Thread: [SOLVED] PC Slow Problem
View Single Post
Old 10-31-2008, 12:33 PM   #1 (permalink)
Xjester
Registered User
 
Join Date: Mar 2008
Posts: 9
OS: Windows XP


[SOLVED] PC Slow Problem
Hi ,

Recently my Laptop had PCspyremover.com and the Virus Alert in the taskbar problem. The immediate issue was resolved after running smitfraudfix.exe in safemode and installing Spyware Doctor.

After the removal the PC has gone extremely slow and on every reboot the PC virusremover.com hijak of the internet explorere starts a new.
when i run SPyware Doctor it finds cookies and registry malwares and always following key is found problematic

HKEY_LOCAL_MACHINE\SOFTWARE\VSPlugin

Following is the finding of SPyware doctor of this file
Code:
10/22/2008 10:37:35 AM:812 Infection was detected on this computer 
Threat Name - Trojan-Downloader.Zlob.GEN
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin, at
 
10/22/2008 10:37:35 AM:812 Infection was detected on this computer 
Threat Name - Trojan-Downloader.Zlob.GEN
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin, it
The major issue now is the slow response of the computer , even when the CPU utilization is at extremly low level ( around 4% ~10% ), any program that i open takes ages to open. computer executes all programs after a very long delay and yet once a program is open it would continue to perform on normal way. Even my computer and documets window takes ages to open.

Below is the Log.txt from RSIT.

Thank you in advance for the help.

Logfile of random's system information tool 1.04 (written by random/random)
Run by batwings at 2008-10-31 23:09:00
Microsoft Windows XP Professional Service Pack 2
System drive C: has 11 GB (39%) free of 29 GB
Total RAM: 1023 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:47, on 10/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ISS\Proventia Desktop\blackd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WordWeb\wweb32.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\ISS\Proventia Desktop\RapApp.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ISS\Proventia Desktop\RapUISvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Intel Corporation\IntelWiMAX\UI\wcm_service.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
D:\Profiles\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\batwings.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my.mot.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Motorola
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwgate0.mot.com:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.mot.com;*.gi.com;*.local;HELP-MOTOROLA.AMER.CSC.COM;HELP-MOTOROLA.AMER.CSC.COM;SHSH-NXS01.AMER.CSC.COM;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C019F108-BDBC-4A4F-9033-AB37B869ABC2} - C:\WINDOWS\system32\mlJAsTjI.dll (file missing)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [CSCAdvantage] "C:\Program Files\Help Desk\CSCAdv.exe" /s
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\LiveUpdate\Engine\Setup.exe -s /PATCH,/SRCUPDATED:\Profiles\ALLUSE~1\APPLIC~1\BVRPSO~1\MOTORO~1\LIVEUP~1\LISTOF~1.DAT
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CSCLogonInfo] C:\WINDOWS\UsrLogon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [msbfhcaq] C:\WINDOWS\system32\byrcjohs.exe
O4 - HKLM\..\Policies\Explorer\Run: [apsqtkq00p] D:\Profiles\All Users\Application Data\luhihkha\vmnctuhu.exe
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
O4 - S-1-5-18 Startup: ADOPTORPHANPROFILE.VBS (User 'SYSTEM')
O4 - .DEFAULT Startup: ADOPTORPHANPROFILE.VBS (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WordWeb Pro.lnk = C:\Program Files\WordWeb\wweb32.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/micr...?1190233681562
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1190233660062
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://access.motorola.com/dana-cac...erSetupSP1.cab
O16 - DPF: {F53270D3-0E32-48B7-B63B-159E33210F70} (Livelink Edit Control) - http://compass.mot.com/i/webedit/lledit.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ds.mot.com,corp.mot.com,mot.com,am.mot.com,ea.mot.com,ap.mot.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ds.mot.com,corp.mot.com,mot.com,am.mot.com,ea.mot.com,ap.mot.com
O20 - Winlogon Notify: mlJAsTjI - mlJAsTjI.dll (file missing)
O21 - SSODL: zip - {18e0c1bc-7f26-4c37-9382-4851f7996d82} - C:\WINDOWS\Installer\{18e0c1bc-7f26-4c37-9382-4851f7996d82}\zip.dll (file missing)
O21 - SSODL: vwnskbot - {068AE652-5E58-45F9-BEE8-2C7C4E080225} - C:\WINDOWS\vwnskbot.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\ISS\Proventia Desktop\blackd.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Contivity VPN Service (ExtranetAccess) - Nortel Networks NA, Inc. - C:\Program Files\Motorola MVP\Extranet_serv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\ISS\Proventia Desktop\RapApp.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ISS Buffer Overflow Exploit Prevention (VPatch) - Unknown owner - C:\Program Files\ISS\Proventia Desktop\vpatch.exe (file missing)
O23 - Service: WinemaCM Serivce - Unknown owner - C:\Program Files\Intel Corporation\IntelWiMAX\UI\wcm_service.exe

--
End of file - 14711 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\CheckNetwork.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-07-02 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C019F108-BDBC-4A4F-9033-AB37B869ABC2}]
C:\WINDOWS\system32\mlJAsTjI.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-06-20 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-20 52896]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-08-04 124656]
"CSCAdvantage"=C:\Program Files\Help Desk\CSCAdv.exe [2005-06-09 111403]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2004-08-04 110592]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-07-07 344064]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-07-23 401408]
""= []
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-07-23 385024]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2005-10-08 176128]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
"Flashget"=C:\Program Files\FlashGet\flashget.exe [2007-07-23 1994800]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"BVRPLiveUpdate"=C:\Program Files\LiveUpdate\Engine\Setup.exe -s /PATCH []
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-03-01 15872]
"CSCLogonInfo"=C:\WINDOWS\UsrLogon.exe [2006-12-13 127079]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-10-23 1168264]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-09-04 2524416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"apsqtkq00p"=D:\Profiles\All Users\Application Data\luhihkha\vmnctuhu.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Communicator"=C:\Program Files\Microsoft Office Communicator\Communicator.exe [2007-02-01 3900776]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-10 218032]
"msbfhcaq"=C:\WINDOWS\system32\byrcjohs.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2007-09-18 684032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-02-28 2321600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe /tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
C:\Program Files\Dell\QuickSet\QuickSet.exe [2006-04-07 1032192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-04-26 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-02 3739648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-16 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Profiles^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\Reader\READER~1.EXE [2005-09-24 29696]

D:\Profiles\All Users\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
WordWeb Pro.lnk - C:\Program Files\WordWeb\wweb32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-08-23 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-07-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mlJAsTjI]
mlJAsTjI.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2006-08-04 43760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
zip - {18e0c1bc-7f26-4c37-9382-4851f7996d82} - C:\WINDOWS\Installer\{18e0c1bc-7f26-4c37-9382-4851f7996d82}\zip.dll []
vwnskbot - {068AE652-5E58-45F9-BEE8-2C7C4E080225} - C:\WINDOWS\vwnskbot.dll [2008-10-21 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C019F108-BDBC-4A4F-9033-AB37B869ABC2}"=C:\WINDOWS\system32\mlJAsTjI.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\opnkkJyy

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=0
"LogonType"=0
"disablecad"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMConfigurePrograms"=1
"GreyMSIAds"=1
"ForceStartMenuLogOff"=1
"NoSMBalloonTip"=1
"NoAutoTrayNotify"=1
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"c:\Program Files\Netmeeting\conf.exe"="C:\Program Files\Netmeeting\conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"c:\Program Files\Netmeeting\conf.exe"="C:\Program Files\Netmeeting\conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13c7d8c8-99bb-11dd-b3c6-0016414c14ab}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49a5ddcc-99b6-11dd-b3c5-0016414c14ab}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84483d5b-cf0c-11dc-b36d-444553544200}]
shell\Autoplay\command - F:\smss.exe
shell\AutoRun\command - F:\smss.exe
shell\Explore\command - F:\smss.exe
shell\Open\command - F:\smss.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca1e362e-995d-11dd-b3c2-444553544200}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f02011bd-96ad-11dd-b3bf-0012cf4844d0}]
shell\AutoRun\command - F:\AutoRun.exe


======File associations======

.ini - open - "D:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe" "%1"
.js - edit -
.js - open - "D:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe" "%1"
.txt - open - "D:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe" "%1"

======List of files/folders created in the last 1 months======

2008-10-31 23:09:01 ----D---- C:\Program Files\trend micro
2008-10-31 23:09:00 ----D---- C:\rsit
2008-10-31 20:16:15 ----A---- C:\WINDOWS\gmer.ini
2008-10-31 20:16:07 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-10-31 20:16:07 ----A---- C:\WINDOWS\gmer.exe
2008-10-31 20:16:07 ----A---- C:\WINDOWS\gmer.dll
2008-10-30 11:19:36 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-27 13:36:15 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-27 09:09:12 ----A---- C:\WINDOWS\OODCNT.INI
2008-10-26 20:03:34 ----D---- C:\WINDOWS\system32\oodag
2008-10-26 19:59:09 ----D---- C:\Program Files\OO Software
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrgres.dll
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-10-26 19:13:04 ----A---- C:\WINDOWS\system32\dfrg.msc
2008-10-25 22:38:31 ----D---- D:\Profiles\Administrator\Application Data\Auslogics
2008-10-25 22:38:20 ----D---- C:\Program Files\Auslogics
2008-10-25 17:11:11 ----D---- C:\WINDOWS\UltraDefrag
2008-10-24 12:39:03 ----D---- C:\Program Files\MediaInfo Lite
2008-10-24 12:36:49 ----D---- C:\Program Files\MOV Download Tool
2008-10-24 12:13:20 ----D---- C:\Program Files\QuickTime Alternative
2008-10-24 12:04:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-10-24 12:04:07 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-10-24 12:04:07 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-10-24 12:04:07 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-10-24 12:04:04 ----A---- C:\WINDOWS\system32\unrar.dll
2008-10-24 12:04:03 ----A---- C:\WINDOWS\avisplitter.ini
2008-10-24 12:03:58 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-10-24 12:03:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-10-24 12:03:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-10-24 12:03:56 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-10-24 12:03:55 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-10-24 12:03:53 ----A---- C:\WINDOWS\system32\divx.dll
2008-10-24 12:03:50 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-10-24 12:03:50 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-10-24 12:03:45 ----D---- D:\Profiles\All Users\Application Data\Real
2008-10-24 12:03:45 ----D---- D:\Profiles\Administrator\Application Data\Real
2008-10-24 12:03:45 ----D---- C:\Program Files\K-Lite Codec Pack
2008-10-24 11:11:47 ----A---- C:\WINDOWS\system32\regsvr32.exe.log
2008-10-23 14:08:44 ----D---- C:\Program Files\Dia
2008-10-23 13:03:00 ----ASH---- C:\WINDOWS\system32\yyJkknpo.ini
2008-10-23 10:40:38 ----SH---- C:\WINDOWS\system32\shtfhqyi.ini
2008-10-22 14:59:07 ----D---- D:\Profiles\Administrator\Application Data\Logitech
2008-10-22 14:55:50 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-10-22 14:53:29 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-10-22 14:53:14 ----A---- C:\WINDOWS\system32\KemXML.dll
2008-10-22 14:53:14 ----A---- C:\WINDOWS\system32\KemWnd.dll
2008-10-22 14:53:14 ----A---- C:\WINDOWS\system32\KemUtil.dll
2008-10-22 14:53:14 ----A---- C:\WINDOWS\system32\kemutb.dll
2008-10-22 09:27:23 ----AD---- D:\Profiles\All Users\Application Data\TEMP
2008-10-22 09:27:01 ----D---- D:\Profiles\Administrator\Application Data\PC Tools
2008-10-22 09:27:01 ----D---- C:\Program Files\Spyware Doctor
2008-10-22 09:26:45 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-22 05:56:24 ----A---- C:\WINDOWS\system32\mcrh.tmp
2008-10-21 19:50:45 ----SH---- C:\WINDOWS\system32\jttppeld.ini
2008-10-21 19:50:41 ----A---- C:\WINDOWS\system32\dleppttj.dll
2008-10-21 19:49:49 ----ASH---- C:\WINDOWS\system32\tCMmnnpo.ini
2008-10-21 19:03:29 ----D---- C:\Program Files\Panda Security
2008-10-21 12:50:01 ----D---- C:\Program Files\Alwil Software
2008-10-21 12:21:12 ----D---- C:\WINDOWS\CSC
2008-10-21 12:08:15 ----SH---- C:\WINDOWS\system32\lgqevufs.ini
2008-10-21 12:08:06 ----A---- C:\WINDOWS\system32\sfuveqgl.dll
2008-10-21 12:07:35 ----A---- C:\WINDOWS\system32\8f0b451b-.txt
2008-10-21 1218 ----ASH---- C:\WINDOWS\system32\uBeLnnnn.ini
2008-10-21 12:00:58 ----A---- C:\WINDOWS\system32\wvUkHYoL.dll
2008-10-21 11:59:51 ----D---- D:\Profiles\Administrator\Application Data\TmpRecentIcons
2008-10-21 11:59:16 ----A---- C:\WINDOWS\woprdagt.exe
2008-10-21 11:59:16 ----A---- C:\WINDOWS\vwnskbot.dll
2008-10-21 11:59:16 ----A---- C:\WINDOWS\erxt.exe
2008-10-13 17:35:53 ----D---- C:\Program Files\Broadband Internet-E220
2008-10-12 17:14:16 ----D---- C:\Program Files\Peretek
2008-10-08 16:32:15 ----D---- C:\Program Files\Western Digital Technologies

======List of files/folders modified in the last 1 months======

2008-10-31 23:09:01 ----D---- C:\Program Files
2008-10-31 23:08:45 ----D---- C:\WINDOWS\Prefetch
2008-10-31 22:45:42 ----D---- C:\WINDOWS\Temp
2008-10-31 20:16:15 ----AD---- C:\WINDOWS
2008-10-31 20:16:07 ----D---- C:\WINDOWS\system32\drivers
2008-10-31 20:12:53 ----D---- C:\Program Files\Flock
2008-10-31 20:03:41 ----D---- C:\WINDOWS\system32\SMSPackageInfo
2008-10-31 20:03:13 ----A---- C:\WINDOWS\dcomsd.txt
2008-10-31 20:03:07 ----A---- C:\WINDOWS\regsd.txt
2008-10-31 20:03:01 ----A---- C:\WINDOWS\wmisd.txt
2008-10-31 20:02:01 ----AD---- C:\ntutils
2008-10-31 11:15:02 ----D---- C:\WINDOWS\system32\VPCache
2008-10-31 10:29:37 ----AD---- C:\WINDOWS\system32
2008-10-31 10:29:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-30 13:01:19 ----D---- D:\Profiles\Administrator\Application Data\Flock
2008-10-30 12:45:26 ----HD---- C:\WINDOWS\inf
2008-10-30 11:39:38 ----A---- C:\WINDOWS\smscfg.ini
2008-10-30 11:39:11 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-30 11:38:39 ----D---- C:\Program Files\FlashGet
2008-10-30 11:38:23 ----D---- C:\Program Files\Symantec AntiVirus
2008-10-30 11:33:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-29 13:47:24 ----D---- C:\WINDOWS\system32\Macromed
2008-10-29 13:30:43 ----D---- D:\Profiles\Administrator\Application Data\UseNeXT
2008-10-29 10:26:18 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-28 17:57:43 ----D---- C:\WINDOWS\system32\LogFiles
2008-10-28 11:34:13 ----D---- C:\WINDOWS\appslogs
2008-10-27 10:24:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-26 19:59:40 ----SHD---- C:\WINDOWS\Installer
2008-10-26 19:59:38 ----D---- C:\Config.Msi
2008-10-26 19:13:13 ----D---- C:\WINDOWS\Help
2008-10-26 10:47:13 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-25 23:13:03 ----D---- C:\Program Files\WinZip
2008-10-25 22:40:46 ----D---- C:\Downloads
2008-10-25 22:33:05 ----SHD---- C:\System Volume Information
2008-10-25 22:33:05 ----D---- C:\WINDOWS\system32\Restore
2008-10-25 16:09:46 ----D---- C:\Program Files\SupportSoft_Amer_Motorola
2008-10-25 16:07:42 ----D---- C:\WINDOWS\system32\ShellExt
2008-10-25 1652 ----SD---- C:\WINDOWS\Tasks
2008-10-24 17:13:32 ----D---- C:\Program Files\WinRAR
2008-10-24 12:13:35 ----D---- D:\Profiles\All Users\Application Data\Apple Computer
2008-10-24 12:12:54 ----D---- D:\Profiles\Administrator\Application Data\Apple Computer
2008-10-24 11:55:22 ----D---- D:\Profiles\Administrator\Application Data\BSplayer PRO
2008-10-24 11:10:25 ----D---- C:\Program Files\QuickTime
2008-10-24 09:39:20 ----D---- C:\Program Files\UseNeXT
2008-10-23 13:44:26 ----D---- C:\Program Files\Motorola MVP
2008-10-23 13:32:05 ----D---- C:\WINDOWS\mslagent
2008-10-23 13:28:57 ----D---- D:\Profiles\Administrator\Application Data\Adobe
2008-10-22 14:56:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-22 14:56:09 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-22 14:53:55 ----D---- C:\Program Files\Common Files\logishrd
2008-10-22 14:52:10 ----D---- D:\Profiles\All Users\Application Data\Logitech
2008-10-22 14:51:46 ----D---- C:\Program Files\Logitech
2008-10-22 10:14:49 ----SD---- D:\Profiles\All Users\Application Data\Microsoft
2008-10-22 09:26:45 ----D---- C:\Program Files\Common Files
2008-10-22 09:22:33 ----ASH---- C:\boot.ini
2008-10-22 09:22:33 ----A---- C:\WINDOWS\win.ini
2008-10-22 09:22:33 ----A---- C:\WINDOWS\system.ini
2008-10-21 22:38:18 ----A---- C:\rapport.txt
2008-10-21 22:37:38 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-21 22:27:30 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-21 14:28:07 ----D---- C:\WINDOWS\system32\config
2008-10-20 13:28:09 ----D---- D:\Profiles\Administrator\Application Data\Mozilla
2008-10-12 1616 ----D---- C:\WINDOWS\system
2008-10-10 15:17:30 ----D---- C:\WINDOWS\system32\wbem
2008-10-08 16:32:15 ----SD---- D:\Profiles\Administrator\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-13 16128]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-03-08 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-03-08 9464]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2007-09-18 241280]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-10-23 66952]
R1 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-10-23 81288]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2007-05-02 16896]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2007-09-18 144250]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-09-18 206464]
R1 vcdrom;Virtual CD-ROM Device Driver; \??\c:\WINDOWS\system32\drivers\VCdRom.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-18 17801]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-07-23 11354]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-09-29 113847]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-08-23 1723904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-01 152064]
R3 BeceemPHS;BeceemPHS; C:\WINDOWS\system32\DRIVERS\BeceemPHS.sys [2007-06-25 23552]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
R3 BTHMODEM;Bluetooth Modem Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-04 100992]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 Eacfilt;Eacfilt Miniport; C:\WINDOWS\system32\DRIVERS\eacfilt.sys [2002-10-12 9049]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2005-05-31 87936]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-04 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-04 208384]
R3 idisw2km;idisw2km; C:\WINDOWS\system32\DRIVERS\idisw2km.sys [2006-02-09 8992]
R3 IPSECSHM;Nortel IPSECSHM Adapter; C:\WINDOWS\system32\DRIVERS\ipsecw2k.sys [2002-10-12 115008]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 kbstuff;SMS Virtual Keyboard; C:\WINDOWS\system32\DRIVERS\kbstuff5.sys [2006-02-09 11744]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-09-18 30662]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081030.003\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081030.003\navex15.sys []
R3 OOTextMode;OOTextMode; C:\WINDOWS\System32\drivers\oobctm.sys [2008-08-30 37896]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-09-18 10368]
R3 rap;rap; C:\WINDOWS\System32\drivers\RapDrv.sys [2008-05-06 50163]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-11 273168]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-07-20 3289088]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-04 705408]
R4 black;black; C:\WINDOWS\System32\drivers\BlackCat.sys [2007-06-15 205938]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S2 IPSECEXT;Nortel Extranet Access Protocol; C:\WINDOWS\system32\DRIVERS\ipsecw2k.sys [2002-10-12 115008]
S3 BeceemNDIS;TarangService; C:\WINDOWS\system32\DRIVERS\drxvi211.sys [2007-06-25 180224]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-09-18 25930]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-10-31 85969]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-11 41888]
S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832]
S3 MakoNT;MakoNT; C:\WINDOWS\system32\drivers\isskboep.sys [2007-06-15 80512]
S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2004-08-04 63744]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys []
S3 RapFile;RapFile; \??\C:\WINDOWS\system32\drivers\RapFile.sys []
S3 RapNet;RapNet; \??\C:\WINDOWS\system32\drivers\RapNet.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-08-23 413696]
R2 BlackICE;BlackICE; C:\Program Files\ISS\Proventia Desktop\blackd.exe [2008-05-06 2093322]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-20 192160]
R2 CcmExec;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2007-04-13 590712]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-20 169632]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2007-05-23 122880]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-08-04 31472]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-07-23 86016]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 RapApp;RapApp; C:\Program Files\ISS\Proventia Desktop\RapApp.exe [2008-05-06 1278218]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-07-23 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-07-23 372809]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-23 1079176]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-12 1160848]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-08-04 1807600]
R2 WinemaCM Serivce;WinemaCM Serivce; C:\Program Files\Intel Corporation\IntelWiMAX\UI\wcm_service.exe [2007-04-18 10752]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-18 654848]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-08-22 520192]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S2 VPatch;ISS Buffer Overflow Exploit Prevention; C:\Program Files\ISS\Proventia Desktop\vpatch.exe []
S2 Wuser32;SMS Remote Control Agent; C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe [2007-05-30 241664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 ExtranetAccess;Contivity VPN Service; C:\Program Files\Motorola MVP\Extranet_serv.exe [2002-10-12 626688]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-02-23 2045632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-08-04 115952]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2006-11-20 33280]
S4 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2004-08-04 8704]

-----------------EOF-----------------
Attached Files
File Type: txt gemer.txt (337.9 KB, 1 views)
File Type: txt info.txt (31.3 KB, 2 views)
Xjester is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here