Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PC going very slow again HELP !!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

PC going very slow again HELP !!

Unread postby Arjun108 » April 24th, 2009, 8:43 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:41:13, on 25/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6714 bytes
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm
Advertisement
Register to Remove

Re: PC going very slow again HELP !!

Unread postby MWR 3 day Mod » April 28th, 2009, 9:43 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: PC going very slow again HELP !!

Unread postby Carolyn » April 30th, 2009, 3:21 pm

Hello and Welcome back to the forums!

My name is Carolyn and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.

Please do not run any other tool untill instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.


If you follow these instructions, everything should go smoothly.


Step 1

Image
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.

Step 2

Please download gmer.zip from Gmer and save it to your desktop.

  1. Right click on gmer.zip and select Extract All....
  2. Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.
  3. Click on the Browse button. Click on Desktop. Then click OK.
  4. Click Next. It will start extracting.
  5. Once done, check (tick) the Show extracted files box and click Finish.

Double click on gmer.exe to run it. It will start running a scan. If it detects rootkit activity, you will receive a prompt to run a full scan. Click Yes.

  • When done, you may receive another notice. Click OK.
  • Click on Save ... to save a log.
  • Copy and paste in Gmer.txt and click Save.
  • Close Gmer.

If you receive no notice, click on the Scan button.

  • It will start scanning again.
  • When done, click on Save ... to save a log.
  • Copy and paste in Gmer.txt and click Save.
  • Close Gmer.

Note: Do not run any programs while Gmer is running.

In your next reply, please post:

  1. DDS.txt
  2. Attach.txt
  3. Gmer.txt
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 1st, 2009, 10:28 am

Hi Carolyn ,

Here's the logs


DDS (Ver_09-03-16.01) - NTFSx86
Run by Arjun at 14:08:11.73 on 01/05/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.383.165 [GMT 1:00]

FW: COMODO Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Arjun\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://search.live.com
uSearch Bar = hxxp://search.live.com/sphome.aspx
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/def ... earch.html
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://search.live.com/sphome.aspx
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [VCSPlayer] "c:\program files\virtual cd v4 sdk\system\vcsplay.exe"
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "realsched.exe" -osboot
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\arjun\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\freewe~1.lnk - c:\program files\coffeecup software\coffeecup free ftp\ThirtyDayTimer.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\arjun\applic~1\mozilla\firefox\profiles\vjr4j10n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://uk.mc255.mail.yahoo.com/mc/showF ... 23918&da=0
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-2-9 110992]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-2-9 24336]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2009-2-9 700152]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-26 55152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-4-17 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-9-19 47640]
R2 U3sHlpDr;U3sHlpDr;c:\windows\system32\drivers\U3sHlpDr.sys [2007-9-20 7551]
R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2003-7-18 24608]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [2009-4-16 23288]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2009-04-16 20:05 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Syncrosoft
2009-04-16 20:03 45,056 a------- c:\windows\system32\Synsopos.exe
2009-04-16 19:50 147,425 a------- c:\windows\system32\SYNSOACC-Aide.chm
2009-04-16 19:50 120,468 a------- c:\windows\system32\SYNSOACC-Hilfe.chm
2009-04-16 19:50 114,279 a------- c:\windows\system32\SYNSOACC-Help.chm
2009-04-16 19:50 23,288 a------- c:\windows\system32\drivers\synasUSB.sys
2009-04-16 19:48 147,456 a------- c:\windows\system32\SynsoLChk.dll
2009-04-16 19:48 765,952 a------- c:\windows\system32\SYNSOACC.dll
2009-04-16 19:48 <DIR> --d----- c:\program files\Syncrosoft

==================== Find3M ====================

2009-04-09 14:51 77,480 a------- c:\docume~1\arjun\applic~1\GDIPFONTCACHEV1.DAT
2009-03-02 08:01 155,384 a------- c:\windows\system32\guard32.dll
2009-02-06 20:03 307,576 a------- c:\windows\WLXPGSS.SCR
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll

============= FINISH: 14:09:40.93 ===============
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 1st, 2009, 10:29 am

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18/09/2007 22:33:49
System Uptime: 05/01/2009 05:54:15 (2793 hours ago)

Motherboard: ASUSTek Computer INC. | | P4R800-VM
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | CPU 1 | 2794/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 108 GiB total, 19.58 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_1002&DEV_434D&SUBSYS_30541631&REV_01\3&267A616A&0&A6
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_1002&DEV_434D&SUBSYS_30541631&REV_01\3&267A616A&0&A6
Service:

==== System Restore Points ===================

RP1: 12/02/2009 13:12:50 - System Checkpoint
RP2: 13/02/2009 18:12:13 - System Checkpoint
RP3: 14/02/2009 19:09:16 - System Checkpoint
RP4: 15/02/2009 20:58:07 - System Checkpoint
RP5: 16/02/2009 21:28:41 - System Checkpoint
RP6: 18/02/2009 08:12:43 - System Checkpoint
RP7: 19/02/2009 11:12:27 - System Checkpoint
RP8: 20/02/2009 13:09:40 - System Checkpoint
RP9: 21/02/2009 16:35:26 - System Checkpoint
RP10: 22/02/2009 16:50:35 - System Checkpoint
RP11: 23/02/2009 18:18:06 - System Checkpoint
RP12: 24/02/2009 19:50:01 - System Checkpoint
RP13: 25/02/2009 19:52:52 - System Checkpoint
RP14: 26/02/2009 20:35:44 - System Checkpoint
RP15: 27/02/2009 21:00:24 - System Checkpoint
RP16: 28/02/2009 22:06:01 - System Checkpoint
RP17: 01/03/2009 22:11:38 - System Checkpoint
RP18: 02/03/2009 22:57:10 - System Checkpoint
RP19: 04/03/2009 08:39:13 - System Checkpoint
RP20: 05/03/2009 09:10:51 - System Checkpoint
RP21: 06/03/2009 09:37:20 - System Checkpoint
RP22: 07/03/2009 16:27:38 - System Checkpoint
RP23: 08/03/2009 16:31:38 - System Checkpoint
RP24: 09/03/2009 17:23:18 - System Checkpoint
RP25: 10/03/2009 17:48:14 - System Checkpoint
RP26: 11/03/2009 18:25:46 - System Checkpoint
RP27: 12/03/2009 20:58:23 - System Checkpoint
RP28: 13/03/2009 22:15:47 - System Checkpoint
RP29: 14/03/2009 22:50:29 - System Checkpoint
RP30: 16/03/2009 07:25:29 - System Checkpoint
RP31: 17/03/2009 10:50:53 - System Checkpoint
RP32: 17/03/2009 18:45:57 - Installed Windows Media Player 11
RP33: 17/03/2009 18:46:34 - Installed Windows XP Wudf01000.
RP34: 17/03/2009 18:51:27 - Installed Windows XP MSCompPackV1.
RP35: 17/03/2009 18:52:56 - Installed Windows XP KB926239.
RP36: 18/03/2009 20:39:08 - System Checkpoint
RP37: 19/03/2009 21:12:36 - System Checkpoint
RP38: 21/03/2009 08:18:20 - System Checkpoint
RP39: 22/03/2009 08:39:30 - System Checkpoint
RP40: 23/03/2009 08:49:06 - System Checkpoint
RP41: 24/03/2009 09:06:17 - System Checkpoint
RP42: 25/03/2009 09:32:48 - System Checkpoint
RP43: 26/03/2009 07:30:38 - Installed Windows XP WIC.
RP44: 26/03/2009 07:33:17 - Installed Windows XP KB954708.
RP45: 26/03/2009 07:34:27 - Installed DirectX
RP46: 26/03/2009 09:07:14 - Installed DirectX
RP47: 26/03/2009 09:08:21 - Installed DirectX
RP48: 27/03/2009 14:10:44 - System Checkpoint
RP49: 28/03/2009 15:15:36 - System Checkpoint
RP50: 29/03/2009 16:54:37 - System Checkpoint
RP51: 30/03/2009 17:00:45 - System Checkpoint
RP52: 31/03/2009 19:06:10 - System Checkpoint
RP53: 01/04/2009 20:05:23 - System Checkpoint
RP54: 02/04/2009 21:20:42 - System Checkpoint
RP55: 04/04/2009 07:56:24 - System Checkpoint
RP56: 05/04/2009 08:57:02 - System Checkpoint
RP57: 06/04/2009 09:30:30 - System Checkpoint
RP58: 07/04/2009 10:49:15 - System Checkpoint
RP59: 08/04/2009 11:30:32 - System Checkpoint
RP60: 09/04/2009 12:01:57 - System Checkpoint
RP61: 10/04/2009 12:04:01 - System Checkpoint
RP62: 11/04/2009 14:10:38 - System Checkpoint
RP63: 12/04/2009 15:14:05 - System Checkpoint
RP64: 13/04/2009 15:59:18 - System Checkpoint
RP65: 14/04/2009 20:02:24 - System Checkpoint
RP66: 15/04/2009 22:00:40 - System Checkpoint
RP67: 16/04/2009 19:48:28 -
RP68: 16/04/2009 20:02:45 -
RP69: 17/04/2009 21:01:45 - System Checkpoint
RP70: 18/04/2009 21:39:46 - System Checkpoint
RP71: 20/04/2009 08:41:55 - System Checkpoint
RP72: 21/04/2009 09:08:44 - System Checkpoint
RP73: 22/04/2009 09:32:33 - System Checkpoint
RP74: 23/04/2009 11:22:47 - System Checkpoint
RP75: 24/04/2009 13:40:55 - System Checkpoint
RP76: 25/04/2009 14:09:41 - System Checkpoint
RP77: 26/04/2009 15:53:10 - System Checkpoint
RP78: 27/04/2009 16:46:56 - System Checkpoint
RP79: 28/04/2009 21:11:17 - System Checkpoint
RP80: 29/04/2009 21:22:49 - System Checkpoint
RP81: 30/04/2009 22:29:25 - System Checkpoint

==== Installed Programs ======================

3Com 3C920B Network drivers
Adobe After Effects 7.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 2.0
Adobe Photoshop CS2
Adobe Reader 8.1.1
Adobe Stock Photos 1.0
Adobe® Photoshop® Album Starter Edition 3.2
Apple Software Update
ATI Display Driver
BroadJump Client Foundation
Choice Guard
CoffeeCup Free FTP
COMODO Internet Security
ESET Online Scanner
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Junk Mail filter update
LogMeIn
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Flash MX
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Live Add-in 1.3
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox (3.0.10)
MSN
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
QuickTime
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960714)
Segoe UI
SmartFTP Client
SoundMAX
SSH Secure Shell
Syncrosoft License Control
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
VideoLAN VLC media player 0.8.6i
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection

==== Event Viewer Messages From Past Week ========

25/04/2009 01:27:38, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 1st, 2009, 10:47 am

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-05-01 15:58:00
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- Threads - GMER 1.0.15 ----

Thread System [4:820] 82942B50
Thread System [4:824] 82911BA0
Thread System [4:828] 8295FDC0
Thread System [4:832] 829210E0
Thread System [4:3200] 82942B50
Thread System [4:2664] 82911BA0
Thread System [4:2660] 8295FDC0
Thread System [4:3132] 829210E0
Thread System [4:532] 82942B50
Thread System [4:1704] 82911BA0
Thread System [4:224] 8295FDC0
Thread System [4:2780] 829210E0

---- EOF - GMER 1.0.15 ----
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Carolyn » May 1st, 2009, 3:06 pm

Hi,

I am not seeing any signs of an Antivirus program in your logs. Are you using the Antivirus program that comes with Comodo Internet Security? Is the program currently disabled?

Around the time the slowness began, had you recently install any software or make any other changes to your computer? When did you install Comodo?


Please update and scan with Malwarebytes' Anti-Malware
  1. Launch Malwarebytes' Anti-Malware and select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
  2. Next, select the Scanner tab. Click on Perform full scan, then click on Scan.
  3. Leave the default options as it is and click on Start Scan.
  4. When done, you will be prompted. Click OK, then click on Show Results.
  5. Checked (ticked) all items and click on Remove Selected.
  6. After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.


Next,
  1. Please download OTListIt2 by OldTimer from Geeks to Go. Save it your desktop.
  2. Double click on OTListIt2.exe to run it.
  3. Under Extra Registry section, select Use SafeList.
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open. Please post the contents of these 2 Notepad files in your next reply. One log per reply please.

Please post the following:
  • The Malwarebytes' log
  • The OTListIt2 logfile
  • The OTListIt2 Extras logfile
  • The answers to my questions
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 4th, 2009, 11:13 am

Malwarebytes' Anti-Malware 1.36
Database version: 2072
Windows 5.1.2600 Service Pack 2

04/05/2009 14:24:22
mbam-log-2009-05-04 (14-24-22).txt

Scan type: Full Scan (C:\|)
Objects scanned: 309575
Time elapsed: 3 hour(s), 41 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

OTListIt logfile created on: 04/05/2009 16:04:42 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Arjun\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

382.80 Mb Total Physical Memory | 34.90 Mb Available Physical Memory | 9.12% Memory free
923.39 Mb Paging File | 478.02 Mb Available in Paging File | 51.77% Paging File free
Paging file location(s): c:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.78 Gb Total Space | 19.60 Gb Free Space | 18.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ARJUN-ADEF4C5F6
Current User Name: Arjun
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2004/05/15 21:30:04 | 00,376,832 | ---- | M] () -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2009/03/02 08:00:50 | 00,700,152 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2004/05/15 21:30:04 | 00,376,832 | ---- | M] () -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2007/06/13 11:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/10/18 13:39:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe
PRC - [2002/09/10 21:26:26 | 00,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
PRC - [2003/07/30 10:08:58 | 00,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2007/04/17 14:03:52 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2007/04/17 14:03:52 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/03/09 12:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2008/10/18 13:39:38 | 00,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/03/02 08:00:57 | 01,851,128 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2008/10/18 13:39:38 | 00,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2001/02/23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2008/10/07 16:23:46 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2002/09/20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2004/08/04 00:56:58 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009/04/28 13:01:56 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/05/04 16:02:46 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Arjun\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/09/21 13:22:52 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2004/05/15 21:30:04 | 00,376,832 | ---- | M] () -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2004/05/15 21:10:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/03/02 08:00:50 | 00,700,152 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/04/25 21:18:30 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2006/02/28 13:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/10/18 13:39:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint [Auto | Running])
SRV - [2007/04/17 14:03:52 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn [Auto | Running])
SRV - [2001/02/23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
SRV - [2002/09/20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2002/04/01 14:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2004/05/15 21:41:40 | 00,745,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2003/04/22 19:06:40 | 00,013,174 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp [Boot | Running])
DRV - [2003/07/18 10:17:28 | 00,349,056 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\system32\DRIVERS\Cap7134.sys -- (Cap7134 [On_Demand | Running])
DRV - [2009/03/02 08:01:11 | 00,110,992 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2009/02/19 17:36:15 | 00,024,336 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2003/07/29 22:15:54 | 00,077,465 | ---- | M] (3Com Corporation) -- C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS -- (EL90Xbc [On_Demand | Running])
DRV - [2009/02/06 19:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2009/03/02 08:01:12 | 00,080,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect [Boot | Running])
DRV - [2008/05/31 21:40:14 | 00,012,856 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo [Auto | Running])
DRV - [2007/04/17 14:00:30 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\DRIVERS\lmimirr.sys -- (lmimirr [On_Demand | Running])
DRV - [2008/10/18 13:39:40 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP [Disabled | Stopped])
DRV - [2008/10/18 13:39:40 | 00,047,640 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver [Auto | Running])
DRV - [2003/07/18 03:23:14 | 00,024,608 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\system32\DRIVERS\PhTVTune.sys -- (PhTVTune [On_Demand | Running])
DRV - [2001/08/23 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/11/13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2003/10/01 14:48:24 | 00,594,048 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2007/10/24 11:47:26 | 00,023,288 | ---- | M] (SIA Syncrosoft) -- C:\WINDOWS\system32\drivers\SynasUSB.sys -- (SynasUSB [On_Demand | Stopped])
DRV - [2007/09/20 22:04:16 | 00,007,551 | ---- | M] () -- C:\WINDOWS\System32\Drivers\U3sHlpDr.sys -- (U3sHlpDr [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://uk.mc255.mail.yahoo.com/mc/showFolder?fid=Inbox&.rand=752523918&da=0"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.2.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/28 22:38:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 13:02:05 | 00,000,000 | ---D | M]

[2009/01/09 23:46:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Arjun\Application Data\mozilla\Extensions
[2009/01/09 23:46:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Arjun\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/03 22:44:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Arjun\Application Data\mozilla\Firefox\Profiles\vjr4j10n.default\extensions
[2007/10/23 00:43:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Arjun\Application Data\mozilla\Firefox\Profiles\vjr4j10n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/03 22:44:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Arjun\Application Data\mozilla\Firefox\Profiles\vjr4j10n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/03/26 11:40:12 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\Arjun\Application Data\Mozilla\FireFox\Profiles\vjr4j10n.default\searchplugins\live-search.xml
[2009/01/09 23:46:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 13:02:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/28 13:01:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 13:01:56 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/09 23:45:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/01/09 23:45:50 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/09 23:45:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/01/09 23:45:50 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/09 23:45:50 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/01/09 23:45:50 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/09 23:45:50 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/09 23:45:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (707 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" (LogMeIn, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] "realsched.exe" -osboot File not found
O4 - HKLM..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" (H+H Software GmbH)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Free WebSite Tools.lnk = C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\ThirtyDayTimer.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Arjun\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll ()
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/16 00:38:06 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{fc366606-603c-11dc-bc68-000ea6a906ff}\Shell - "" = AutoRun
O33 - MountPoints2\{fc366606-603c-11dc-bc68-000ea6a906ff}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fc366606-603c-11dc-bc68-000ea6a906ff}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/05/04 16:02:45 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Arjun\Desktop\OTListIt2.exe
[2009/05/01 17:59:35 | 00,018,944 | -HS- | C] () -- C:\Documents and Settings\Arjun\Desktop\Thumbs.db
[2009/05/01 17:58:40 | 00,195,036 | ---- | C] () -- C:\Documents and Settings\Arjun\My Documents\223956286(2).jpg
[2009/05/01 17:58:07 | 00,195,036 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\223956286(2).jpg
[2009/05/01 17:57:44 | 00,195,036 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\223956286.jpg
[2009/05/01 17:53:54 | 00,038,952 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\Swami - 4(2).jpg
[2009/05/01 17:53:23 | 00,038,952 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\Swami - 4.jpg
[2009/05/01 15:40:18 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\gmer.exe
[2009/05/01 14:06:01 | 00,278,221 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\gmer.zip
[2009/05/01 14:03:32 | 00,360,021 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\dds.scr
[2009/04/29 10:49:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Arjun\My Documents\aum
[2009/04/16 20:05:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Syncrosoft
[2009/04/16 20:03:14 | 00,045,056 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\Synsopos.exe
[2009/04/16 19:50:47 | 00,147,425 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Aide.chm
[2009/04/16 19:50:47 | 00,120,468 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Hilfe.chm
[2009/04/16 19:50:47 | 00,114,279 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Help.chm
[2009/04/16 19:50:10 | 00,023,288 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\drivers\synasUSB.sys
[2009/04/16 19:48:38 | 00,147,456 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\SynsoLChk.dll
[2009/04/16 19:48:35 | 00,765,952 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\SYNSOACC.dll
[2009/04/16 19:48:30 | 00,000,000 | ---D | C] -- C:\Program Files\Syncrosoft
[2009/04/16 19:46:44 | 12,092,281 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\SyncrosoftLicenseControlSetup.exe
[2009/04/10 20:14:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Arjun\Local Settings\Apps
[2009/04/09 14:52:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Arjun\My Documents\nexus2
[2009/04/07 15:28:23 | 00,768,054 | ---- | C] () -- C:\Documents and Settings\Arjun\Desktop\rs symbol.bmp
[2009/02/09 20:44:29 | 00,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/02/11 10:39:26 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008/02/11 10:39:18 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008/02/08 14:53:46 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007/09/20 22:04:16 | 00,007,551 | ---- | C] () -- C:\WINDOWS\System32\drivers\U3sHlpDr.sys
[2007/09/19 00:09:08 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2007/09/17 22:55:10 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/16 00:10:10 | 00,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2007/09/16 00:10:01 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2007/07/27 15:49:02 | 00,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 15:49:02 | 00,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/05/22 19:14:58 | 00,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2005/12/05 20:25:22 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 13:37:10 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2004/08/04 00:56:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/05/15 21:31:36 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/05/04 16:02:46 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Arjun\Desktop\OTListIt2.exe
[2009/05/04 12:49:35 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\Microsoft Word.lnk
[2009/05/04 06:48:38 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/04 06:31:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/04 06:31:13 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Arjun\Local Settings\desktop.ini
[2009/05/04 06:31:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/03 07:24:08 | 00,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/02 20:06:50 | 00,084,480 | -HS- | M] () -- C:\Documents and Settings\Arjun\My Documents\Thumbs.db
[2009/05/01 17:59:37 | 00,018,944 | -HS- | M] () -- C:\Documents and Settings\Arjun\Desktop\Thumbs.db
[2009/05/01 17:58:08 | 00,195,036 | ---- | M] () -- C:\Documents and Settings\Arjun\My Documents\223956286(2).jpg
[2009/05/01 17:58:08 | 00,195,036 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\223956286(2).jpg
[2009/05/01 17:57:44 | 00,195,036 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\223956286.jpg
[2009/05/01 17:53:55 | 00,038,952 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\Swami - 4(2).jpg
[2009/05/01 17:53:23 | 00,038,952 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\Swami - 4.jpg
[2009/05/01 17:04:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/01 15:16:03 | 40,148,9920 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/05/01 14:11:30 | 00,278,221 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\gmer.zip
[2009/05/01 14:05:47 | 00,360,021 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\dds.scr
[2009/04/28 19:05:04 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\gmer.exe
[2009/04/22 20:34:25 | 00,001,359 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
[2009/04/16 20:04:00 | 00,393,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/16 20:04:00 | 00,059,374 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/16 20:03:59 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/16 19:47:27 | 12,092,281 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\SyncrosoftLicenseControlSetup.exe
[2009/04/09 14:51:41 | 00,077,480 | ---- | M] () -- C:\Documents and Settings\Arjun\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/07 15:28:28 | 00,768,054 | ---- | M] () -- C:\Documents and Settings\Arjun\Desktop\rs symbol.bmp
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
< End of report >
OTListIt Extras logfile created on: 04/05/2009 16:04:42 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Arjun\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

382.80 Mb Total Physical Memory | 34.90 Mb Available Physical Memory | 9.12% Memory free
923.39 Mb Paging File | 478.02 Mb Available in Paging File | 51.77% Paging File free
Paging file location(s): c:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.78 Gb Total Space | 19.60 Gb Free Space | 18.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ARJUN-ADEF4C5F6
Current User Name: Arjun
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"56513:TCP" = 56513:TCP:*:Enabled:Pando P2P TCP Listening Port
"56513:UDP" = 56513:UDP:*:Enabled:Pando P2P UDP Listening Port

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2009/02/06 19:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009/02/06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2007/09/04 21:21:34 | 06,772,000 | ---- | M] (SmartSoft Ltd.) -- C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5
[2002/05/13 15:31:24 | 09,789,440 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabled:Dreamweaver MX
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2004/10/13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application
File not found -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client
[2009/02/06 19:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009/02/06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3FEC3A5B-60FF-4626-B425-08E09B121A15}" = LogMeIn
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}" = SSH Secure Shell
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B66899F2-C58D-4CEC-9FA8-867883FFB707}" = CoffeeCup Free FTP
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"3Com 3C920B Network drivers_is1" = 3Com 3C920B Network drivers
"Adobe After Effects 7.0" = Adobe After Effects 7.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"ATI Display Driver" = ATI Display Driver
"BroadJump Client Foundation" = BroadJump Client Foundation
"COMODO Internet Security" = COMODO Internet Security
"EsetOnlineScanner" = ESET Online Scanner
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Syncrosoft License Control" = Syncrosoft License Control
"VLC media player" = VideoLAN VLC media player 0.8.6i
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/04/2009 13:25:45 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1001
Description = Fault bucket 1222155658.

Error - 26/04/2009 14:56:35 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3384, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 27/04/2009 02:12:49 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 27/04/2009 02:20:47 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1001
Description = Fault bucket 126637809.

Error - 27/04/2009 13:24:37 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3384, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 28/04/2009 13:58:29 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 29/04/2009 02:11:49 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 29/04/2009 18:18:57 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x032a1f9d.

Error - 30/04/2009 14:24:43 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x02ed1f9d.

Error - 02/05/2009 04:31:04 | Computer Name = ARJUN-ADEF4C5F6 | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 10.0.2627.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 01/05/2009 10:00:10 | Computer Name = ARJUN-ADEF4C5F6 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 01/05/2009 10:12:10 | Computer Name = ARJUN-ADEF4C5F6 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 03/05/2009 17:30:44 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 03/05/2009 17:30:44 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 03/05/2009 17:30:44 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 03/05/2009 17:30:44 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 03/05/2009 17:30:46 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 03/05/2009 17:30:46 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 03/05/2009 17:35:58 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 03/05/2009 17:35:58 | Computer Name = ARJUN-ADEF4C5F6 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.


< End of report >
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 4th, 2009, 11:19 am

Hi Carolyn,

I downloaded the Comodo when i came here last when my PC had slowed and was adviced to use it.So I Just done what i was instructed do .To what I thought the anti-virus is on.I'll have to check again..The slowness started a few weeks again but i haven't installed any new software..

Thanks Arjun
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Carolyn » May 4th, 2009, 1:10 pm

Arjun108 wrote:Hi Carolyn,

I downloaded the Comodo when i came here last when my PC had slowed and was adviced to use it.So I Just done what i was instructed do .To what I thought the anti-virus is on.I'll have to check again..The slowness started a few weeks again but i haven't installed any new software..

Thanks Arjun


Using a 3rd Party firewall, like Comodo, is not the best choice for every user/every computer.

Having a good Antivirus program installed and up-to-date is essential to your computer's security.

====================================

Please Click Start > Control Panel > Add/Remove Programs
Remove these programs by clicking Remove

COMODO Internet Security
ESET Online Scanner

====================================

Next, enable Windows Firewall:

Open Control Panel then double click Windows Firewall.

Select On (recommended), then Click OK.

====================================

You aren't running Anti Virus Software. Please download and install one of them first!!!

Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. Here are some Anti Virus products which are free for personal use and most used:
Avast
AntiVir
BitDefender

Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

====================================

Please make sure that all programs are closed when installing Java.

  1. Click here to visit Java's website.
  2. Scroll down to Java Runtime Environment (JRE) 6 Update 13. Click on Download.
  3. Select Windows from the drop-down list for Platform.
  4. Select Multi-language from the drop-down list for Language.
  5. Check (tick) I agree to the Java SE Runtime Environment 6 License Agreement box and click on Continue.
  6. Click on jre-6u13-windows-i586-p.exe link to download it and save this to a convenient location.
  7. Double click on jre-6u13-windows-i586-p.exe to install Java.
  8. After the Java installation has finished, please go to Kaspersky website and perform an online antivirus scan.
  9. Read through the requirements and privacy statement and click on Accept button.
  10. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  11. When the downloads have finished, click on Settings.
  12. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  13. Click on My Computer under Scan.
  14. Once the scan is complete, it will display the results. Click on View Scan Report.
  15. You will see a list of infected items there. Click on Save Report As....
  16. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  17. Please post this log in your next reply along with a fresh HijackThis log and a description of how your computer is behaving.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 8th, 2009, 11:10 am

Carolyn, The Kaspersky scan doesn't seem to work properly..It freezes apart a while . I tried it a few times.
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Carolyn » May 9th, 2009, 7:19 am

Arjun108 wrote:Carolyn, The Kaspersky scan doesn't seem to work properly..It freezes apart a while . I tried it a few times.


Hi,

Did you disable your Antivirus real-time protection during the Kaspersky scan?
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 9th, 2009, 8:30 am

the only thing i did freeze was the online stop on access protection
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm

Re: PC going very slow again HELP !!

Unread postby Carolyn » May 9th, 2009, 8:44 am

Okay, let's try a different scanner...

  1. Click here to perform a Panda online scan. Please use Internet Explorer as it requires ActiveX.
  2. Click on Scan your PC now.
  3. A new window will open.
  4. Select your country and type in your email address. You may also optionally choose to receive emails from Panda. If you don't wish to, please select I do not want to receive marketing information from Panda Software and/or its International Representatives where applicable. option.
  5. Click on Free online scan.
  6. You will be prompted to install an ActiveX. Please allow it.
  7. Once installed, it will start downloading the virus definitions. Please be patient. This takes a while.
  8. Once the files are downloaded, it will ask you to select what to scan. Select My Computer.
  9. The scan will start. It takes a while, please be patient.
  10. Once done, click on View Report.
  11. You will be brought to another page. Click on Save Report. Save it to your desktop. Please post this report in your next reply along with a fresh HijackThis log.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: PC going very slow again HELP !!

Unread postby Arjun108 » May 10th, 2009, 6:22 pm

Carolyn, Also since adding the anti virus programme the pc has gone even more slow..

this is what came on the scan.

Summary of your last scan:
5/9/2009 7:11:08 PM
Results: 25 viruses or spyware detected.
Suspicious items: 2 suspicious files detected, not sent.
Vulnerabilities: No vulnerabilities detected.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:46, on 10/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8356 bytes
Arjun108
Member+
 
Posts: 51
Joined: January 31st, 2009, 4:28 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 62 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware