - Extra context menu item: ???QQ???? - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
backup-20071030-120421-182 O8 - Extra context menu item: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - C:\Program Files\Tencent\QQ\SendMMS.htm
backup-20071030-120421-440 O8 - Extra context menu item: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - C:\Program Files\Tencent\QQ\AddPanel.htm
backup-20071030-120421-917 O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\Tencent\QQ\AddEmotion.htm
backup-20071031-032915-598 O2 - BHO: (no name) - {F70231A8-C197-496B-A3E5-CF62FB5C246C} - C:\PROGRA~1\bho\DIEMON~1.DLL
backup-20071031-032915-822 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R0 uj7d9 (uj7d) - c:\windows\system32\drivers\uj7d9.sys
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 NaiAvTdi1 - c:\windows\system32\drivers\mvstdi5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R2 vlvdakuw - c:\windows\system32\drivers\vlvdakuw.sys
S2 gu127ji5h - c:\windows\system32\drivers\gu127ji5h.sys (file missing)
S2 npkcrypt - c:\program files\tencent\qq\npkcrypt.sys (file missing)
S2 VPCAppSv (Virtual PC Application Services) - c:\windows\system32\drivers\vpcappsv.sys <Not Verified; Connectix Corporation; Virtual PC>
S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
S3 BTNetFilter (Bluetooth Network Filter) - c:\windows\system32\drivers\btnetfilter.sys
S3 catchme - c:\docume~1\sohilp~1\locals~1\temp\catchme.sys (file missing)
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 NaiAvFilter1 - c:\windows\system32\drivers\naiavf5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>
S3 npkycryp - c:\program files\tencent\qq\npkycryp.sys (file missing)
S3 SNP2STD (USB2.0 PC Camera (SNP2STD)) - c:\windows\system32\drivers\snp2sxp.sys <Not Verified; ; USB2.0 PC Camera driver>
S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 VPCNetS2 (Virtual PC Emulated Ethernet Switch) - c:\windows\system32\drivers\vpcnets2.sys <Not Verified; Connectix Corporation; Virtual PC>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
S3 ZSMC0305 (VIMICRO USB PC Camera VC0305) - c:\windows\system32\drivers\usbvm305.sys <Not Verified; Vimicro Corporation; >
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 kkdc (Kerberos Key Distribution Centers) - c:\windows\lsass.exe -netsvcs (file missing)
S4 McAfeeFramework (McAfee Framework Service) - c:\program files\network associates\common framework\frameworkservice.exe /servicestart <Not Verified; Network Associates, Inc.; McAfee Common Framework>
S4 McTaskManager (Network Associates Task Manager) - "c:\program files\network associates\virusscan\vstskmgr.exe" <Not Verified; Network Associates, Inc.; VirusScan Enterprise>
S4 MySQL - "c:\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\mysql\mysql server 5.0\my.ini" mysql (file missing)
S4 NICCONFIGSVC - c:\program files\dell\nicconfigsvc\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
S4 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
S4 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Virtual PC Application Services
Device ID: ROOT\SYSTEM\0004
Manufacturer: Connectix Corporation
Name: Virtual PC Application Services
PNP Device ID: ROOT\SYSTEM\0004
Service: VPCAppSv
-- Files created between 2007-10-01 and 2007-11-01 -----------------------------
2007-11-01 04:11:09 0 d-------- C:\Documents and Settings\Sohil Patel\DoctorWeb
2007-10-31 02:43:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-10-30 04:14:40 0 d-------- C:\Program Files\Grisoft(2)
2007-10-23 16:21:54 5767168 --a------ C:\Documents and Settings\Sohil Patel\ntuser.dat
2007-10-17 11:59:50 0 d-------- C:\New Folder
2007-10-15 14:16:35 20480 --a------ C:\WINDOWS\FixCamera.exe <Not Verified; ; CameraFixer Application>
2007-10-15 14:16:32 675840 --a------ C:\WINDOWS\vsnp2std.exe <Not Verified; Sonix; CameraMonitor Application>
2007-10-15 14:16:31 258048 --a------ C:\WINDOWS\tsnp2std.exe <Not Verified; SONIX; tsnp2std>
2007-10-15 14:16:29 25472 --a------ C:\WINDOWS\system32\drivers\sncamd.sys <Not Verified; ; USB2.0 PC Camera driver>
2007-10-15 14:16:28 12028032 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys <Not Verified; ; USB2.0 PC Camera driver>
2007-10-15 14:16:23 249856 --a------ C:\WINDOWS\system32\vsnp2std.dll <Not Verified; Sonix; >
2007-10-15 14:16:23 151552 --a------ C:\WINDOWS\system32\rsnp2std.dll <Not Verified; ; ResourceDLL>
2007-10-15 14:16:18 77824 --a------ C:\WINDOWS\system32\csnp2std.dll <Not Verified; ; InstallUtil>
2007-10-15 14:16:18 0 d-------- C:\Program Files\Common Files\snp2std
2007-10-15 14:15:57 0 d-------- C:\Documents and Settings\Sohil Patel\Application Data\InstallShield
2007-10-09 00:26:33 45056 --a------ C:\WINDOWS\system32\1zcyt.exe
2007-10-08 23:58:34 45056 --a------ C:\WINDOWS\system32\lbpi.exe
2007-10-08 14:26:50 45056 --a------ C:\WINDOWS\system32\ssxf.exe
2007-10-07 23:54:25 45056 --a------ C:\WINDOWS\system32\bu4j15v92.exe
2007-10-01 05:16:13 0 d-------- C:\Documents and Settings\Sohil Patel\Application Data\SopCast
2007-10-01 05:16:09 0 d-------- C:\Program Files\SopCast
-- Find3M Report ---------------------------------------------------------------
2007-11-01 08:55:08 0 d-------- C:\Program Files\DellSupport
2007-10-30 05:52:15 0 d-------- C:\Program Files\Opera
2007-10-15 14:16:18 0 d--h----- C:\Program Files\Common Files
2007-10-15 14:16:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-24 13:22:28 45056 --a------ C:\WINDOWS\system32\lqpnq35gri.exe
2007-09-19 02:49:24 1530 --a------ C:\microsofts.vbs
2007-09-15 12:15:02 0 d-------- C:\Program Files\Vimicro
2007-09-11 02:14:31 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-09-11 02:09:49 0 d-------- C:\Program Files\Multiicon
2007-08-23 08:03:48 34 ---hs---- C:\Program Files\DLD.DAT
2007-08-23 07:59:43 65 --a------ C:\WINDOWS\system32\jziini.dll
2007-08-23 07:59:42 52 --a------ C:\WINDOWS\system32\ztmini.dll
2007-08-23 07:59:09 60 --a------ C:\WINDOWS\system32\qheini.dll
2007-08-23 07:59:06 102 --a------ C:\WINDOWS\system32\dhdini.dll
2007-08-23 07:59:04 69 --a------ C:\WINDOWS\system32\wlgini.dll
2007-08-23 07:58:29 61 --a------ C:\WINDOWS\system32\mxacfg.dll
2007-08-09 04:27:51 8 --a------ C:\WINDOWS\wsyslog
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [24/10/2006 16:10]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [27/07/2007 05:25]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C51C4AFB-8A3A-6C1E-BA41-C20F02940701}"= C:\WINDOWS\system32\1.dll [ ]
"{91B1E846-2BEF-4345-8848-7699C7C9935F}"= C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysWFGQQ2.dll [ ]
"{42311A42-AC1B-158F-FD32-5674345F23A4}"= C:\WINDOWS\system32\dhdpri.dll [ ]
"{5D83AD9C-3BFC-43F5-979D-2904DBC54A8E}"= C:\Program Files\Internet Explorer\PLUGINS\WinSys64.Sys [ ]
"{D544C22D-1F70-4B1E-873D-D8DABEB26695}"= C:\Program Files\Common Files\Microsoft Shared\MSINFO\atmQQ2.dll [ ]
"{A12BC423-3713-224D-3F55-32B35C62B11A}"= C:\WINDOWS\system32\WinFormA5.dll [ ]
"{1231A43A-1642-641A-64FD-146ADAB223B1}"= C:\WINDOWS\system32\mxaman.dll [ ]
"{5182C1EB-375C-573D-1F5E-234552345215}"= C:\WINDOWS\system32\wlhpri.dll [ ]
"{56368135-64FA-BC34-DA32-DCF4FD431C95}"= C:\WINDOWS\system32\qhepri.dll [ ]
"{D1351752-5628-1547-FFAB-BADC13512AFD}"= C:\WINDOWS\system32\ztmpri.dll [ ]
"{959AFD5B-159F-ACD8-954C-ACD545FA6589}"= C:\WINDOWS\system32\jzipri.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 07/09/2004 16:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=dhdpri.dll
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sohil Patel^Start Menu^Programs^Startup^Camsplitter.lnk]
path=C:\Documents and Settings\Sohil Patel\Start Menu\Programs\Startup\Camsplitter.lnk
backup=C:\WINDOWS\pss\Camsplitter.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\DellSupport\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
"C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network Associates Error Reporting Service]
"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\psajvbfe]
D;]XJOEPXT]tztufn43]Svoemm43/fyf!D;]XJOEPXT]tztufn43]deoqsi/emm!Tubsu
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ravmsmon]
C:\Program Files\NetMeeting\ravmsmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ravzxmon]
C:\Program Files\NetMeeting\ravzxmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viewbar]
C:\Program Files\AGLOCO Viewbar\Viewbar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLANKEEPER"=2 (0x2)
"WindowsDown"=2 (0x2)
"vsadfg"=2 (0x2)
"usnjsvc"=3 (0x3)
"S24EventMonitor"=2 (0x2)
"RegSrvc"=2 (0x2)
"ose"=3 (0x3)
"NICCONFIGSVC"=2 (0x2)
"MySQL"=2 (0x2)
"MDM"=2 (0x2)
"McTaskManager"=2 (0x2)
"McShield"=2 (0x2)
"McAfeeFramework"=2 (0x2)
"kkdc"=2 (0x2)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"EvtEng"=2 (0x2)
"DSBrokerService"=3 (0x3)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"acvrsthe"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
-- End of Deckard's System Scanner: finished at 2007-11-01 08:58:49 ------------
I am really worrying about my system as it caused me lots problem. I highlly appreciate that you will come up with some solution rather then formatting.
Thanx a ton in advance
Regards
Sohil