Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

bsod, slow, crash, redirects, virus...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: bsod, slow, crash, redirects, virus...

Unread postby ronn79 » January 6th, 2010, 5:06 pm

I hope i'm not just wasting your time with this


Malwarebytes' Anti-Malware 1.43
Database version: 3499
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/6/2010 1:00:30 PM
mbam-log-2010-01-06 (13-00-30).txt

Scan type: Quick Scan
Objects scanned: 122074
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
ronn79
Active Member
 
Posts: 11
Joined: December 27th, 2009, 5:38 pm
Advertisement
Register to Remove

Re: bsod, slow, crash, redirects, virus...

Unread postby km2357 » January 7th, 2010, 12:45 am

I hope i'm not just wasting your time with this


You're not. :)


Step # 1: Run Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply.


In your next post/reply, I need to see the following:

1. Kaspersky Log
2. A fresh RSIT Log
3. How is your computer doing, any problems?
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: bsod, slow, crash, redirects, virus...

Unread postby ronn79 » January 7th, 2010, 5:35 pm

Everything appears to be running normal

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, January 7, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, January 07, 2010 08:12:19
Records in database: 3329155
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 172571
Threats found: 1
Infected objects found: 1
Suspicious objects found: 0
Scan duration: 03:14:58


File name / Threat / Threats count
F:\UTILS\daemon403-x86.exe Infected: not-a-virus:WebToolbar.Win32.WhenU.a 1

Selected area has been scanned.




Logfile of random's system information tool 1.06 (written by random/random)
Run by Ronnie at 2010-01-07 13:31:41
Microsoft Windows XP Professional Service Pack 3
System drive F: has 126 GB (53%) free of 238 GB
Total RAM: 3071 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:32:18 PM, on 1/7/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\brss01a.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\WINDOWS\system32\Brmfrmps.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\WINDOWS\System32\svchost.exe
F:\PROGRA~1\AVG\AVG8\avgemc.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgcsrvx.exe
F:\WINDOWS\System32\nvraidservice.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\ASUS\Ai Booster\OverClk.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
F:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Windows Media Player\WMPNSCFG.exe
F:\Program Files\Logitech\SetPoint\SetPoint.exe
F:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
F:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
F:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
F:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
F:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
F:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
F:\Program Files\iPod\bin\iPodService.exe
F:\WINDOWS\explorer.exe
F:\Program Files\Windows Live\Mail\wlmail.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\WINDOWS\system32\ctfmon.exe
F:\PROGRA~1\AVG\AVG8\avgnsx.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Java\jre6\bin\java.exe
F:\Documents and Settings\Ronnie\Desktop\RSIT.exe
F:\Program Files\Trend Micro\HijackThis\Ronnie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/home_page.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NVRaidService] F:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NVIDIA nTune] "F:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Launch Ai Booster] "F:\Program Files\ASUS\Ai Booster\OverClk.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SetDefPrt] "F:\Program Files\Brother\Brmfl04a\BrStDvPt.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "F:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IndexSearch] "F:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "F:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] F:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [WMPNSCFG] F:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ieSpell Options - res://F:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://F:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://F:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://F:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - F:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - F:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - F:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - F:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Justin.tv Publisher - http://www.justin.tv/plugins/justintv_publisher.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-24-0.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8300.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2754912650
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0860175015
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ection.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by105fd.bay105.hotmail.msn.com/a ... Atchmt.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - F:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - F:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - F:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - F:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - F:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - F:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - F:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 13831 bytes

======Scheduled tasks folder======

F:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - F:\Program Files\AVG\AVG8\avgssie.dll [2009-12-17 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - F:\Program Files\Java\jre6\bin\ssv.dll [2009-12-26 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-26 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-26 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"=F:\WINDOWS\System32\nvraidservice.exe [2005-01-16 84480]
"NVIDIA nTune"=F:\Program Files\NVIDIA Corporation\nTune\\nTune.exe [2004-12-06 532480]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Launch Ai Booster"=F:\Program Files\ASUS\Ai Booster\OverClk.exe [2005-06-16 3627520]
"SoundMan"=F:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"SetDefPrt"=F:\Program Files\Brother\Brmfl04a\BrStDvPt.exe [2004-05-25 49152]
"PaperPort PTD"=F:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-04-14 57393]
"NeroFilterCheck"=F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"IndexSearch"=F:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-04-14 40960]
"AVG8_TRAY"=F:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-17 2043160]
"Logitech Hardware Abstraction Layer"=F:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
"Kernel and Hardware Abstraction Layer"=F:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
"ZoneAlarm Client"=F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-15 981384]
"Launch LgDeviceAgent"=F:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-08-13 357384]
"Launch LCDMon"=F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2009-08-13 1573384]
"Launch LGDCore"=F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-08-13 3161608]
"NvCplDaemon"=F:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"NvMediaCenter"=F:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"SunJavaUpdateSched"=F:\Program Files\Java\jre6\bin\jusched.exe [2009-12-26 149280]
"QuickTime Task"=F:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"iTunesHelper"=F:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=F:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-30 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=F:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
F:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
F:\Program Files\RivaTuner v2.22\RivaTuner.exe [2008-12-29 2732032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
F:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
F:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2009-04-02 25214]

F:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech SetPoint.lnk - F:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
F:\WINDOWS\system32\avgrsstx.dll [2009-08-24 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
f:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-11-07 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
F:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"F:\Program Files\Skype\Phone\Skype.exe"="F:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Program Files\AVG\AVG8\avgupd.exe"="F:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"F:\Program Files\AVG\AVG8\avgemc.exe"="F:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Program Files\Curse\CurseClient.exe"="F:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"F:\Program Files\Windows Live\Messenger\wlcsdk.exe"="F:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"F:\Program Files\Windows Live\Messenger\msnmsgr.exe"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"F:\Program Files\AVG\AVG8\avgnsx.exe"="F:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"F:\Program Files\Ventrilo\Ventrilo.exe"="F:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"F:\Program Files\Bonjour\mDNSResponder.exe"="F:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"F:\Program Files\iTunes\iTunes.exe"="F:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Program Files\Windows Live\Messenger\wlcsdk.exe"="F:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"F:\Program Files\Windows Live\Messenger\msnmsgr.exe"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.scr - open - "F:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-07 13:31:41 ----D---- F:\rsit
2010-01-04 23:05:50 ----SHD---- F:\RECYCLER
2010-01-04 01:21:31 ----A---- F:\Boot.bak
2010-01-04 01:21:24 ----RASHD---- F:\cmdcons
2010-01-03 21:14:29 ----D---- F:\Qoobox
2009-12-29 04:13:38 ----D---- F:\$AVG8.VAULT$
2009-12-28 13:41:37 ----A---- F:\WINDOWS\MBR.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\zip.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\SWXCACLS.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\SWSC.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\SWREG.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\sed.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\PEV.exe
2009-12-28 13:41:36 ----A---- F:\WINDOWS\grep.exe
2009-12-28 01:01:39 ----D---- F:\Program Files\iPod
2009-12-28 01:01:36 ----D---- F:\Program Files\iTunes
2009-12-28 00:59:51 ----D---- F:\Program Files\QuickTime
2009-12-26 00:18:29 ----D---- F:\Documents and Settings\Ronnie\Application Data\Malwarebytes
2009-12-26 00:18:20 ----D---- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-26 00:18:18 ----D---- F:\Program Files\Malwarebytes' Anti-Malware
2009-12-24 16:51:56 ----A---- F:\WINDOWS\system32\tmp.txt
2009-12-24 12:49:24 ----A---- F:\WINDOWS\wininit.ini
2009-12-23 14:23:54 ----D---- F:\Program Files\Trend Micro
2009-12-16 16:35:51 ----D---- F:\Program Files\DIFX
2009-12-09 03:05:10 ----HDC---- F:\WINDOWS\$NtUninstallKB970430$
2009-12-09 03:04:52 ----HDC---- F:\WINDOWS\$NtUninstallKB974318$
2009-12-09 03:03:59 ----HDC---- F:\WINDOWS\$NtUninstallKB973904$
2009-12-09 03:03:54 ----HDC---- F:\WINDOWS\$NtUninstallKB974392$
2009-12-09 03:03:46 ----HDC---- F:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-07 13:31:58 ----D---- F:\WINDOWS\Prefetch
2010-01-07 08:27:05 ----D---- F:\WINDOWS\TEMP
2010-01-07 00:10:12 ----D---- F:\Program Files\Mozilla Firefox
2010-01-06 14:31:54 ----D---- F:\WINDOWS\Internet Logs
2010-01-06 00:31:28 ----D---- F:\WINDOWS\system32\drivers
2010-01-04 23:04:03 ----D---- F:\WINDOWS\system32\CatRoot2
2010-01-04 22:52:17 ----D---- F:\WINDOWS
2010-01-04 22:52:17 ----A---- F:\WINDOWS\system.ini
2010-01-04 22:45:44 ----D---- F:\Program Files
2010-01-04 22:43:22 ----D---- F:\WINDOWS\system32
2010-01-04 22:43:22 ----D---- F:\WINDOWS\AppPatch
2010-01-04 22:43:21 ----D---- F:\Program Files\Common Files
2010-01-04 22:36:32 ----A---- F:\WINDOWS\SchedLgU.Txt
2010-01-04 01:32:06 ----SD---- F:\WINDOWS\Tasks
2010-01-04 01:21:31 ----RASH---- F:\boot.ini
2009-12-28 15:00:15 ----D---- F:\WINDOWS\network diagnostic
2009-12-28 14:56:05 ----D---- F:\Documents and Settings
2009-12-28 14:20:35 ----D---- F:\WINDOWS\erdnt
2009-12-28 14:03:58 ----D---- F:\WINDOWS\system32\config
2009-12-28 01:05:08 ----SHD---- F:\WINDOWS\Installer
2009-12-28 01:01:38 ----D---- F:\Program Files\Common Files\Apple
2009-12-28 00:58:15 ----D---- F:\WINDOWS\WinSxS
2009-12-27 00:34:29 ----D---- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-26 00:55:40 ----D---- F:\Program Files\Java
2009-12-26 00:50:35 ----A---- F:\WINDOWS\system32\javaws.exe
2009-12-26 00:50:35 ----A---- F:\WINDOWS\system32\javaw.exe
2009-12-26 00:50:35 ----A---- F:\WINDOWS\system32\java.exe
2009-12-26 00:50:35 ----A---- F:\WINDOWS\system32\deploytk.dll
2009-12-26 00:03:52 ----A---- F:\WINDOWS\win.ini
2009-12-25 23:50:12 ----D---- F:\WINDOWS\pss
2009-12-24 00:45:36 ----A---- F:\WINDOWS\ntbtlog.txt
2009-12-23 19:13:54 ----D---- F:\WINDOWS\Minidump
2009-12-23 18:39:25 ----D---- F:\Program Files\Spybot - Search & Destroy
2009-12-18 22:13:35 ----D---- F:\Program Files\World of Warcraft
2009-12-17 14:18:59 ----D---- F:\Documents and Settings\All Users\Application Data\avg8
2009-12-17 13:21:10 ----D---- F:\Documents and Settings\Ronnie\Application Data\U3
2009-12-17 13:15:20 ----D---- F:\WINDOWS\system32\Macromed
2009-12-17 12:54:36 ----D---- F:\WINDOWS\Registration
2009-12-17 00:46:46 ----SHD---- F:\WINDOWS\CSC
2009-12-17 00:23:14 ----HD---- F:\Program Files\InstallShield Installation Information
2009-12-16 23:51:34 ----DC---- F:\WINDOWS\system32\DRVSTORE
2009-12-16 23:12:51 ----HD---- F:\WINDOWS\inf
2009-12-14 22:56:26 ----RSHDC---- F:\WINDOWS\system32\dllcache
2009-12-14 22:56:20 ----D---- F:\Program Files\Internet Explorer
2009-12-09 03:26:21 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 03:04:54 ----A---- F:\WINDOWS\imsins.BAK
2009-12-09 03:04:13 ----D---- F:\WINDOWS\ie8updates
2009-12-09 03:04:03 ----HD---- F:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; F:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 AsIO;AsIO; F:\WINDOWS\system32\drivers\AsIO.sys [2004-10-14 4962]
R1 aslm75;aslm75; \??\F:\WINDOWS\system32\drivers\aslm75.sys []
R1 AvgLdx86;AVG AVI Loader Driver x86; F:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-24 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; F:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-24 27784]
R1 AvgTdiX;AVG8 Network Redirector; F:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-18 108552]
R1 kbdhid;Keyboard HID Driver; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 vsdatant;vsdatant; F:\WINDOWS\System32\vsdatant.sys [2009-02-15 353672]
R2 ElbyCDIO;ElbyCDIO Driver; F:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); F:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 AnyDVD;AnyDVD; F:\WINDOWS\System32\Drivers\AnyDVD.sys [2003-09-29 22912]
R3 Arp1394;1394 ARP Client Protocol; F:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BlueletAudio;Bluetooth Audio Service; F:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; F:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; F:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
R3 catchme;catchme; \??\F:\ComboFix\catchme.sys []
R3 dtscsi;dtscsi; F:\WINDOWS\System32\Drivers\dtscsi.sys [2006-03-19 223128]
R3 ElbyDelay;ElbyDelay; F:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; F:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Microsoft HID Class Driver; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; F:\WINDOWS\system32\drivers\LGBusEnum.sys [2009-07-14 19720]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; F:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 mouhid;Mouse HID Driver; F:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; F:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; F:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 NIC1394;1394 Net Driver; F:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; F:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-11-20 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; F:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; F:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 pfc;Padus ASPI Shell; F:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; F:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 usbccgp;Microsoft USB Generic Parent Driver; F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; F:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; F:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB Mass Storage Driver; F:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 VComm;Virtual Serial port driver; F:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; F:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
R3 VHidMinidrv;Bluetooth HID Device Service; F:\WINDOWS\system32\drivers\VHIDMini.sys [2004-09-22 12504]
R3 Wdf01000;Wdf01000; F:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 lusbaudio;Logitech USB Microphone; F:\WINDOWS\system32\drivers\OVSound2.sys [2001-08-17 25216]
S1 nvport;NVIDIA PORT IO Control Driver; \??\F:\WINDOWS\system32\Drivers\nvport.sys []
S2 nvcap;nVidia WDM Video Capture (universal); F:\WINDOWS\system32\DRIVERS\nvcap.sys [2005-04-14 141582]
S2 nvTUNEP;nVidia WDM TVTuner; F:\WINDOWS\system32\DRIVERS\nvtunep.sys []
S2 nvtvSND;nVidia WDM TVAudio Crossbar; F:\WINDOWS\system32\DRIVERS\nvtvsnd.sys []
S2 NVXBAR;nVidia WDM A/V Crossbar; F:\WINDOWS\system32\DRIVERS\NVxbar.sys [2005-04-14 16496]
S2 tmcomm;tmcomm; \??\F:\WINDOWS\system32\drivers\tmcomm.sys []
S3 BrScnUsb;Brother USB Still Image driver; F:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BT;Bluetooth PAN Network Adapter; F:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
S3 BthEnum;Bluetooth Enumerator Service; F:\WINDOWS\System32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); F:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; F:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; F:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\F:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Closed Caption Decoder; F:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; F:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-03-28 55808]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-03-28 27008]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-03-28 69760]
S3 mbr;mbr; \??\F:\DOCUME~1\Ronnie\LOCALS~1\Temp\mbr.sys []
S3 Mo3Fltr;MMO Mouse; F:\WINDOWS\system32\drivers\Mo3Fltr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; F:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 n558;N558 Bluetooth USB Filter Driver; F:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
S3 NABTSFEC;NABTS/FEC VBI Codec; F:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; F:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; F:\WINDOWS\system32\drivers\nvax.sys [2005-07-26 53376]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; F:\WINDOWS\system32\drivers\nvapu.sys [2005-07-26 415360]
S3 P2k;Motorola USB Device; F:\WINDOWS\system32\DRIVERS\P2k.sys [2005-01-09 16032]
S3 Point32;Microsoft IntelliPoint Filter Driver; F:\WINDOWS\system32\DRIVERS\point32.sys [2005-03-15 20352]
S3 QCEmerald;Logitech QuickCam Web; F:\WINDOWS\system32\DRIVERS\OVCE.sys [2001-08-17 31872]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); F:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RivaTuner32;RivaTuner32; \??\F:\Program Files\RivaTuner v2.22\RivaTuner32.sys []
S3 se59bus;Sony Ericsson Device 089 driver (WDM); F:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; F:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; F:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); F:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); F:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; F:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); F:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 SLIP;BDA Slip De-Framer; F:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; F:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; F:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbaudio;USB Audio Driver (WDM); F:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Motorola USB Modem Driver; F:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WSTCODEC;World Standard Teletext Codec; F:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; F:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; F:\WINDOWS\System32\DRIVERS\yk51x86.sys [2007-12-06 285952]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avg8emc;AVG Free8 E-mail Scanner; F:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-24 908056]
R2 avg8wd;AVG8 WatchDog; F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-24 297752]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; F:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-01-27 106496]
R2 Bonjour Service;Bonjour Service; F:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 brmfrmps;Brother Popup Suspend service for Resource manager; F:\WINDOWS\system32\Brmfrmps.exe [2003-05-05 65536]
R2 BthServ;Bluetooth Support Service; F:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2009-12-26 153376]
R2 NVSvc;NVIDIA Display Driver Service; F:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 vsmon;TrueVector Internet Monitor; F:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-15 2402184]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; f:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 iPod Service;iPod Service; F:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 Brother XP spl Service;BrSplService; F:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 WMPNetworkSvc;Windows Media Player Network Sharing Service; F:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 Adobe LM Service;Adobe LM Service; F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-09-19 69632]
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; F:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-11-26 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; F:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 NBService;NBService; F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
ronn79
Active Member
 
Posts: 11
Joined: December 27th, 2009, 5:38 pm

Re: bsod, slow, crash, redirects, virus...

Unread postby km2357 » January 8th, 2010, 1:31 am

Great to hear that everything is running normally. :)

If there are no more problems, then you're good to go. :)

You can delete the following off of your computer:

DDS.scr
RSIT.exe
The two RSIT Logs
GMER.zip
GMER.exe
The GMER Log



To remove ComboFix, do the following:

Go to Start > Run - type in ComboFix /Uninstall & click OK

Empty your Recycle Bin


Your version of SpywareBlaster is out of date. The latest version is 4.2

http://www.javacoolsoftware.com/sbdownload.html

Before installing 4.2, open up SpywareBlaster and click Disable All Protection (at the bottom of the screen). Then uninstall SpywareBlaster 4.1 using Add/Remove Programs, then install 4.2. Be sure to check for updates and enable all protection once 4.2 is installed.


Please take the time to read my All Clean Post.

Please follow these simple steps in order to keep your computer clean and secure:

This is a good time to clear your existing system restore points and establish a new clean restore point

  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Make sure the C:\ drive is selected and click OK. If your computer's Hard Drive is not located on C:, change it to the correct drive letter then click OK.
  • Select the More options tab
  • Choose the option to clean up system restore and OK it.
  • This will remove all restore points except the new one you just created.
.

Clearing your restore points is not something you should do on a regular basis. Normally, this process only needs to be done after clearing out an infestation of malware.


Make your Internet Explorer more secure This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub frames across different domains to Prompt
  5. When all these settings have been made, click on the OK button.
  6. If it asks you if you want to save the settings, press the Yes button.
  7. Next press the Apply button and then the OK to exit the Internet Properties page.
Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK
  • Use An Antivirus Software and Keep It Updated - It is very important that your computer has an antivirus software running on your machine. This alone can save you a lot of trouble with malware in the future. It is imperative that you update your antivirus software at least once a day. If you do not update your antivirus software, then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently It is important that you visit Microsoft Updates regularly. This will ensure your computer has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install SpywareBlaster SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. An article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line Anti Malware
  • Use the hosts file: Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate web pages. We can customize a hosts file so that it blocks certain web pages. However, it can slow down certain computers. This is why using a hosts file is optional. Download mvps hosts file Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. Click the start button on the task bar at the bottom of your screen
    2. Click run
    3. In the dialog box, type services.msc
    4. hit enter, then locate dns client
    5. Highlight it, then doubleclick it.
    6. On the dropdown box, change the setting from automatic to manual.
    7. Click ok..
  • Use an alternative instant messenger program.Trillian and Miranda IM These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • Please read Tony Klein's excellent article: How I got Infected in the First Place
  • Please read Understanding Spyware, Browser Hijackers, and Dialers
  • Please read Simple and easy ways to keep your computer safe and secure on the Internet
  • If you are using Internet Explorer, please consider using an alternate browser: Mozilla's Firefox or
    Opera.
    If you decide to use either FireFox or Opera, it is very important that you keep them up to date and check frequently for updates of the browser of your choice.
  • Update all these programs regularly Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
  • If your computer was infected by a website, a program, IM, MSN, or p2p, check this site because it is Time To Fight Back.
Follow these steps and your potential for being infected again will reduce dramatically.

Here's a good website to read about Malware prevention:

http://users.telenet.be/bluepatchy/miek ... ntion.html

If your computer is running slow, click here for instructions on how to help speed up your computer.

Good luck!

Please reply one last time so that I know you have read my post and this thread can be closed.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: bsod, slow, crash, redirects, virus...

Unread postby ronn79 » January 8th, 2010, 2:07 am

Thank you very much for your help :D
ronn79
Active Member
 
Posts: 11
Joined: December 27th, 2009, 5:38 pm

Re: bsod, slow, crash, redirects, virus...

Unread postby km2357 » January 8th, 2010, 3:37 pm

You're welcome. I'm glad I was able to help you out. :)

Good luck and safe surfing!
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: bsod, slow, crash, redirects, virus...

Unread postby Dakeyras » January 8th, 2010, 4:03 pm

As it appears this issue has been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 61 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware