Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Lag issues,should i worry?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Lag issues,should i worry?

Unread postby kingyem » June 11th, 2009, 5:46 am

Hello & thanx for reading this entry.
A few months back my pc was attacked by a virus & without any idea of what to do,i just reformatted it but since then,there will be some lag issues especially when im playing dota.Hope someone can help me.

Owh,another issue is that there will be times that the ram usage & cpu usage is quite high.

Here is my HJT log:


Logfile of HijackThis v1.99.1
Scan saved at 17:40:30, on 11/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
E:\Games\Warcraft III(Install)\Warcraft Version Switcher\wvs.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Unknown owner - D:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am
Advertisement
Register to Remove

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 5:23 am

Hi kingyem

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

Image

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 5:35 am

3DMark03
7-Zip 4.65
Ad-Aware
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS2
Adobe Reader 8.1.4
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
Advanced SystemCare 3
Apple Software Update
Ares 2.1.1
Ashampoo Burning Studio 2009
ATI - Software Uninstall Utility
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
Avanquest update
Avira AntiVir Personal - Free Antivirus
BlackShot Á¦°Å
Bluesoleil 5.0.5.178
CamStudio
CamStudio Lossless Codec v1.4
Catalyst Control Center - Branding
Choice Guard
CloneDVD Full 3.0.2.5
ConvertHelper 2.2
DEVIL MAY CRY 4
Disc2Phone
Dropbox
FIFA MANAGER 09
Flash CD & DVD Burner
Free 3GP Video Converter by Topviewsoft 2.1.0.5
Free Download Manager 3.0
Game Booster
Game Maker 6.1A
Game Maker 7.0
Garena
Google Chrome
Google Update Helper
GPGNet
Hamachi 1.0.3.0
Hijackthis 1.99.1
HijackThis 1.99.1
Hospital Tycoon
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
K-Lite Codec Pack 4.7.5 (Full)
Lexmark 1200 Series
Light of Altair 1.00
Macromedia Fireworks MX 2004
MadOnion.com/3DMark2001 SE
Magic Video Converter Trial Version (English) 8.0.2.18
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual J# 2.0 Redistributable Package
mIRC
Mobile Partner
Mozilla Firefox (3.0.10)
MSVCRT
MSXML 6.0 Parser (KB933579)
Nimo Codecs Pack v5.0 (Remove Only)
NVIDIA PhysX
OpenAL
Opera 9.64
Prolink PCC5020 camera
QuickSFV (Remove only)
QuickTime
RAMBooster.Net
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI NIC Driver
Replay AV 8
Replay Converter 3
Sandboxie 3.36
Segoe UI
Skype™ 4.0
Smart Defrag 1.11
Sony Ericsson Device Data
Sony Ericsson Drivers
Sony Ericsson Media Manager 1.2
Sony Ericsson PC Suite
Sony Ericsson PC Suite
Sony Ericsson PC Suite 4.010.00
SpeedConnect Internet Accelerator v.7.5
SpeedFan (remove only)
Spybot - Search & Destroy
The KMPlayer (remove only)
Theme Hospital
Update Service
Ventrilo
VirtualCloneDrive
VLC media player 0.9.9
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
WinPcap 4.0
WinRAR archiver
Yahoo! Messenger
YouSendIt Express
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 5:56 am

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Ares 2.1.1
BitTorrent DNA


I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new uninstall log scan when finished and post the log back here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 8:00 am

3DMark03
7-Zip 4.65
Ad-Aware
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS2
Adobe Reader 8.1.4
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
Advanced SystemCare 3
Apple Software Update
Ashampoo Burning Studio 2009
ATI - Software Uninstall Utility
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
Avanquest update
Avira AntiVir Personal - Free Antivirus
BlackShot Á¦°Å
Bluesoleil 5.0.5.178
CamStudio
CamStudio Lossless Codec v1.4
Catalyst Control Center - Branding
Choice Guard
CloneDVD Full 3.0.2.5
ConvertHelper 2.2
DEVIL MAY CRY 4
Disc2Phone
Dropbox
FIFA MANAGER 09
Flash CD & DVD Burner
Free 3GP Video Converter by Topviewsoft 2.1.0.5
Free Download Manager 3.0
Game Booster
Game Maker 6.1A
Game Maker 7.0
Garena
Google Chrome
Google Update Helper
GPGNet
Hamachi 1.0.3.0
Hijackthis 1.99.1
HijackThis 1.99.1
Hospital Tycoon
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
K-Lite Codec Pack 4.7.5 (Full)
Lexmark 1200 Series
Light of Altair 1.00
Macromedia Fireworks MX 2004
MadOnion.com/3DMark2001 SE
Magic Video Converter Trial Version (English) 8.0.2.18
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual J# 2.0 Redistributable Package
mIRC
Mobile Partner
Mozilla Firefox (3.0.10)
MSVCRT
MSXML 6.0 Parser (KB933579)
Nimo Codecs Pack v5.0 (Remove Only)
NVIDIA PhysX
OpenAL
Opera 9.64
Prolink PCC5020 camera
QuickSFV (Remove only)
QuickTime
RAMBooster.Net
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI NIC Driver
Replay AV 8
Replay Converter 3
Sandboxie 3.36
Segoe UI
Skype™ 4.0
Smart Defrag 1.11
Sony Ericsson Device Data
Sony Ericsson Drivers
Sony Ericsson Media Manager 1.2
Sony Ericsson PC Suite
Sony Ericsson PC Suite
Sony Ericsson PC Suite 4.010.00
SpeedConnect Internet Accelerator v.7.5
SpeedFan (remove only)
Spybot - Search & Destroy
The KMPlayer (remove only)
Theme Hospital
Update Service
Ventrilo
VirtualCloneDrive
VLC media player 0.9.9
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
WinPcap 4.0
WinRAR archiver
Yahoo! Messenger
YouSendIt Express
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 8:10 am

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 8:39 am

LOG.TXT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Raja Ibrahim at 2009-06-13 20:38:12
Microsoft Windows XP Professional Service Pack 2
System drive D: has 7 GB (30%) free of 25 GB
Total RAM: 1534 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:38:53, on 13/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
E:\Download\RSIT.exe
D:\Program Files\trend micro\Raja Ibrahim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 8155 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
D:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056]
"VMonitorVmc403"=D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe [2007-04-13 114688]
"BtTray"=D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-03-28 258134]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"lxczbmgr.exe"=D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2007-04-19 74672]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-11 518488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"=D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2009-03-18 4363504]
"MsnMsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"SpeedConnectStartUp"=D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [2009-05-16 603136]
"Advanced SystemCare 3"=D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-04-30 2329936]
"SmartRAM"=D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2009-02-19 202064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MPlayer2_FixUp"=D:\WINDOWS\inf\unregmp2.exe [2004-08-04 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Raja Ibrahim^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
D:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-26 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Garena\Garena.exe"="D:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\Ares\Ares.exe"="D:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"E:\Games\BlackShot\Blackshot\system\BlackShot.exe"="E:\Games\BlackShot\Blackshot\system\BlackShot.exe:*:Enabled:BlackShot"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxczcoms.exe"="D:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System"
"E:\Games\Stardock Games\Demigod\bin\Demigod.exe"="E:\Games\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod"
"D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"E:\Games\DFX2\dfx2.exe"="E:\Games\DFX2\dfx2.exe:*:Enabled:Delta Force Xtreme 2"
"E:\Games\DFX2\UPDATE.EXE"="E:\Games\DFX2\UPDATE.EXE:*:Enabled:Delta Force Xtreme 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00f8924f-421d-11de-8965-001167c8765e}]
shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7209a3bf-25ec-11de-b1ed-001167c8765e}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-06-13 20:38:12 ----D---- D:\rsit
2009-06-13 20:38:12 ----D---- D:\Program Files\trend micro
2009-06-13 17:36:54 ----D---- D:\Documents and Settings\All Users\Application Data\salvation
2009-06-13 17:31:12 ----D---- D:\WINDOWS\LastGood
2009-06-13 16:59:34 ----A---- D:\WINDOWS\uninst.exe
2009-06-12 13:02:48 ----D---- D:\Program Files\DOSBox-0.73
2009-06-11 23:34:33 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\SaintXi
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2009-06-11 23:32:11 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-11 20:48:02 ----D---- D:\Program Files\Easy Message
2009-06-11 20:29:29 ----D---- D:\Program Files\QuickSFV
2009-06-11 19:26:15 ----A---- D:\WINDOWS\system32\lsdelete.exe
2009-06-11 18:58:26 ----HDC---- D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-11 18:58:18 ----D---- D:\Program Files\Lavasoft
2009-06-11 18:58:18 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2009-06-11 17:39:48 ----D---- D:\Program Files\Hijackthis
2009-06-02 19:40:44 ----D---- D:\Program Files\Common Files\Real
2009-06-02 19:40:44 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Real
2009-06-02 19:39:38 ----D---- D:\Program Files\Google
2009-05-27 23:27:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Opera
2009-05-27 23:26:46 ----D---- D:\Program Files\Opera
2009-05-19 11:14:34 ----A---- D:\WINDOWS\AviSplitter.INI
2009-05-16 22:38:57 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\IObit
2009-05-16 22:38:56 ----D---- D:\Program Files\IObit
2009-05-16 19:08:26 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Thinstall
2009-05-16 19:07:35 ----D---- D:\Program Files\CBS Software
2009-05-16 16:34:02 ----D---- D:\Program Files\RAMBooster.Net
2009-05-16 15:25:29 ----D---- D:\Program Files\RegCleaner
2009-05-15 14:39:49 ----D---- D:\Program Files\Avira
2009-05-15 14:39:49 ----D---- D:\Documents and Settings\All Users\Application Data\Avira

======List of files/folders modified in the last 1 months======

2009-06-13 20:38:12 ----RD---- D:\Program Files
2009-06-13 20:37:43 ----D---- D:\WINDOWS\Prefetch
2009-06-13 20:29:27 ----D---- D:\WINDOWS\Temp
2009-06-13 20:27:04 ----HD---- D:\WINDOWS\inf
2009-06-13 20:27:02 ----RSD---- D:\WINDOWS\assembly
2009-06-13 20:26:25 ----D---- D:\WINDOWS\system32\DirectX
2009-06-13 20:23:59 ----HD---- D:\Program Files\InstallShield Installation Information
2009-06-13 20:04:58 ----D---- D:\Program Files\Mozilla Firefox
2009-06-13 20:03:23 ----D---- D:\WINDOWS
2009-06-13 20:01:39 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2009-06-13 17:33:31 ----SHD---- D:\WINDOWS\Installer
2009-06-13 17:33:31 ----D---- D:\WINDOWS\system32
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-13 16:43:17 ----HDC---- D:\Documents and Settings\All Users\Application Data\~0
2009-06-13 16:36:12 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\uTorrent
2009-06-13 16:25:52 ----A---- D:\WINDOWS\system32\LOCALSERVICE.INI
2009-06-13 16:25:52 ----A---- D:\WINDOWS\system32\LOCALDEVICE.INI
2009-06-13 16:25:51 ----A---- D:\WINDOWS\system32\bscs.ini
2009-06-13 16:25:34 ----D---- D:\WINDOWS\system32\CatRoot2
2009-06-13 13:59:49 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-06-13 08:00:04 ----A---- D:\WINDOWS\system32\REMOTEDEVICE.INI
2009-06-13 07:59:53 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Free Download Manager
2009-06-12 21:53:06 ----D---- D:\Program Files\Garena
2009-06-12 11:22:31 ----A---- D:\WINDOWS\Lexstat.ini
2009-06-11 23:30:59 ----D---- D:\WINDOWS\Logs
2009-06-11 19:16:29 ----D---- D:\WINDOWS\system32\drivers
2009-06-11 19:16:25 ----SD---- D:\WINDOWS\Tasks
2009-06-11 19:16:22 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-11 18:12:08 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-11 18:11:45 ----D---- D:\Program Files\Spybot - Search & Destroy
2009-06-10 23:15:46 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Hamachi
2009-06-08 18:56:52 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\mIRC
2009-06-08 18:55:10 ----D---- D:\Program Files\mIRC
2009-06-03 12:27:32 ----D---- D:\Program Files\Common Files
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcr71.dll
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcp71.dll
2009-05-28 00:33:54 ----D---- D:\Program Files\Common Files\Adobe
2009-05-28 00:33:51 ----D---- D:\WINDOWS\WinSxS
2009-05-28 00:33:49 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
2009-05-28 00:33:40 ----D---- D:\Program Files\Adobe
2009-05-27 20:43:17 ----D---- D:\Program Files\SpeedFan
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\MsDtc
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\config
2009-05-17 03:34:20 ----D---- D:\WINDOWS\repair
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Minidump
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Debug
2009-05-17 03:34:20 ----D---- D:\Program Files\K-Lite Codec Pack
2009-05-17 03:34:20 ----D---- D:\Program Files\Dropbox
2009-05-17 03:34:20 ----D---- D:\Program Files\CloneDVD
2009-05-17 03:34:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Ventrilo
2009-05-16 10:33:37 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Dropbox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;1394 ARP Client Protocol; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ElbyDelay;ElbyDelay; D:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-28 25280]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-01-21 118656]
R3 SbieDrv;SbieDrv; \??\D:\Program Files\Sandboxie\SbieDrv.sys []
R3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbvideo;USB Video Device (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 APLMp50;APLMp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 CCDECODE;Closed Caption Decoder; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; D:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-24 101120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2007-01-26 42000]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); D:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); D:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); D:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); D:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); D:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); D:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMC403;Vimicro Camera Service VMC403; D:\WINDOWS\System32\Drivers\VMC403.sys [2007-05-15 238208]
S3 vvftc403;Vimicro Camera Filter Service VMC403; D:\WINDOWS\system32\drivers\vvftc403.sys [2007-05-11 476160]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-26 602112]
R2 BlueSoleilCS;BlueSoleilCS; D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-03-28 1155180]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-11 1005904]
R2 lxcz_device;lxcz_device; D:\WINDOWS\system32\lxczcoms.exe [2007-04-19 537520]
R2 SbieSvc;Sandboxie Service; D:\Program Files\Sandboxie\SbieSvc.exe [2009-04-14 53760]
R3 BsHelpCS;BsHelpCS; D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate1c9e376d4b5b3f6;Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-02 133104]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-30 72704]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Macromedia Licensing Service;Macromedia Licensing Service; D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-30 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Program Files\WinPcap\rpcapd.exe [2007-01-26 93048]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 8:40 am

INFO.TXT

info.txt logfile of random's system information tool 1.06 2009-06-13 20:38:55

======Uninstall list======

-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
3DMark03-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FF35F637-72B9-43BE-A281-06EB2854393A}\Setup.exe" -l0x9
7-Zip 4.65-->"D:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware-->"D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player 11.5-->D:\WINDOWS\system32\Adobe\uninstaller.exe
Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Advanced SystemCare 3-->"D:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo Burning Studio 2009-->"D:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe"
ATI - Software Uninstall Utility-->D:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update-->D:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0009 -removeonly
Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BlackShot Á¦°Å-->"E:\Games\BlackShot\uninstall.exe"
Bluesoleil 5.0.5.178-->MsiExec.exe /X{1E726A53-78E9-47DE-B3D9-4165CBC9ABBF}
CamStudio Lossless Codec v1.4-->"D:\WINDOWS\system32\unins000.exe"
CamStudio-->D:\Program Files\CamStudio\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CloneDVD Full 3.0.2.5-->"D:\Program Files\CloneDVD\unins000.exe"
ConvertHelper 2.2-->"D:\Program Files\ConvertHelper\unins000.exe"
Delta Force Xtreme 2-->"D:\Program Files\InstallShield Installation Information\{193C41B9-1A0F-45E6-8546-41C91C99A5F8}\setup.exe" -runfromtemp -l0x0009 -removeonly
DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
Disc2Phone-->MsiExec.exe /X{C01408FC-117C-44B7-8B0C-17794E526A01}
Dropbox-->"D:\Program Files\Dropbox\Uninstall.exe"
FIFA MANAGER 09-->E:\Games\Fifa09\eauninstall.exe
Flash CD & DVD Burner-->"D:\Program Files\Flash CD & DVD Burner\unins000.exe"
Free 3GP Video Converter by Topviewsoft 2.1.0.5-->"D:\Program Files\Free 3GP Video Converter by Topviewsoft\unins000.exe"
Free Download Manager 3.0-->"D:\Program Files\Free Download Manager\unins000.exe"
Game Booster-->"D:\Program Files\IObit\Game Booster\unins000.exe"
Game Maker 6.1A-->D:\Program Files\Game_Maker6\Uninstal.exe
Game Maker 7.0-->D:\Program Files\Game_Maker7\Uninstal.exe
Garena-->D:\Program Files\Garena\uninst.exe
Google Chrome-->"D:\Program Files\Google\Chrome\Application\2.0.172.31\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Hamachi 1.0.3.0-->D:\Program Files\Hamachi\uninstall.exe
Hijackthis 1.99.1-->"D:\Program Files\Hijackthis\unins000.exe"
HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
Hospital Tycoon-->E:\Games\Hospital Tycoon\uninstall.exe
Hotfix for Windows XP (KB915865)-->"D:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"D:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
K-Lite Codec Pack 4.7.5 (Full)-->"D:\Program Files\K-Lite Codec Pack\unins000.exe"
Lexmark 1200 Series-->D:\Program Files\Lexmark 1200 Series\Install\x86\Uninst.exe
Light of Altair 1.00-->"E:\Games\Light of Altair\unins000.exe"
Macromedia Fireworks MX 2004-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALL
MadOnion.com/3DMark2001 SE-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{91B323B5-A79C-4D23-BD6D-046C565F9BCF}\Setup.exe" -l0x9 uninstall -uninst
Magic Video Converter Trial Version (English) 8.0.2.18-->"D:\Program Files\Magic Video Converter\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs-->"D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"D:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"D:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual J# 2.0 Redistributable Package-->D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
mIRC-->D:\Program Files\mIRC\uninstall.exe _?=D:\Program Files\mIRC
Mobile Partner-->D:\Program Files\Mobile Partner\uninst.exe
Mozilla Firefox (3.0.10)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nimo Codecs Pack v5.0 (Remove Only)-->"D:\Program Files\NimoCodec Pack\uninstall.exe"
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL-->"D:\Program Files\OpenAL\oalinst.exe" /U
Opera 9.64-->MsiExec.exe /X{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}
Prolink PCC5020 camera-->D:\Program Files\InstallShield Installation Information\{71A51A91-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickSFV (Remove only)-->D:\Program Files\QuickSFV\QSFVUNST.EXE D:\Program Files\QuickSFV\
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RAMBooster.Net-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E20C5E13-DE01-4938-A776-E7563FDA86B4}\setup.exe"
Realtek AC'97 Audio-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-->D:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -removeonly
Replay AV 8-->D:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\uninstallRAV8.ini"
Replay Converter 3-->"D:\WINDOWS\Replay Converter 3\uninstall.exe" "/U:D:\Program Files\Replay Converter 3\Uninstall\ReplayConverrter3Uninstall.xml"
Sandboxie 3.36-->"D:\WINDOWS\Installer\SandboxieInstall.exe" /remove
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Smart Defrag 1.11-->"D:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{9EB1504E-FD95-4BCD-8E93-B4039F59C469}
Sony Ericsson PC Suite 4.010.00-->D:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x0009 -removeonly
Sony Ericsson PC Suite-->D:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{D59AC9E9-FFAE-471B-B1FF-4B311D23417A}
SpeedConnect Internet Accelerator v.7.5-->"D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\unins000.exe"
SpeedFan (remove only)-->"D:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"D:\Program Files\The KMPlayer\uninstall.exe"
Theme Hospital-->D:\WINDOWS\uninst.exe -fe:\games\TH\DeIsL1.isu
Update Service-->D:\Program Files\Sony Ericsson\Update Service\uninst.exe
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VirtualCloneDrive-->"D:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="D:\Program Files\Elaborate Bytes\VirtualCloneDrive"
VLC media player 0.9.9-->D:\Program Files\VideoLAN\VLC\uninstall.exe
Warfare-->"E:\Games\Warfare\unins000.exe"
Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"D:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->D:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPcap 4.0-->D:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->D:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger-->D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
YouSendIt Express-->D:\Program Files\InstallShield Installation Information\{1193600A-134F-40F9-9F71-FEF54C93C629}\setup.exe -runfromtemp -l0x0409

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6092
Source Name: MRxSmb
Time Written: 20090518173535.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6089
Source Name: MRxSmb
Time Written: 20090518163137.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6040
Source Name: MRxSmb
Time Written: 20090518013651.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6039
Source Name: MRxSmb
Time Written: 20090518000058.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6038
Source Name: MRxSmb
Time Written: 20090517224859.000000+480
Event Type: error
User:

=====Application event log=====

Computer Name: YEM
Event Code: 1517
Message: Windows saved user YEM\Raja Ibrahim registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 3305
Source Name: Userenv
Time Written: 20090611010536.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 1517
Message: Windows saved user YEM\Raja Ibrahim registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 3291
Source Name: Userenv
Time Written: 20090610082320.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 1517
Message: Windows saved user YEM\Raja Ibrahim registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 3268
Source Name: Userenv
Time Written: 20090610010912.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 1517
Message: Windows saved user YEM\Raja Ibrahim registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 3256
Source Name: Userenv
Time Written: 20090610002938.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 4113
Message: AntiVir has detected 'DR/Monder.436224'
in the file
C:\System Volume Information\_restore{510380E8-7669-4B0A-9F4F-FEDC5A1F3148}\RP96\A0016343.exe

Record Number: 3255
Source Name: Avira AntiVir
Time Written: 20090609230145.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=D:\WINDOWS\system32;D:\WINDOWS;D:\WINDOWS\System32\Wbem;D:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Program Files\QuickTime\QTSystem\;D:\Program Files\Common Files\Teleca Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;D:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=D:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 9:19 am

  • Please download Flash_Disinfector and save it to your desktop.
  • Double click to run it. (If you are using Vista, right-click it and choose Run As Administrator).
  • You will be prompted to plug in your flash drive. Plug it in.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Post back a fresh rsit log afterwards, please.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 9:46 am

i tried to use the software but my adaware says that it is a worm?should i?

-i used the software anyway cause i believe in you :D lol..
Last edited by kingyem on June 13th, 2009, 9:55 am, edited 1 time in total.
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 9:51 am

LOG.TEXT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Raja Ibrahim at 2009-06-13 21:51:10
Microsoft Windows XP Professional Service Pack 2
System drive D: has 7 GB (30%) free of 25 GB
Total RAM: 1534 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:51:17, on 13/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\WINDOWS\explorer.exe
E:\Download\RSIT.exe
D:\Program Files\trend micro\Raja Ibrahim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 8104 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
D:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056]
"VMonitorVmc403"=D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe [2007-04-13 114688]
"BtTray"=D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-03-28 258134]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"lxczbmgr.exe"=D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2007-04-19 74672]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-11 518488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"=D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2009-03-18 4363504]
"MsnMsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"SpeedConnectStartUp"=D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [2009-05-16 603136]
"Advanced SystemCare 3"=D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-04-30 2329936]
"SmartRAM"=D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2009-02-19 202064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MPlayer2_FixUp"=D:\WINDOWS\inf\unregmp2.exe [2004-08-04 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Raja Ibrahim^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
D:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-26 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Garena\Garena.exe"="D:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\Ares\Ares.exe"="D:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"E:\Games\BlackShot\Blackshot\system\BlackShot.exe"="E:\Games\BlackShot\Blackshot\system\BlackShot.exe:*:Enabled:BlackShot"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxczcoms.exe"="D:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System"
"E:\Games\Stardock Games\Demigod\bin\Demigod.exe"="E:\Games\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod"
"D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"E:\Games\DFX2\dfx2.exe"="E:\Games\DFX2\dfx2.exe:*:Enabled:Delta Force Xtreme 2"
"E:\Games\DFX2\UPDATE.EXE"="E:\Games\DFX2\UPDATE.EXE:*:Enabled:Delta Force Xtreme 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00f8924f-421d-11de-8965-001167c8765e}]
shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7209a3bf-25ec-11de-b1ed-001167c8765e}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-06-13 21:50:15 ----RASHD---- D:\autorun.inf
2009-06-13 20:38:12 ----D---- D:\rsit
2009-06-13 20:38:12 ----D---- D:\Program Files\trend micro
2009-06-13 17:36:54 ----D---- D:\Documents and Settings\All Users\Application Data\salvation
2009-06-13 17:31:12 ----D---- D:\WINDOWS\LastGood
2009-06-13 16:59:34 ----A---- D:\WINDOWS\uninst.exe
2009-06-12 13:02:48 ----D---- D:\Program Files\DOSBox-0.73
2009-06-11 23:34:33 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\SaintXi
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2009-06-11 23:32:11 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-11 20:48:02 ----D---- D:\Program Files\Easy Message
2009-06-11 20:29:29 ----D---- D:\Program Files\QuickSFV
2009-06-11 19:26:15 ----A---- D:\WINDOWS\system32\lsdelete.exe
2009-06-11 18:58:26 ----HDC---- D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-11 18:58:18 ----D---- D:\Program Files\Lavasoft
2009-06-11 18:58:18 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2009-06-11 17:39:48 ----D---- D:\Program Files\Hijackthis
2009-06-02 19:40:44 ----D---- D:\Program Files\Common Files\Real
2009-06-02 19:40:44 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Real
2009-06-02 19:39:38 ----D---- D:\Program Files\Google
2009-05-27 23:27:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Opera
2009-05-27 23:26:46 ----D---- D:\Program Files\Opera
2009-05-19 11:14:34 ----A---- D:\WINDOWS\AviSplitter.INI
2009-05-16 22:38:57 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\IObit
2009-05-16 22:38:56 ----D---- D:\Program Files\IObit
2009-05-16 19:08:26 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Thinstall
2009-05-16 19:07:35 ----D---- D:\Program Files\CBS Software
2009-05-16 16:34:02 ----D---- D:\Program Files\RAMBooster.Net
2009-05-16 15:25:29 ----D---- D:\Program Files\RegCleaner
2009-05-15 14:39:49 ----D---- D:\Program Files\Avira
2009-05-15 14:39:49 ----D---- D:\Documents and Settings\All Users\Application Data\Avira

======List of files/folders modified in the last 1 months======

2009-06-13 21:50:53 ----D---- D:\WINDOWS\Prefetch
2009-06-13 21:50:43 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Free Download Manager
2009-06-13 21:50:24 ----D---- D:\WINDOWS\Temp
2009-06-13 21:40:44 ----D---- D:\Program Files\Mozilla Firefox
2009-06-13 20:49:06 ----D---- D:\Program Files\Garena
2009-06-13 20:38:12 ----RD---- D:\Program Files
2009-06-13 20:27:04 ----HD---- D:\WINDOWS\inf
2009-06-13 20:27:02 ----RSD---- D:\WINDOWS\assembly
2009-06-13 20:26:25 ----D---- D:\WINDOWS\system32\DirectX
2009-06-13 20:23:59 ----HD---- D:\Program Files\InstallShield Installation Information
2009-06-13 20:03:23 ----D---- D:\WINDOWS
2009-06-13 20:01:39 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2009-06-13 17:33:31 ----SHD---- D:\WINDOWS\Installer
2009-06-13 17:33:31 ----D---- D:\WINDOWS\system32
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-13 16:43:17 ----HDC---- D:\Documents and Settings\All Users\Application Data\~0
2009-06-13 16:36:12 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\uTorrent
2009-06-13 16:25:52 ----A---- D:\WINDOWS\system32\LOCALSERVICE.INI
2009-06-13 16:25:52 ----A---- D:\WINDOWS\system32\LOCALDEVICE.INI
2009-06-13 16:25:51 ----A---- D:\WINDOWS\system32\bscs.ini
2009-06-13 16:25:34 ----D---- D:\WINDOWS\system32\CatRoot2
2009-06-13 13:59:49 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-06-13 08:00:04 ----A---- D:\WINDOWS\system32\REMOTEDEVICE.INI
2009-06-12 11:22:31 ----A---- D:\WINDOWS\Lexstat.ini
2009-06-11 23:30:59 ----D---- D:\WINDOWS\Logs
2009-06-11 19:16:29 ----D---- D:\WINDOWS\system32\drivers
2009-06-11 19:16:25 ----SD---- D:\WINDOWS\Tasks
2009-06-11 19:16:22 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-11 18:12:08 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-11 18:11:45 ----D---- D:\Program Files\Spybot - Search & Destroy
2009-06-10 23:15:46 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Hamachi
2009-06-08 18:56:52 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\mIRC
2009-06-08 18:55:10 ----D---- D:\Program Files\mIRC
2009-06-03 12:27:32 ----D---- D:\Program Files\Common Files
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcr71.dll
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcp71.dll
2009-05-28 00:33:54 ----D---- D:\Program Files\Common Files\Adobe
2009-05-28 00:33:51 ----D---- D:\WINDOWS\WinSxS
2009-05-28 00:33:49 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
2009-05-28 00:33:40 ----D---- D:\Program Files\Adobe
2009-05-27 20:43:17 ----D---- D:\Program Files\SpeedFan
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\MsDtc
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\config
2009-05-17 03:34:20 ----D---- D:\WINDOWS\repair
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Minidump
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Debug
2009-05-17 03:34:20 ----D---- D:\Program Files\K-Lite Codec Pack
2009-05-17 03:34:20 ----D---- D:\Program Files\Dropbox
2009-05-17 03:34:20 ----D---- D:\Program Files\CloneDVD
2009-05-17 03:34:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Ventrilo
2009-05-16 10:33:37 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Dropbox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;1394 ARP Client Protocol; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ElbyDelay;ElbyDelay; D:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-28 25280]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-01-21 118656]
R3 SbieDrv;SbieDrv; \??\D:\Program Files\Sandboxie\SbieDrv.sys []
R3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbvideo;USB Video Device (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 APLMp50;APLMp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 CCDECODE;Closed Caption Decoder; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; D:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-24 101120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2007-01-26 42000]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); D:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); D:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); D:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); D:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); D:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); D:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMC403;Vimicro Camera Service VMC403; D:\WINDOWS\System32\Drivers\VMC403.sys [2007-05-15 238208]
S3 vvftc403;Vimicro Camera Filter Service VMC403; D:\WINDOWS\system32\drivers\vvftc403.sys [2007-05-11 476160]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-26 602112]
R2 BlueSoleilCS;BlueSoleilCS; D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-03-28 1155180]
R2 lxcz_device;lxcz_device; D:\WINDOWS\system32\lxczcoms.exe [2007-04-19 537520]
R2 SbieSvc;Sandboxie Service; D:\Program Files\Sandboxie\SbieSvc.exe [2009-04-14 53760]
R3 BsHelpCS;BsHelpCS; D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate1c9e376d4b5b3f6;Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-02 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-11 1005904]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-30 72704]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Macromedia Licensing Service;Macromedia Licensing Service; D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-30 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Program Files\WinPcap\rpcapd.exe [2007-01-26 93048]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 9:53 am

but there is no info.txt,is this normal?
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 10:00 am

Yes it is normal upon second run of rsit.

  • Please use the following link to download ERUNT
  • Use the setup program to install ERUNT on your computer
Click Erunt.exe to backup your registry to the folder of your choice.

Note:to restore your registry, go to the folder and start ERDNT.exe

Download OTMoveIt by Old Timer and save it to your Desktop.
  • Double-click OTM.exe. (Vista users, please right click on OTM.exe and select "Run as an Administrator")
  • Copy the lines in the codebox below.
Code: Select all
:files
D:\Program Files\Ares
D:\Program Files\uTorrent
D:\Documents and Settings\Raja Ibrahim\Application Data\uTorrent

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Ares\Ares.exe"=-
"D:\Program Files\uTorrent\uTorrent.exe"=-

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00f8924f-421d-11de-8965-001167c8765e}]

  • Return to OTMoveIt, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar), and paste it in your next reply.
  • Close OTMoveIt
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Post:

- otmoveit3 log
- a fresh rsit log
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 10:07 am

otmoveit3 log

========== FILES ==========
File/Folder D:\Program Files\Ares not found.
D:\Program Files\uTorrent moved successfully.
D:\Documents and Settings\Raja Ibrahim\Application Data\uTorrent moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\D:\Program Files\Ares\Ares.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\D:\Program Files\uTorrent\uTorrent.exe deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00f8924f-421d-11de-8965-001167c8765e}\\ deleted successfully.

OTM by OldTimer - Version 2.1.0.1 log created on 06132009_220514
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 10:08 am

LOG.TEXT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Raja Ibrahim at 2009-06-13 22:06:32
Microsoft Windows XP Professional Service Pack 2
System drive D: has 7 GB (30%) free of 25 GB
Total RAM: 1534 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:45, on 13/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
E:\Download\RSIT.exe
D:\Program Files\trend micro\Raja Ibrahim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - Startup: ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 8140 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
D:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056]
"VMonitorVmc403"=D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe [2007-04-13 114688]
"BtTray"=D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-03-28 258134]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"lxczbmgr.exe"=D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2007-04-19 74672]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-11 518488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"=D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2009-03-18 4363504]
"MsnMsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"SpeedConnectStartUp"=D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [2009-05-16 603136]
"Advanced SystemCare 3"=D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-04-30 2329936]
"SmartRAM"=D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2009-02-19 202064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MPlayer2_FixUp"=D:\WINDOWS\inf\unregmp2.exe [2004-08-04 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Raja Ibrahim^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
D:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

D:\Documents and Settings\Raja Ibrahim\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - D:\Program Files\ERUNT\AUTOBACK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-26 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Garena\Garena.exe"="D:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"E:\Games\BlackShot\Blackshot\system\BlackShot.exe"="E:\Games\BlackShot\Blackshot\system\BlackShot.exe:*:Enabled:BlackShot"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxczcoms.exe"="D:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System"
"E:\Games\Stardock Games\Demigod\bin\Demigod.exe"="E:\Games\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod"
"D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"E:\Games\DFX2\dfx2.exe"="E:\Games\DFX2\dfx2.exe:*:Enabled:Delta Force Xtreme 2"
"E:\Games\DFX2\UPDATE.EXE"="E:\Games\DFX2\UPDATE.EXE:*:Enabled:Delta Force Xtreme 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7209a3bf-25ec-11de-b1ed-001167c8765e}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-06-13 22:03:26 ----D---- D:\Program Files\ERUNT
2009-06-13 21:50:15 ----RASHD---- D:\autorun.inf
2009-06-13 20:38:12 ----D---- D:\rsit
2009-06-13 20:38:12 ----D---- D:\Program Files\trend micro
2009-06-13 17:36:54 ----D---- D:\Documents and Settings\All Users\Application Data\salvation
2009-06-13 16:59:34 ----A---- D:\WINDOWS\uninst.exe
2009-06-12 13:02:48 ----D---- D:\Program Files\DOSBox-0.73
2009-06-11 23:34:33 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\SaintXi
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2009-06-11 23:32:11 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-11 20:48:02 ----D---- D:\Program Files\Easy Message
2009-06-11 20:29:29 ----D---- D:\Program Files\QuickSFV
2009-06-11 19:26:15 ----A---- D:\WINDOWS\system32\lsdelete.exe
2009-06-11 18:58:26 ----HDC---- D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-11 18:58:18 ----D---- D:\Program Files\Lavasoft
2009-06-11 18:58:18 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2009-06-11 17:39:48 ----D---- D:\Program Files\Hijackthis
2009-06-02 19:40:44 ----D---- D:\Program Files\Common Files\Real
2009-06-02 19:40:44 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Real
2009-06-02 19:39:38 ----D---- D:\Program Files\Google
2009-05-27 23:27:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Opera
2009-05-27 23:26:46 ----D---- D:\Program Files\Opera
2009-05-19 11:14:34 ----A---- D:\WINDOWS\AviSplitter.INI
2009-05-16 22:38:57 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\IObit
2009-05-16 22:38:56 ----D---- D:\Program Files\IObit
2009-05-16 19:08:26 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Thinstall
2009-05-16 19:07:35 ----D---- D:\Program Files\CBS Software
2009-05-16 16:34:02 ----D---- D:\Program Files\RAMBooster.Net
2009-05-16 15:25:29 ----D---- D:\Program Files\RegCleaner
2009-05-15 14:39:49 ----D---- D:\Program Files\Avira
2009-05-15 14:39:49 ----D---- D:\Documents and Settings\All Users\Application Data\Avira

======List of files/folders modified in the last 1 months======

2009-06-13 22:06:21 ----D---- D:\WINDOWS\Prefetch
2009-06-13 22:05:14 ----RD---- D:\Program Files
2009-06-13 21:59:45 ----D---- D:\Program Files\Mozilla Firefox
2009-06-13 21:58:32 ----D---- D:\WINDOWS\Temp
2009-06-13 21:58:32 ----A---- D:\WINDOWS\system32\LOCALSERVICE.INI
2009-06-13 21:58:32 ----A---- D:\WINDOWS\system32\LOCALDEVICE.INI
2009-06-13 21:58:31 ----A---- D:\WINDOWS\system32\bscs.ini
2009-06-13 21:58:15 ----D---- D:\WINDOWS\system32\CatRoot2
2009-06-13 21:58:10 ----D---- D:\WINDOWS
2009-06-13 21:56:43 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-06-13 21:56:30 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Free Download Manager
2009-06-13 20:49:06 ----D---- D:\Program Files\Garena
2009-06-13 20:27:06 ----D---- D:\WINDOWS\system32\DirectX
2009-06-13 20:27:04 ----HD---- D:\WINDOWS\inf
2009-06-13 20:27:02 ----RSD---- D:\WINDOWS\assembly
2009-06-13 20:23:59 ----HD---- D:\Program Files\InstallShield Installation Information
2009-06-13 20:01:39 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2009-06-13 17:33:31 ----SHD---- D:\WINDOWS\Installer
2009-06-13 17:33:31 ----D---- D:\WINDOWS\system32
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-13 08:00:04 ----A---- D:\WINDOWS\system32\REMOTEDEVICE.INI
2009-06-12 11:22:31 ----A---- D:\WINDOWS\Lexstat.ini
2009-06-11 23:30:59 ----D---- D:\WINDOWS\Logs
2009-06-11 19:16:29 ----D---- D:\WINDOWS\system32\drivers
2009-06-11 19:16:25 ----SD---- D:\WINDOWS\Tasks
2009-06-11 19:16:22 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-11 18:12:08 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-11 18:11:45 ----D---- D:\Program Files\Spybot - Search & Destroy
2009-06-10 23:15:46 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Hamachi
2009-06-08 18:56:52 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\mIRC
2009-06-08 18:55:10 ----D---- D:\Program Files\mIRC
2009-06-03 12:27:32 ----D---- D:\Program Files\Common Files
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcr71.dll
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcp71.dll
2009-05-28 00:33:54 ----D---- D:\Program Files\Common Files\Adobe
2009-05-28 00:33:51 ----D---- D:\WINDOWS\WinSxS
2009-05-28 00:33:49 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
2009-05-28 00:33:40 ----D---- D:\Program Files\Adobe
2009-05-27 20:43:17 ----D---- D:\Program Files\SpeedFan
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\MsDtc
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\config
2009-05-17 03:34:20 ----D---- D:\WINDOWS\repair
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Minidump
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Debug
2009-05-17 03:34:20 ----D---- D:\Program Files\K-Lite Codec Pack
2009-05-17 03:34:20 ----D---- D:\Program Files\Dropbox
2009-05-17 03:34:20 ----D---- D:\Program Files\CloneDVD
2009-05-17 03:34:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Ventrilo
2009-05-16 10:33:37 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Dropbox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;1394 ARP Client Protocol; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ElbyDelay;ElbyDelay; D:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-28 25280]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-01-21 118656]
R3 SbieDrv;SbieDrv; \??\D:\Program Files\Sandboxie\SbieDrv.sys []
R3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbvideo;USB Video Device (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 APLMp50;APLMp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 CCDECODE;Closed Caption Decoder; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; D:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-24 101120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2007-01-26 42000]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); D:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); D:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); D:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); D:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); D:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); D:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMC403;Vimicro Camera Service VMC403; D:\WINDOWS\System32\Drivers\VMC403.sys [2007-05-15 238208]
S3 vvftc403;Vimicro Camera Filter Service VMC403; D:\WINDOWS\system32\drivers\vvftc403.sys [2007-05-11 476160]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-26 602112]
R2 BlueSoleilCS;BlueSoleilCS; D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-03-28 1155180]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-11 1005904]
R2 lxcz_device;lxcz_device; D:\WINDOWS\system32\lxczcoms.exe [2007-04-19 537520]
R2 SbieSvc;Sandboxie Service; D:\Program Files\Sandboxie\SbieSvc.exe [2009-04-14 53760]
R3 BsHelpCS;BsHelpCS; D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate1c9e376d4b5b3f6;Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-02 133104]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-30 72704]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Macromedia Licensing Service;Macromedia Licensing Service; D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-30 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Program Files\WinPcap\rpcapd.exe [2007-01-26 93048]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 14 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware