Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Lag issues,should i worry?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Lag issues,should i worry?

Unread postby Shaba » June 13th, 2009, 10:15 am

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply along with a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 11:08 pm

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Sunday, June 14, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Saturday, June 13, 2009 19:03:58
Records in database: 2339214
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
H:\

Scan statistics:
Files scanned: 144689
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 06:35:55


File name / Threat name / Threats count
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH]\N360.v3.0.0.135.PE_[RH].rar Infected: Trojan.Win32.StartPage.drb 1

The selected area was scanned.
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 13th, 2009, 11:09 pm

Logfile of HijackThis v1.99.1
Scan saved at 11:08:44, on 14/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Java\jre6\bin\java.exe
D:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - Startup: ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Unknown owner - D:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 14th, 2009, 3:07 am

  • Double-click OTM.exe. (Vista users, please right click on OTM.exe and select "Run as an Administrator")
  • Copy the lines in the codebox below.
Code: Select all
:files
E:\Torrent

  • Return to OTMoveIt, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar), and paste it in your next reply.
  • Close OTMoveIt
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 3:15 am

========== FILES ==========
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH]\N360.v3.0.0.135.PE_[RH]\Norton 360 v3.0.0.135 Premier Edition\Norton 2009 TrialReset v2.9A (Cracked by BOX!)\Norton Removal Tool v2009.0.5.26 moved successfully.
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH]\N360.v3.0.0.135.PE_[RH]\Norton 360 v3.0.0.135 Premier Edition\Norton 2009 TrialReset v2.9A (Cracked by BOX!) moved successfully.
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH]\N360.v3.0.0.135.PE_[RH]\Norton 360 v3.0.0.135 Premier Edition moved successfully.
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH]\N360.v3.0.0.135.PE_[RH] moved successfully.
E:\Torrent\Norton 360 v3.0.0.135 Premier Edition + Crack [RH] moved successfully.
E:\Torrent\Magic Video Converter 8.0.2.18 moved successfully.
E:\Torrent\Gamemaker 7 - Crack\Game Maker 7.0 Pro Crack 2 moved successfully.
E:\Torrent\Gamemaker 7 - Crack moved successfully.
E:\Torrent moved successfully.

OTM by OldTimer - Version 2.1.0.1 log created on 06142009_151207
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 14th, 2009, 4:15 am

Looks like you have some programs to uninstall as they are not legit.

Uninstall these:

Game Maker 7.0
Magic Video Converter Trial Version (English) 8.0.2.18

After that, please delete info.txt from c:\rsit folder.

Rerun rsit and post back fresh rsit logs.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 4:22 am

Logfile of random's system information tool 1.06 (written by random/random)
Run by Raja Ibrahim at 2009-06-14 16:21:31
Microsoft Windows XP Professional Service Pack 2
System drive D: has 6 GB (25%) free of 25 GB
Total RAM: 1534 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:53, on 14/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\lxczcoms.exe
D:\Program Files\Sandboxie\SbieSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Raja Ibrahim\Desktop\Utility\RSIT.exe
D:\Program Files\trend micro\Raja Ibrahim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [VMonitorVmc403] "D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe" vmc403
O4 - HKLM\..\Run: [BtTray] "D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lxczbmgr.exe] "D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - Startup: ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{63350C1F-36B2-481A-8A88-57C13E4D83C5}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6) (gupdate1c9e376d4b5b3f6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxcz_device - - D:\WINDOWS\system32\lxczcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 8831 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
D:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-13 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-13 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056]
"VMonitorVmc403"=D:\Program Files\Vimicro\Vimicro USB PC Camera (VC0332)\x86\VMonitor.exe [2007-04-13 114688]
"BtTray"=D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-03-28 258134]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"lxczbmgr.exe"=D:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2007-04-19 74672]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-11 518488]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-06-13 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"=D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2009-03-18 4363504]
"MsnMsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"SpeedConnectStartUp"=D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [2009-05-16 603136]
"Advanced SystemCare 3"=D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-04-30 2329936]
"SmartRAM"=D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2009-02-19 202064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MPlayer2_FixUp"=D:\WINDOWS\inf\unregmp2.exe [2004-08-04 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Raja Ibrahim^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
D:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

D:\Documents and Settings\Raja Ibrahim\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - D:\Program Files\ERUNT\AUTOBACK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-26 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Garena\Garena.exe"="D:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"E:\Games\BlackShot\Blackshot\system\BlackShot.exe"="E:\Games\BlackShot\Blackshot\system\BlackShot.exe:*:Enabled:BlackShot"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxczcoms.exe"="D:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System"
"E:\Games\Stardock Games\Demigod\bin\Demigod.exe"="E:\Games\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod"
"D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"E:\Games\DFX2\dfx2.exe"="E:\Games\DFX2\dfx2.exe:*:Enabled:Delta Force Xtreme 2"
"E:\Games\DFX2\UPDATE.EXE"="E:\Games\DFX2\UPDATE.EXE:*:Enabled:Delta Force Xtreme 2"
"E:\_OTM\MovedFiles\06132009_220514\Program Files\uTorrent\uTorrent.exe"="E:\_OTM\MovedFiles\06132009_220514\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7209a3bf-25ec-11de-b1ed-001167c8765e}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-06-14 15:12:07 ----D---- D:\_OTM
2009-06-14 13:51:54 ----A---- D:\WINDOWS\system32\wmpns.dll
2009-06-14 13:51:48 ----D---- D:\WINDOWS\ERDNT
2009-06-13 22:26:00 ----D---- D:\WINDOWS\Sun
2009-06-13 22:24:36 ----A---- D:\WINDOWS\system32\javaws.exe
2009-06-13 22:24:36 ----A---- D:\WINDOWS\system32\javaw.exe
2009-06-13 22:24:36 ----A---- D:\WINDOWS\system32\java.exe
2009-06-13 22:24:36 ----A---- D:\WINDOWS\system32\deploytk.dll
2009-06-13 22:24:18 ----D---- D:\Program Files\Java
2009-06-13 22:24:07 ----D---- D:\Documents and Settings\All Users\Application Data\McAfee
2009-06-13 22:20:15 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Sun
2009-06-13 22:03:26 ----D---- D:\Program Files\ERUNT
2009-06-13 21:50:15 ----RASHD---- D:\autorun.inf
2009-06-13 20:38:12 ----D---- D:\rsit
2009-06-13 20:38:12 ----D---- D:\Program Files\trend micro
2009-06-13 17:36:54 ----D---- D:\Documents and Settings\All Users\Application Data\salvation
2009-06-13 16:59:34 ----A---- D:\WINDOWS\uninst.exe
2009-06-12 13:02:48 ----D---- D:\Program Files\DOSBox-0.73
2009-06-11 23:34:33 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\SaintXi
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2009-06-11 23:32:13 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-11 23:32:12 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2009-06-11 23:32:11 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-11 20:48:02 ----D---- D:\Program Files\Easy Message
2009-06-11 20:29:29 ----D---- D:\Program Files\QuickSFV
2009-06-11 19:26:15 ----A---- D:\WINDOWS\system32\lsdelete.exe
2009-06-11 18:58:26 ----HDC---- D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-11 18:58:18 ----D---- D:\Program Files\Lavasoft
2009-06-11 18:58:18 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2009-06-11 17:39:48 ----D---- D:\Program Files\Hijackthis
2009-06-02 19:40:44 ----D---- D:\Program Files\Common Files\Real
2009-06-02 19:40:44 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Real
2009-06-02 19:39:38 ----D---- D:\Program Files\Google
2009-05-27 23:27:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Opera
2009-05-27 23:26:46 ----D---- D:\Program Files\Opera
2009-05-19 11:14:34 ----A---- D:\WINDOWS\AviSplitter.INI
2009-05-16 22:38:57 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\IObit
2009-05-16 22:38:56 ----D---- D:\Program Files\IObit
2009-05-16 19:08:26 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Thinstall
2009-05-16 19:07:35 ----D---- D:\Program Files\CBS Software
2009-05-16 16:34:02 ----D---- D:\Program Files\RAMBooster.Net
2009-05-16 15:25:29 ----D---- D:\Program Files\RegCleaner
2009-05-15 14:39:49 ----D---- D:\Program Files\Avira
2009-05-15 14:39:49 ----D---- D:\Documents and Settings\All Users\Application Data\Avira

======List of files/folders modified in the last 1 months======

2009-06-14 16:21:40 ----D---- D:\WINDOWS\Prefetch
2009-06-14 16:21:20 ----RD---- D:\Program Files
2009-06-14 16:21:18 ----D---- D:\WINDOWS\system32
2009-06-14 16:20:52 ----D---- D:\WINDOWS\Temp
2009-06-14 16:18:41 ----D---- D:\Program Files\Mozilla Firefox
2009-06-14 13:52:16 ----A---- D:\WINDOWS\system32\LOCALSERVICE.INI
2009-06-14 13:52:16 ----A---- D:\WINDOWS\system32\LOCALDEVICE.INI
2009-06-14 13:52:15 ----A---- D:\WINDOWS\system32\bscs.ini
2009-06-14 13:52:13 ----D---- D:\WINDOWS\system32\CatRoot2
2009-06-14 13:51:48 ----D---- D:\WINDOWS
2009-06-14 11:35:44 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-06-13 23:50:25 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Free Download Manager
2009-06-13 22:25:12 ----SHD---- D:\WINDOWS\Installer
2009-06-13 20:49:06 ----D---- D:\Program Files\Garena
2009-06-13 20:27:06 ----D---- D:\WINDOWS\system32\DirectX
2009-06-13 20:27:04 ----HD---- D:\WINDOWS\inf
2009-06-13 20:27:02 ----RSD---- D:\WINDOWS\assembly
2009-06-13 20:23:59 ----HD---- D:\Program Files\InstallShield Installation Information
2009-06-13 20:01:39 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 17:33:31 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-13 08:00:04 ----A---- D:\WINDOWS\system32\REMOTEDEVICE.INI
2009-06-12 11:22:31 ----A---- D:\WINDOWS\Lexstat.ini
2009-06-11 23:30:59 ----D---- D:\WINDOWS\Logs
2009-06-11 19:16:29 ----D---- D:\WINDOWS\system32\drivers
2009-06-11 19:16:25 ----SD---- D:\WINDOWS\Tasks
2009-06-11 19:16:22 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-11 18:12:08 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-11 18:11:45 ----D---- D:\Program Files\Spybot - Search & Destroy
2009-06-10 23:15:46 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Hamachi
2009-06-08 18:56:52 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\mIRC
2009-06-08 18:55:10 ----D---- D:\Program Files\mIRC
2009-06-03 12:27:32 ----D---- D:\Program Files\Common Files
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcr71.dll
2009-06-02 19:40:47 ----A---- D:\WINDOWS\system32\msvcp71.dll
2009-05-28 00:33:54 ----D---- D:\Program Files\Common Files\Adobe
2009-05-28 00:33:51 ----D---- D:\WINDOWS\WinSxS
2009-05-28 00:33:49 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
2009-05-28 00:33:40 ----D---- D:\Program Files\Adobe
2009-05-27 20:43:17 ----D---- D:\Program Files\SpeedFan
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\MsDtc
2009-05-17 03:34:20 ----D---- D:\WINDOWS\system32\config
2009-05-17 03:34:20 ----D---- D:\WINDOWS\repair
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Minidump
2009-05-17 03:34:20 ----D---- D:\WINDOWS\Debug
2009-05-17 03:34:20 ----D---- D:\Program Files\K-Lite Codec Pack
2009-05-17 03:34:20 ----D---- D:\Program Files\Dropbox
2009-05-17 03:34:20 ----D---- D:\Program Files\CloneDVD
2009-05-17 03:34:20 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Ventrilo
2009-05-16 10:33:37 ----D---- D:\Documents and Settings\Raja Ibrahim\Application Data\Dropbox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;1394 ARP Client Protocol; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ElbyDelay;ElbyDelay; D:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-28 25280]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-01-21 118656]
R3 SbieDrv;SbieDrv; \??\D:\Program Files\Sandboxie\SbieDrv.sys []
R3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbvideo;USB Video Device (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 APLMp50;APLMp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 CCDECODE;Closed Caption Decoder; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; D:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-24 101120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2007-01-26 42000]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); D:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); D:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); D:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); D:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); D:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); D:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMC403;Vimicro Camera Service VMC403; D:\WINDOWS\System32\Drivers\VMC403.sys [2007-05-15 238208]
S3 vvftc403;Vimicro Camera Filter Service VMC403; D:\WINDOWS\system32\drivers\vvftc403.sys [2007-05-11 476160]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-26 602112]
R2 BlueSoleilCS;BlueSoleilCS; D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-03-28 1155180]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-06-13 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-11 1005904]
R2 lxcz_device;lxcz_device; D:\WINDOWS\system32\lxczcoms.exe [2007-04-19 537520]
R2 SbieSvc;Sandboxie Service; D:\Program Files\Sandboxie\SbieSvc.exe [2009-04-14 53760]
R3 BsHelpCS;BsHelpCS; D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate1c9e376d4b5b3f6;Perkhidmatan Kemas Kini Google (gupdate1c9e376d4b5b3f6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-02 133104]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-30 72704]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Macromedia Licensing Service;Macromedia Licensing Service; D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-30 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Program Files\WinPcap\rpcapd.exe [2007-01-26 93048]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 4:23 am

info.txt logfile of random's system information tool 1.06 2009-06-14 16:21:55

======Uninstall list======

-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
3DMark03-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FF35F637-72B9-43BE-A281-06EB2854393A}\Setup.exe" -l0x9
7-Zip 4.65-->"D:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware-->"D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->D:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player 11.5-->D:\WINDOWS\system32\Adobe\uninstaller.exe
Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Advanced SystemCare 3-->"D:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo Burning Studio 2009-->"D:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe"
ATI - Software Uninstall Utility-->D:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update-->D:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0009 -removeonly
Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BlackShot Á¦°Å-->"E:\Games\BlackShot\uninstall.exe"
Bluesoleil 5.0.5.178-->MsiExec.exe /X{1E726A53-78E9-47DE-B3D9-4165CBC9ABBF}
CamStudio Lossless Codec v1.4-->"D:\WINDOWS\system32\unins000.exe"
CamStudio-->D:\Program Files\CamStudio\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CloneDVD Full 3.0.2.5-->"D:\Program Files\CloneDVD\unins000.exe"
ConvertHelper 2.2-->"D:\Program Files\ConvertHelper\unins000.exe"
Delta Force Xtreme 2-->"D:\Program Files\InstallShield Installation Information\{193C41B9-1A0F-45E6-8546-41C91C99A5F8}\setup.exe" -runfromtemp -l0x0009 -removeonly
DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
Disc2Phone-->MsiExec.exe /X{C01408FC-117C-44B7-8B0C-17794E526A01}
Dropbox-->"D:\Program Files\Dropbox\Uninstall.exe"
ERUNT 1.1j-->"D:\Program Files\ERUNT\unins000.exe"
FIFA MANAGER 09-->E:\Games\Fifa09\eauninstall.exe
Flash CD & DVD Burner-->"D:\Program Files\Flash CD & DVD Burner\unins000.exe"
Free 3GP Video Converter by Topviewsoft 2.1.0.5-->"D:\Program Files\Free 3GP Video Converter by Topviewsoft\unins000.exe"
Free Download Manager 3.0-->"D:\Program Files\Free Download Manager\unins000.exe"
Game Booster-->"D:\Program Files\IObit\Game Booster\unins000.exe"
Garena-->D:\Program Files\Garena\uninst.exe
Google Chrome-->"D:\Program Files\Google\Chrome\Application\2.0.172.31\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Hamachi 1.0.3.0-->D:\Program Files\Hamachi\uninstall.exe
Hijackthis 1.99.1-->"D:\Program Files\Hijackthis\unins000.exe"
HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
Hospital Tycoon-->E:\Games\Hospital Tycoon\uninstall.exe
Hotfix for Windows XP (KB915865)-->"D:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"D:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
K-Lite Codec Pack 4.7.5 (Full)-->"D:\Program Files\K-Lite Codec Pack\unins000.exe"
Lexmark 1200 Series-->D:\Program Files\Lexmark 1200 Series\Install\x86\Uninst.exe
Light of Altair 1.00-->"E:\Games\Light of Altair\unins000.exe"
Macromedia Fireworks MX 2004-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALL
MadOnion.com/3DMark2001 SE-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{91B323B5-A79C-4D23-BD6D-046C565F9BCF}\Setup.exe" -l0x9 uninstall -uninst
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs-->"D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"D:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"D:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual J# 2.0 Redistributable Package-->D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
mIRC-->D:\Program Files\mIRC\uninstall.exe _?=D:\Program Files\mIRC
Mobile Partner-->D:\Program Files\Mobile Partner\uninst.exe
Mozilla Firefox (3.0.10)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nimo Codecs Pack v5.0 (Remove Only)-->"D:\Program Files\NimoCodec Pack\uninstall.exe"
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL-->"D:\Program Files\OpenAL\oalinst.exe" /U
Opera 9.64-->MsiExec.exe /X{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}
Prolink PCC5020 camera-->D:\Program Files\InstallShield Installation Information\{71A51A91-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickSFV (Remove only)-->D:\Program Files\QuickSFV\QSFVUNST.EXE D:\Program Files\QuickSFV\
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RAMBooster.Net-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E20C5E13-DE01-4938-A776-E7563FDA86B4}\setup.exe"
Realtek AC'97 Audio-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-->D:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -removeonly
Replay AV 8-->D:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\uninstallRAV8.ini"
Replay Converter 3-->"D:\WINDOWS\Replay Converter 3\uninstall.exe" "/U:D:\Program Files\Replay Converter 3\Uninstall\ReplayConverrter3Uninstall.xml"
Sandboxie 3.36-->"D:\WINDOWS\Installer\SandboxieInstall.exe" /remove
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Smart Defrag 1.11-->"D:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{9EB1504E-FD95-4BCD-8E93-B4039F59C469}
Sony Ericsson PC Suite 4.010.00-->D:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x0009 -removeonly
Sony Ericsson PC Suite-->D:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{D59AC9E9-FFAE-471B-B1FF-4B311D23417A}
SpeedConnect Internet Accelerator v.7.5-->"D:\Program Files\CBS Software\SpeedConnect Internet Accelerator\unins000.exe"
SpeedFan (remove only)-->"D:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"D:\Program Files\The KMPlayer\uninstall.exe"
Theme Hospital-->D:\WINDOWS\uninst.exe -fe:\games\TH\DeIsL1.isu
Update Service-->D:\Program Files\Sony Ericsson\Update Service\uninst.exe
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VirtualCloneDrive-->"D:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="D:\Program Files\Elaborate Bytes\VirtualCloneDrive"
VLC media player 0.9.9-->D:\Program Files\VideoLAN\VLC\uninstall.exe
Warfare-->"E:\Games\Warfare\unins000.exe"
Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"D:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->D:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPcap 4.0-->D:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->D:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger-->D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
YouSendIt Express-->D:\Program Files\InstallShield Installation Information\{1193600A-134F-40F9-9F71-FEF54C93C629}\setup.exe -runfromtemp -l0x0409

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6325
Source Name: MRxSmb
Time Written: 20090520223024.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6299
Source Name: MRxSmb
Time Written: 20090520170404.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6221
Source Name: MRxSmb
Time Written: 20090519203959.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 8021
Message: The browser was unable to retrieve a list of servers from the browser master \\SHARIFAH-PC on the network \Device\NetBT_Tcpip_{63350C1F-36B2-481A-8A88-57C13E4D83C5}.
The data is the error code.

Record Number: 6220
Source Name: BROWSER
Time Written: 20090519203852.000000+480
Event Type: warning
User:

Computer Name: YEM
Event Code: 8003
Message: The master browser has received a server announcement from the computer SHARIFAH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{63350C1F-36B2-48.
The master browser is stopping or an election is being forced.

Record Number: 6143
Source Name: MRxSmb
Time Written: 20090518231615.000000+480
Event Type: error
User:

=====Application event log=====

Computer Name: YEM
Event Code: 4113
Message: AntiVir has detected 'DR/Monder.436224'
in the file
C:\System Volume Information\_restore{510380E8-7669-4B0A-9F4F-FEDC5A1F3148}\RP96\A0016343.exe

Record Number: 3367
Source Name: Avira AntiVir
Time Written: 20090611232308.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 4113
Message: AntiVir has detected 'DR/Monder.436224'
in the file
C:\System Volume Information\_restore{510380E8-7669-4B0A-9F4F-FEDC5A1F3148}\RP96\A0016343.exe

Record Number: 3366
Source Name: Avira AntiVir
Time Written: 20090611222101.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 1517
Message: Windows saved user YEM\Raja Ibrahim registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 3354
Source Name: Userenv
Time Written: 20090611191706.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: YEM
Event Code: 0
Message:
Record Number: 3353
Source Name: Lavasoft Ad-Aware Service
Time Written: 20090611185918.000000+480
Event Type: error
User:

Computer Name: YEM
Event Code: 4113
Message: AntiVir has detected 'TR/Agent2.juv'
in the file
D:\WINDOWS\system32\msdriver.exe

Record Number: 3351
Source Name: Avira AntiVir
Time Written: 20090611181506.000000+480
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=D:\WINDOWS\system32;D:\WINDOWS;D:\WINDOWS\System32\Wbem;D:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Program Files\QuickTime\QTSystem\;D:\Program Files\Common Files\Teleca Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;D:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=D:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 14th, 2009, 4:35 am

Good :)

Still some issues left?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 6:05 am

well i thought i'd let u check if there is anything funny first,if you ask me to test then i would check :D

i try to play dota later & will report back asap :)
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 7:39 am

hmmm..the problem still persist..the lag & the ram usage being high..my ram is 1.5gb bt now oni 600+ is free..im oni using firefox & warcraft 3..along with msn live & ym..
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 14th, 2009, 8:13 am

Those are not then malware issues.

RAM usage sounds pretty normal to me as warcraft is running.

I can redirect you to some windows forum if you like to?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby kingyem » June 14th, 2009, 8:26 am

well the ting is,before the virus attack & the reformatting,it wasnt like this..thats why i was wondering..bt if you say my system is ok,then i cant nothing more can be done..

btw if you think the link would be helpful,then may i please have them :)
kingyem
Regular Member
 
Posts: 18
Joined: June 11th, 2009, 5:36 am

Re: Lag issues,should i worry?

Unread postby Shaba » June 14th, 2009, 9:26 am

I recommend this place.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Lag issues,should i worry?

Unread postby Shaba » June 18th, 2009, 1:39 am

kingyem this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware