Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer Internet Connection Very Slow???

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer Internet Connection Very Slow???

Unread postby rich2568 » May 12th, 2010, 5:44 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:26, on 12/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\MRT.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - C:\Documents and Settings\user\Desktop\InterCasino GBP.lnk (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - C:\Documents and Settings\user\Desktop\InterCasino GBP.lnk (HKCU)
O9 - Extra button: Captain Cooks Casino - {2753706C-8863-497D-85B4-51BC7ADED280} - C:\Microgaming\Casino\CaptainCooks\casinogame.exe (HKCU)
O9 - Extra button: Blackjack Ballroom Casino - {4728F586-BE22-40EF-AE46-2C9B5A24DF0C} - C:\Microgaming\Casino\BJBallroom\casinogame.exe (HKCU)
O9 - Extra button: Golden Tiger Casino - {5F057FFE-3172-48CF-904D-8CE027C074AA} - C:\Microgaming\Casino\GoldenTiger\casinogame.exe (HKCU)
O9 - Extra button: Casino Classic - {75DF418F-3E91-4901-B313-4CE52F8F564B} - C:\Microgaming\Casino\CasinoClassic\casinogame.exe (HKCU)
O9 - Extra button: Virtual City Casino - {BD3984D8-3BAE-42BA-AE61-0E46AC5CE3F9} - C:\Microgaming\Casino\VirtualCity\casinogame.exe (HKCU)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/sr ... ab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com/pirates/online/tes ... eGames.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1277564285
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/ac ... inder2.CAB
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Photo Service\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TCTNWPT - Unknown owner - C:\DOCUME~1\user\LOCALS~1\Temp\TCTNWPT.exe (file missing)

--
End of file - 12239 bytes


Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 Professional
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Reader 9.3.1
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
Any Video Converter 3.0.3
AudioCommander
AudioCommander
AVS Audio Converter version 6.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
BBC iPlayer Desktop
BBC iPlayer Desktop
Blackjack Ballroom Casino
Captain Cooks Casino
Casino Classic
Casino-On-Net
CCleaner
City Club Casino
Connect
Coupon Printer
EuroGrand Casino
Europa Casino
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.2
FreeStar Free AMR MP3 Converter 1.0.3
Golden Tiger Casino
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
HyperCam 2
InterCasino
Joyland Casino
kuler
Logitech Touch Mouse Server 1.0
Malwarebytes' Anti-Malware
Microsoft Office Publisher 2007
Microsoft Office Standard 2007
Mozilla Firefox (3.6.3)
Napster
ParetoLogic DriverCure
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
RocketDock 1.3.5
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Spelling Dictionaries Support For Adobe Reader 9
Suite Shared Configuration CS4
Titan Casino
Uninstall 1.0.0.1
Update for Windows Internet Explorer 7 (KB980182)
Virtual City Casino
William Hill CASINO CLUB
Windows Media Player Firefox Plugin
XPort 360
Yahoo! Toolbar
rich2568
Regular Member
 
Posts: 33
Joined: June 1st, 2008, 7:58 am
Advertisement
Register to Remove

Re: Computer Internet Connection Very Slow???

Unread postby melboy » May 16th, 2010, 6:28 am

Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please DO NOT run any other tools or scans whilst I am helping you.
  5. It is important that you reply to this thread. Do not start a new topic.
  6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  7. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


======================================


TFC

  • Please download TFC by Old Timer to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.


Malwarebytes' Anti-Malware (MBAM)

As you have Malwarebytes' Anti-Malware installed on your computer. Could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
    1. C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    2. Or via the Logs tab when the application is started.

Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately.
Failure to reboot will prevent MBAM from removing all the malware.



CKScanner
Download CKScanner from here
  • Important - Save it to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.



OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under the Custom Scan box paste this in
    Code: Select all
    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav 
    %systemroot%\system32\drivers\*.sys /90
     
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.



RootRepeal
Download RootRepeal.zip from here & unzip it to your Desktop.
  • Double click RootRepeal.exe to start the program
  • Click the Report tab at the bottom of the program window
  • Click the Scan button
  • In the Select Scan dialog, check:
      Drivers
      Files
      Processes
      SSDT
      Stealth Objects
      Hidden Services
      Shadow SSDT
  • Click the OK button
  • In the next dialog, select all drives showing
  • Click OK to start the scan
  • Note: The scan can take some time. DO NOT run any other programs while the scan is running
    • When the scan is complete, the Save Report button will become available
    • Click this and save the report to your Desktop as RootRepeal.txt
    • Go to File then Exit to close the program




    In your next reply:
    1. RootRepeal.txt
    2. OTL.txt
    3. Extras.txt
    4. CKFiles.txt
    5. MBAM log
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 16th, 2010, 5:56 pm

    Hi there Melboy :-)

    My attemt to load OTL is failing- it keeps stating that it cannot downoload the program!!

    It keeps asking to Debug??
    Please assist??

    Thanks!!
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby melboy » May 16th, 2010, 6:00 pm

    Hi

    Ok, try downloading and running RSIT instead of OTL.

    random's system information tool (RSIT)

    • Download random's system information tool (RSIT) by random/random from HERE and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open:
      • log.txt (<<will be maximized)
      • info.txt (<<will be minimized)
    • Post both of these logs in your next reply (Sometimes you have to make several post to get the logs posted.)


    In your next reply:
    1. RootRepeal.txt
    2. RSIT log.txt
    3. RSIT info.txt
    4. CKFiles.txt
    5. MBAM log
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 16th, 2010, 6:30 pm

    ROOTREPEAL (c) AD, 2007-2009
    ==================================================
    Scan Start Time: 2010/05/16 23:08
    Program Version: Version 1.3.5.0
    Windows Version: Windows XP Media Center Edition SP3
    ==================================================

    SSDT
    -------------------
    #: 000 Function Name: NtAcceptConnectPort
    Status: Not hooked

    #: 001 Function Name: NtAccessCheck
    Status: Not hooked

    #: 002 Function Name: NtAccessCheckAndAuditAlarm
    Status: Not hooked

    #: 003 Function Name: NtAccessCheckByType
    Status: Not hooked

    #: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm
    Status: Not hooked

    #: 005 Function Name: NtAccessCheckByTypeResultList
    Status: Not hooked

    #: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm
    Status: Not hooked

    #: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle
    Status: Not hooked

    #: 008 Function Name: NtAddAtom
    Status: Not hooked

    #: 009 Function Name: NtAddBootEntry
    Status: Not hooked

    #: 010 Function Name: NtAdjustGroupsToken
    Status: Not hooked

    #: 011 Function Name: NtAdjustPrivilegesToken
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb236e

    #: 012 Function Name: NtAlertResumeThread
    Status: Not hooked

    #: 013 Function Name: NtAlertThread
    Status: Not hooked

    #: 014 Function Name: NtAllocateLocallyUniqueId
    Status: Not hooked

    #: 015 Function Name: NtAllocateUserPhysicalPages
    Status: Not hooked

    #: 016 Function Name: NtAllocateUuids
    Status: Not hooked

    #: 017 Function Name: NtAllocateVirtualMemory
    Status: Not hooked

    #: 018 Function Name: NtAreMappedFilesTheSame
    Status: Not hooked

    #: 019 Function Name: NtAssignProcessToJobObject
    Status: Not hooked

    #: 020 Function Name: NtCallbackReturn
    Status: Not hooked

    #: 021 Function Name: NtCancelDeviceWakeupRequest
    Status: Not hooked

    #: 022 Function Name: NtCancelIoFile
    Status: Not hooked

    #: 023 Function Name: NtCancelTimer
    Status: Not hooked

    #: 024 Function Name: NtClearEvent
    Status: Not hooked

    #: 025 Function Name: NtClose
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd16b8

    #: 026 Function Name: NtCloseObjectAuditAlarm
    Status: Not hooked

    #: 027 Function Name: NtCompactKeys
    Status: Not hooked

    #: 028 Function Name: NtCompareTokens
    Status: Not hooked

    #: 029 Function Name: NtCompleteConnectPort
    Status: Not hooked

    #: 030 Function Name: NtCompressKey
    Status: Not hooked

    #: 031 Function Name: NtConnectPort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb360c

    #: 032 Function Name: NtContinue
    Status: Not hooked

    #: 033 Function Name: NtCreateDebugObject
    Status: Not hooked

    #: 034 Function Name: NtCreateDirectoryObject
    Status: Not hooked

    #: 035 Function Name: NtCreateEvent
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3b40

    #: 036 Function Name: NtCreateEventPair
    Status: Not hooked

    #: 037 Function Name: NtCreateFile
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb2d78

    #: 038 Function Name: NtCreateIoCompletion
    Status: Not hooked

    #: 039 Function Name: NtCreateJobObject
    Status: Not hooked

    #: 040 Function Name: NtCreateJobSet
    Status: Not hooked

    #: 041 Function Name: NtCreateKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd1574

    #: 042 Function Name: NtCreateMailslotFile
    Status: Not hooked

    #: 043 Function Name: NtCreateMutant
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3a18

    #: 044 Function Name: NtCreateNamedPipeFile
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb0d0a

    #: 045 Function Name: NtCreatePagingFile
    Status: Not hooked

    #: 046 Function Name: NtCreatePort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb38d4

    #: 047 Function Name: NtCreateProcess
    Status: Not hooked

    #: 048 Function Name: NtCreateProcessEx
    Status: Not hooked

    #: 049 Function Name: NtCreateProfile
    Status: Not hooked

    #: 050 Function Name: NtCreateSection
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb2102

    #: 051 Function Name: NtCreateSemaphore
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3c72

    #: 052 Function Name: NtCreateSymbolicLinkObject
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb540e

    #: 053 Function Name: NtCreateThread
    Status: Hooked by "<unknown>" at address 0xf7bb9c24

    #: 054 Function Name: NtCreateTimer
    Status: Not hooked

    #: 055 Function Name: NtCreateToken
    Status: Not hooked

    #: 056 Function Name: NtCreateWaitablePort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3976

    #: 057 Function Name: NtDebugActiveProcess
    Status: Not hooked

    #: 058 Function Name: NtDebugContinue
    Status: Not hooked

    #: 059 Function Name: NtDelayExecution
    Status: Not hooked

    #: 060 Function Name: NtDeleteAtom
    Status: Not hooked

    #: 061 Function Name: NtDeleteBootEntry
    Status: Not hooked

    #: 062 Function Name: NtDeleteFile
    Status: Not hooked

    #: 063 Function Name: NtDeleteKey
    Status: Hooked by "<unknown>" at address 0xf7bb9c33

    #: 064 Function Name: NtDeleteObjectAuditAlarm
    Status: Not hooked

    #: 065 Function Name: NtDeleteValueKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd1a52

    #: 066 Function Name: NtDeviceIoControlFile
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb321c

    #: 067 Function Name: NtDisplayString
    Status: Not hooked

    #: 068 Function Name: NtDuplicateObject
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd114c

    #: 069 Function Name: NtDuplicateToken
    Status: Not hooked

    #: 070 Function Name: NtEnumerateBootEntries
    Status: Not hooked

    #: 071 Function Name: NtEnumerateKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb1e3a

    #: 072 Function Name: NtEnumerateSystemEnvironmentValuesEx
    Status: Not hooked

    #: 073 Function Name: NtEnumerateValueKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb1ee4

    #: 074 Function Name: NtExtendSection
    Status: Not hooked

    #: 075 Function Name: NtFilterToken
    Status: Not hooked

    #: 076 Function Name: NtFindAtom
    Status: Not hooked

    #: 077 Function Name: NtFlushBuffersFile
    Status: Not hooked

    #: 078 Function Name: NtFlushInstructionCache
    Status: Not hooked

    #: 079 Function Name: NtFlushKey
    Status: Not hooked

    #: 080 Function Name: NtFlushVirtualMemory
    Status: Not hooked

    #: 081 Function Name: NtFlushWriteBuffer
    Status: Not hooked

    #: 082 Function Name: NtFreeUserPhysicalPages
    Status: Not hooked

    #: 083 Function Name: NtFreeVirtualMemory
    Status: Not hooked

    #: 084 Function Name: NtFsControlFile
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3016

    #: 085 Function Name: NtGetContextThread
    Status: Not hooked

    #: 086 Function Name: NtGetDevicePowerState
    Status: Not hooked

    #: 087 Function Name: NtGetPlugPlayEvent
    Status: Not hooked

    #: 088 Function Name: NtGetWriteWatch
    Status: Not hooked

    #: 089 Function Name: NtImpersonateAnonymousToken
    Status: Not hooked

    #: 090 Function Name: NtImpersonateClientOfPort
    Status: Not hooked

    #: 091 Function Name: NtImpersonateThread
    Status: Not hooked

    #: 092 Function Name: NtInitializeRegistry
    Status: Not hooked

    #: 093 Function Name: NtInitiatePowerAction
    Status: Not hooked

    #: 094 Function Name: NtIsProcessInJob
    Status: Not hooked

    #: 095 Function Name: NtIsSystemResumeAutomatic
    Status: Not hooked

    #: 096 Function Name: NtListenPort
    Status: Not hooked

    #: 097 Function Name: NtLoadDriver
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb4ea6

    #: 098 Function Name: NtLoadKey
    Status: Hooked by "<unknown>" at address 0xf7bb9c42

    #: 099 Function Name: NtLoadKey2
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb144e

    #: 100 Function Name: NtLockFile
    Status: Not hooked

    #: 101 Function Name: NtLockProductActivationKeys
    Status: Not hooked

    #: 102 Function Name: NtLockRegistryKey
    Status: Not hooked

    #: 103 Function Name: NtLockVirtualMemory
    Status: Not hooked

    #: 104 Function Name: NtMakePermanentObject
    Status: Not hooked

    #: 105 Function Name: NtMakeTemporaryObject
    Status: Not hooked

    #: 106 Function Name: NtMapUserPhysicalPages
    Status: Not hooked

    #: 107 Function Name: NtMapUserPhysicalPagesScatter
    Status: Not hooked

    #: 108 Function Name: NtMapViewOfSection
    Status: Not hooked

    #: 109 Function Name: NtModifyBootEntry
    Status: Not hooked

    #: 110 Function Name: NtNotifyChangeDirectoryFile
    Status: Not hooked

    #: 111 Function Name: NtNotifyChangeKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb2030

    #: 112 Function Name: NtNotifyChangeMultipleKeys
    Status: Not hooked

    #: 113 Function Name: NtOpenDirectoryObject
    Status: Not hooked

    #: 114 Function Name: NtOpenEvent
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3be2

    #: 115 Function Name: NtOpenEventPair
    Status: Not hooked

    #: 116 Function Name: NtOpenFile
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb2b08

    #: 117 Function Name: NtOpenIoCompletion
    Status: Not hooked

    #: 118 Function Name: NtOpenJobObject
    Status: Not hooked

    #: 119 Function Name: NtOpenKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd164e

    #: 120 Function Name: NtOpenMutant
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3ab0

    #: 121 Function Name: NtOpenObjectAuditAlarm
    Status: Not hooked

    #: 122 Function Name: NtOpenProcess
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd108c

    #: 123 Function Name: NtOpenProcessToken
    Status: Not hooked

    #: 124 Function Name: NtOpenProcessTokenEx
    Status: Not hooked

    #: 125 Function Name: NtOpenSection
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb5438

    #: 126 Function Name: NtOpenSemaphore
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3d14

    #: 127 Function Name: NtOpenSymbolicLinkObject
    Status: Not hooked

    #: 128 Function Name: NtOpenThread
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd10f0

    #: 129 Function Name: NtOpenThreadToken
    Status: Not hooked

    #: 130 Function Name: NtOpenThreadTokenEx
    Status: Not hooked

    #: 131 Function Name: NtOpenTimer
    Status: Not hooked

    #: 132 Function Name: NtPlugPlayControl
    Status: Not hooked

    #: 133 Function Name: NtPowerInformation
    Status: Not hooked

    #: 134 Function Name: NtPrivilegeCheck
    Status: Not hooked

    #: 135 Function Name: NtPrivilegeObjectAuditAlarm
    Status: Not hooked

    #: 136 Function Name: NtPrivilegedServiceAuditAlarm
    Status: Not hooked

    #: 137 Function Name: NtProtectVirtualMemory
    Status: Not hooked

    #: 138 Function Name: NtPulseEvent
    Status: Not hooked

    #: 139 Function Name: NtQueryAttributesFile
    Status: Not hooked

    #: 140 Function Name: NtQueryBootEntryOrder
    Status: Not hooked

    #: 141 Function Name: NtQueryBootOptions
    Status: Not hooked

    #: 142 Function Name: NtQueryDebugFilterState
    Status: Not hooked

    #: 143 Function Name: NtQueryDefaultLocale
    Status: Not hooked

    #: 144 Function Name: NtQueryDefaultUILanguage
    Status: Not hooked

    #: 145 Function Name: NtQueryDirectoryFile
    Status: Not hooked

    #: 146 Function Name: NtQueryDirectoryObject
    Status: Not hooked

    #: 147 Function Name: NtQueryEaFile
    Status: Not hooked

    #: 148 Function Name: NtQueryEvent
    Status: Not hooked

    #: 149 Function Name: NtQueryFullAttributesFile
    Status: Not hooked

    #: 150 Function Name: NtQueryInformationAtom
    Status: Not hooked

    #: 151 Function Name: NtQueryInformationFile
    Status: Not hooked

    #: 152 Function Name: NtQueryInformationJobObject
    Status: Not hooked

    #: 153 Function Name: NtQueryInformationPort
    Status: Not hooked

    #: 154 Function Name: NtQueryInformationProcess
    Status: Not hooked

    #: 155 Function Name: NtQueryInformationThread
    Status: Not hooked

    #: 156 Function Name: NtQueryInformationToken
    Status: Not hooked

    #: 157 Function Name: NtQueryInstallUILanguage
    Status: Not hooked

    #: 158 Function Name: NtQueryIntervalProfile
    Status: Not hooked

    #: 159 Function Name: NtQueryIoCompletion
    Status: Not hooked

    #: 160 Function Name: NtQueryKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb1f8e

    #: 161 Function Name: NtQueryMultipleValueKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb1bb6

    #: 162 Function Name: NtQueryMutant
    Status: Not hooked

    #: 163 Function Name: NtQueryObject
    Status: Not hooked

    #: 164 Function Name: NtQueryOpenSubKeys
    Status: Not hooked

    #: 165 Function Name: NtQueryPerformanceCounter
    Status: Not hooked

    #: 166 Function Name: NtQueryQuotaInformationFile
    Status: Not hooked

    #: 167 Function Name: NtQuerySection
    Status: Not hooked

    #: 168 Function Name: NtQuerySecurityObject
    Status: Not hooked

    #: 169 Function Name: NtQuerySemaphore
    Status: Not hooked

    #: 170 Function Name: NtQuerySymbolicLinkObject
    Status: Not hooked

    #: 171 Function Name: NtQuerySystemEnvironmentValue
    Status: Not hooked

    #: 172 Function Name: NtQuerySystemEnvironmentValueEx
    Status: Not hooked

    #: 173 Function Name: NtQuerySystemInformation
    Status: Not hooked

    #: 174 Function Name: NtQuerySystemTime
    Status: Not hooked

    #: 175 Function Name: NtQueryTimer
    Status: Not hooked

    #: 176 Function Name: NtQueryTimerResolution
    Status: Not hooked

    #: 177 Function Name: NtQueryValueKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd176e

    #: 178 Function Name: NtQueryVirtualMemory
    Status: Not hooked

    #: 179 Function Name: NtQueryVolumeInformationFile
    Status: Not hooked

    #: 180 Function Name: NtQueueApcThread
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb5128

    #: 181 Function Name: NtRaiseException
    Status: Not hooked

    #: 182 Function Name: NtRaiseHardError
    Status: Not hooked

    #: 183 Function Name: NtReadFile
    Status: Not hooked

    #: 184 Function Name: NtReadFileScatter
    Status: Not hooked

    #: 185 Function Name: NtReadRequestData
    Status: Not hooked

    #: 186 Function Name: NtReadVirtualMemory
    Status: Not hooked

    #: 187 Function Name: NtRegisterThreadTerminatePort
    Status: Not hooked

    #: 188 Function Name: NtReleaseMutant
    Status: Not hooked

    #: 189 Function Name: NtReleaseSemaphore
    Status: Not hooked

    #: 190 Function Name: NtRemoveIoCompletion
    Status: Not hooked

    #: 191 Function Name: NtRemoveProcessDebug
    Status: Not hooked

    #: 192 Function Name: NtRenameKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb1b34

    #: 193 Function Name: NtReplaceKey
    Status: Hooked by "<unknown>" at address 0xf7bb9c4c

    #: 194 Function Name: NtReplyPort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb409e

    #: 195 Function Name: NtReplyWaitReceivePort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3f64

    #: 196 Function Name: NtReplyWaitReceivePortEx
    Status: Not hooked

    #: 197 Function Name: NtReplyWaitReplyPort
    Status: Not hooked

    #: 198 Function Name: NtRequestDeviceWakeup
    Status: Not hooked

    #: 199 Function Name: NtRequestPort
    Status: Not hooked

    #: 200 Function Name: NtRequestWaitReplyPort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb4c30

    #: 201 Function Name: NtRequestWakeupLatency
    Status: Not hooked

    #: 202 Function Name: NtResetEvent
    Status: Not hooked

    #: 203 Function Name: NtResetWriteWatch
    Status: Not hooked

    #: 204 Function Name: NtRestoreKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd172e

    #: 205 Function Name: NtResumeProcess
    Status: Not hooked

    #: 206 Function Name: NtResumeThread
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb5860

    #: 207 Function Name: NtSaveKey
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb0ec4

    #: 208 Function Name: NtSaveKeyEx
    Status: Not hooked

    #: 209 Function Name: NtSaveMergedKeys
    Status: Not hooked

    #: 210 Function Name: NtSecureConnectPort
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb3312

    #: 211 Function Name: NtSetBootEntryOrder
    Status: Not hooked

    #: 212 Function Name: NtSetBootOptions
    Status: Not hooked

    #: 213 Function Name: NtSetContextThread
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb2984

    #: 214 Function Name: NtSetDebugFilterState
    Status: Not hooked

    #: 215 Function Name: NtSetDefaultHardErrorPort
    Status: Not hooked

    #: 216 Function Name: NtSetDefaultLocale
    Status: Not hooked

    #: 217 Function Name: NtSetDefaultUILanguage
    Status: Not hooked

    #: 218 Function Name: NtSetEaFile
    Status: Not hooked

    #: 219 Function Name: NtSetEvent
    Status: Not hooked

    #: 220 Function Name: NtSetEventBoostPriority
    Status: Not hooked

    #: 221 Function Name: NtSetHighEventPair
    Status: Not hooked

    #: 222 Function Name: NtSetHighWaitLowEventPair
    Status: Not hooked

    #: 223 Function Name: NtSetInformationDebugObject
    Status: Not hooked

    #: 224 Function Name: NtSetInformationFile
    Status: Not hooked

    #: 225 Function Name: NtSetInformationJobObject
    Status: Not hooked

    #: 226 Function Name: NtSetInformationKey
    Status: Not hooked

    #: 227 Function Name: NtSetInformationObject
    Status: Not hooked

    #: 228 Function Name: NtSetInformationProcess
    Status: Not hooked

    #: 229 Function Name: NtSetInformationThread
    Status: Not hooked

    #: 230 Function Name: NtSetInformationToken
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb45f2

    #: 231 Function Name: NtSetIntervalProfile
    Status: Not hooked

    #: 232 Function Name: NtSetIoCompletion
    Status: Not hooked

    #: 233 Function Name: NtSetLdtEntries
    Status: Not hooked

    #: 234 Function Name: NtSetLowEventPair
    Status: Not hooked

    #: 235 Function Name: NtSetLowWaitHighEventPair
    Status: Not hooked

    #: 236 Function Name: NtSetQuotaInformationFile
    Status: Not hooked

    #: 237 Function Name: NtSetSecurityObject
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb4fa0

    #: 238 Function Name: NtSetSystemEnvironmentValue
    Status: Not hooked

    #: 239 Function Name: NtSetSystemEnvironmentValueEx
    Status: Not hooked

    #: 240 Function Name: NtSetSystemInformation
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb54c2

    #: 241 Function Name: NtSetSystemPowerState
    Status: Not hooked

    #: 242 Function Name: NtSetSystemTime
    Status: Not hooked

    #: 243 Function Name: NtSetThreadExecutionState
    Status: Not hooked

    #: 244 Function Name: NtSetTimer
    Status: Not hooked

    #: 245 Function Name: NtSetTimerResolution
    Status: Not hooked

    #: 246 Function Name: NtSetUuidSeed
    Status: Not hooked

    #: 247 Function Name: NtSetValueKey
    Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf2cd18ae

    #: 248 Function Name: NtSetVolumeInformationFile
    Status: Not hooked

    #: 249 Function Name: NtShutdownSystem
    Status: Not hooked

    #: 250 Function Name: NtSignalAndWaitForSingleObject
    Status: Not hooked

    #: 251 Function Name: NtStartProfile
    Status: Not hooked

    #: 252 Function Name: NtStopProfile
    Status: Not hooked

    #: 253 Function Name: NtSuspendProcess
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb55a6

    #: 254 Function Name: NtSuspendThread
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb56d2

    #: 255 Function Name: NtSystemDebugControl
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb4dd2

    #: 256 Function Name: NtTerminateJobObject
    Status: Not hooked

    #: 257 Function Name: NtTerminateProcess
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb26ea

    #: 258 Function Name: NtTerminateThread
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb263c

    #: 259 Function Name: NtTestAlert
    Status: Not hooked

    #: 260 Function Name: NtTraceEvent
    Status: Not hooked

    #: 261 Function Name: NtTranslateFilePath
    Status: Not hooked

    #: 262 Function Name: NtUnloadDriver
    Status: Not hooked

    #: 263 Function Name: NtUnloadKey
    Status: Not hooked

    #: 264 Function Name: NtUnloadKeyEx
    Status: Not hooked

    #: 265 Function Name: NtUnlockFile
    Status: Not hooked

    #: 266 Function Name: NtUnlockVirtualMemory
    Status: Not hooked

    #: 267 Function Name: NtUnmapViewOfSection
    Status: Not hooked

    #: 268 Function Name: NtVdmControl
    Status: Not hooked

    #: 269 Function Name: NtWaitForDebugEvent
    Status: Not hooked

    #: 270 Function Name: NtWaitForMultipleObjects
    Status: Not hooked

    #: 271 Function Name: NtWaitForSingleObject
    Status: Not hooked

    #: 272 Function Name: NtWaitHighEventPair
    Status: Not hooked

    #: 273 Function Name: NtWaitLowEventPair
    Status: Not hooked

    #: 274 Function Name: NtWriteFile
    Status: Not hooked

    #: 275 Function Name: NtWriteFileGather
    Status: Not hooked

    #: 276 Function Name: NtWriteRequestData
    Status: Not hooked

    #: 277 Function Name: NtWriteVirtualMemory
    Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xf2fb27c8

    #: 278 Function Name: NtYieldExecution
    Status: Not hooked

    #: 279 Function Name: NtCreateKeyedEvent
    Status: Not hooked

    #: 280 Function Name: NtOpenKeyedEvent
    Status: Not hooked

    #: 281 Function Name: NtReleaseKeyedEvent
    Status: Not hooked

    #: 282 Function Name: NtWaitForKeyedEvent
    Status: Not hooked

    #: 283 Function Name: NtQueryPortInformationProcess
    Status: Not hooked

    Processes
    -------------------
    Path: System
    PID: 4 Status: -

    Path: C:\WINDOWS\system32\spoolsv.exe
    PID: 440 Status: -

    Path: C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PID: 532 Status: -

    Path: C:\Program Files\Bonjour\mDNSResponder.exe
    PID: 612 Status: -

    Path: C:\Program Files\iPod\bin\iPodService.exe
    PID: 672 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 692 Status: -

    Path: C:\Program Files\Java\jre6\bin\jqs.exe
    PID: 768 Status: -

    Path: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PID: 796 Status: -

    Path: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PID: 820 Status: -

    Path: C:\Program Files\iTunes\iTunesHelper.exe
    PID: 824 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 892 Status: -

    Path: C:\WINDOWS\system32\smss.exe
    PID: 904 Status: -

    Path: C:\WINDOWS\system32\csrss.exe
    PID: 976 Status: -

    Path: C:\WINDOWS\system32\winlogon.exe
    PID: 1000 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1012 Status: -

    Path: C:\WINDOWS\system32\services.exe
    PID: 1052 Status: -

    Path: C:\WINDOWS\system32\lsass.exe
    PID: 1064 Status: -

    Path: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    PID: 1240 Status: -

    Path: C:\WINDOWS\system32\nvsvc32.exe
    PID: 1276 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1312 Status: -

    Path: C:\WINDOWS\ehome\ehSched.exe
    PID: 1348 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1388 Status: -

    Path: C:\WINDOWS\system32\ctfmon.exe
    PID: 1456 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1492 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1540 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1608 Status: -

    Path: C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PID: 1672 Status: -

    Path: C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    PID: 1696 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 1720 Status: -

    Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    PID: 1904 Status: -

    Path: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    PID: 1928 Status: -

    Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
    PID: 1988 Status: -

    Path: C:\WINDOWS\ehome\RMSvc.exe
    PID: 2104 Status: -

    Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    PID: 2132 Status: -

    Path: C:\WINDOWS\system32\wbem\wmiprvse.exe
    PID: 2228 Status: -

    Path: C:\WINDOWS\system32\slserv.exe
    PID: 2320 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 2504 Status: -

    Path: C:\WINDOWS\system32\alg.exe
    PID: 2532 Status: -

    Path: C:\Documents and Settings\user\Desktop\RootRepeal.exe
    PID: 2536 Status: -

    Path: C:\WINDOWS\system32\svchost.exe
    PID: 2596 Status: -

    Path: C:\WINDOWS\explorer.exe
    PID: 2696 Status: -

    Path: C:\WINDOWS\ehome\McrdSvc.exe
    PID: 2844 Status: -

    Path: C:\Program Files\Windows Media Player\wmpnetwk.exe
    PID: 3080 Status: -

    Path: C:\Program Files\Internet Explorer\iexplore.exe
    PID: 3116 Status: -

    Path: C:\WINDOWS\system32\dllhost.exe
    PID: 3132 Status: -

    Path: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    PID: 3432 Status: -

    Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    PID: 3776 Status: -

    Path: C:\WINDOWS\system32\wbem\unsecapp.exe
    PID: 4036 Status: -
    ROOTREPEAL (c) AD, 2007-2009
    ==================================================
    Scan Start Time: 2010/05/16 23:08
    Program Version: Version 1.3.5.0
    Windows Version: Windows XP Media Center Edition SP3
    ==================================================

    Hidden/Locked Files
    -------------------
    Path: c:\documents and settings\all users\application data\avira\antivir desktop\temp\avguard.tmp
    Status: Allocation size mismatch (API: 33636352, Raw: 34537472)

    Path: C:\Documents and Settings\Dr Who\Local Settings\Apps\2.0\8OZGD2AN.H0P\A8W1OWT7.ERD\manifests\clickonce_bootstrap.exe.manifest
    Status: Locked to the Windows API!
    ROOTREPEAL (c) AD, 2007-2009
    ==================================================
    Scan Start Time: 2010/05/16 23:09
    Program Version: Version 1.3.5.0
    Windows Version: Windows XP Media Center Edition SP3
    ==================================================

    Drivers
    -------------------
    Name: 1394BUS.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
    Address: 0xF75FB000 Size: 57344 File Visible: - Signed: -
    Status: -

    Name: 3xHybrid.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
    Address: 0xF5795000 Size: 710144 File Visible: - Signed: -
    Status: -

    Name: Aavmker4.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
    Address: 0xF78DB000 Size: 19520 File Visible: - Signed: -
    Status: -

    Name: ACPI.sys
    Image Path: ACPI.sys
    Address: 0xF74AC000 Size: 187776 File Visible: - Signed: -
    Status: -

    Name: ACPI_HAL
    Image Path: \Driver\ACPI_HAL
    Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
    Status: -

    Name: adfs.SYS
    Image Path: C:\WINDOWS\System32\Drivers\adfs.SYS
    Address: 0xB81A7000 Size: 67840 File Visible: - Signed: -
    Status: -

    Name: afd.sys
    Image Path: C:\WINDOWS\System32\drivers\afd.sys
    Address: 0xF2DA7000 Size: 138496 File Visible: - Signed: -
    Status: -

    Name: arp1394.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
    Address: 0xF781B000 Size: 60800 File Visible: - Signed: -
    Status: -

    Name: aswFsBlk.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
    Address: 0xF790B000 Size: 32768 File Visible: - Signed: -
    Status: -

    Name: aswMon2.SYS
    Image Path: C:\WINDOWS\System32\Drivers\aswMon2.SYS
    Address: 0xB8375000 Size: 87424 File Visible: - Signed: -
    Status: -

    Name: aswRdr.SYS
    Image Path: C:\WINDOWS\System32\Drivers\aswRdr.SYS
    Address: 0xB7097000 Size: 15104 File Visible: - Signed: -
    Status: -

    Name: aswSP.SYS
    Image Path: C:\WINDOWS\System32\Drivers\aswSP.SYS
    Address: 0xF2CC9000 Size: 135168 File Visible: - Signed: -
    Status: -

    Name: aswTdi.SYS
    Image Path: C:\WINDOWS\System32\Drivers\aswTdi.SYS
    Address: 0xF77EB000 Size: 39104 File Visible: - Signed: -
    Status: -

    Name: atapi.sys
    Image Path: atapi.sys
    Address: 0xF743E000 Size: 96512 File Visible: - Signed: -
    Status: -

    Name: ATMFD.DLL
    Image Path: C:\WINDOWS\System32\ATMFD.DLL
    Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
    Status: -

    Name: audstub.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
    Address: 0xF7D23000 Size: 3072 File Visible: - Signed: -
    Status: -

    Name: avgio.sys
    Image Path: C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    Address: 0xF7B51000 Size: 6144 File Visible: - Signed: -
    Status: -

    Name: avgntflt.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\avgntflt.sys
    Address: 0xB86AB000 Size: 86016 File Visible: - Signed: -
    Status: -

    Name: avipbb.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\avipbb.sys
    Address: 0xF2CEA000 Size: 139264 File Visible: - Signed: -
    Status: -

    Name: BdaSup.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\BdaSup.SYS
    Address: 0xF6DCA000 Size: 12288 File Visible: - Signed: -
    Status: -

    Name: Beep.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
    Address: 0xF7B49000 Size: 4224 File Visible: - Signed: -
    Status: -

    Name: BOOTVID.dll
    Image Path: C:\WINDOWS\system32\BOOTVID.dll
    Address: 0xF79EB000 Size: 12288 File Visible: - Signed: -
    Status: -

    Name: Cdr4_xp.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS
    Address: 0xF7D02000 Size: 2432 File Visible: - Signed: -
    Status: -

    Name: Cdralw2k.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Cdralw2k.SYS
    Address: 0xF7D03000 Size: 2560 File Visible: - Signed: -
    Status: -

    Name: cdrom.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
    Address: 0xF77BB000 Size: 62976 File Visible: - Signed: -
    Status: -

    Name: CLASSPNP.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    Address: 0xF763B000 Size: 53248 File Visible: - Signed: -
    Status: -

    Name: disk.sys
    Image Path: disk.sys
    Address: 0xF762B000 Size: 36352 File Visible: - Signed: -
    Status: -

    Name: dmio.sys
    Image Path: dmio.sys
    Address: 0xF7456000 Size: 153344 File Visible: - Signed: -
    Status: -

    Name: dmload.sys
    Image Path: dmload.sys
    Address: 0xF7AE1000 Size: 5888 File Visible: - Signed: -
    Status: -

    Name: drmk.sys
    Image Path: C:\WINDOWS\system32\drivers\drmk.sys
    Address: 0xF60C2000 Size: 61440 File Visible: - Signed: -
    Status: -

    Name: dump_atapi.sys
    Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
    Address: 0xF2CB1000 Size: 98304 File Visible: No Signed: -
    Status: -

    Name: dump_WMILIB.SYS
    Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
    Address: 0xF7B53000 Size: 8192 File Visible: No Signed: -
    Status: -

    Name: Dxapi.sys
    Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
    Address: 0xF2FF5000 Size: 12288 File Visible: - Signed: -
    Status: -

    Name: dxg.sys
    Image Path: C:\WINDOWS\System32\drivers\dxg.sys
    Address: 0xBD000000 Size: 73728 File Visible: - Signed: -
    Status: -

    Name: dxgthk.sys
    Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
    Address: 0xF7BFB000 Size: 4096 File Visible: - Signed: -
    Status: -

    Name: fdc.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys
    Address: 0xF79B3000 Size: 27392 File Visible: - Signed: -
    Status: -

    Name: Fips.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
    Address: 0xF76BB000 Size: 44544 File Visible: - Signed: -
    Status: -

    Name: flpydisk.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    Address: 0xF7893000 Size: 20480 File Visible: - Signed: -
    Status: -

    Name: fltmgr.sys
    Image Path: fltmgr.sys
    Address: 0xF741E000 Size: 129792 File Visible: - Signed: -
    Status: -

    Name: Fs_Rec.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
    Address: 0xF7B47000 Size: 7936 File Visible: - Signed: -
    Status: -

    Name: ftdisk.sys
    Image Path: ftdisk.sys
    Address: 0xF747C000 Size: 125056 File Visible: - Signed: -
    Status: -

    Name: hal.dll
    Image Path: C:\WINDOWS\system32\hal.dll
    Address: 0x806E4000 Size: 134400 File Visible: - Signed: -
    Status: -

    Name: HDAudBus.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    Address: 0xF5867000 Size: 163840 File Visible: - Signed: -
    Status: -

    Name: HIDCLASS.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
    Address: 0xF77DB000 Size: 36864 File Visible: - Signed: -
    Status: -

    Name: hidir.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\hidir.sys
    Address: 0xF78EB000 Size: 19200 File Visible: - Signed: -
    Status: -

    Name: HIDPARSE.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
    Address: 0xF789B000 Size: 28672 File Visible: - Signed: -
    Status: -

    Name: hidusb.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
    Address: 0xF7A9F000 Size: 10368 File Visible: - Signed: -
    Status: -

    Name: HTTP.sys
    Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
    Address: 0xB7F86000 Size: 265728 File Visible: - Signed: -
    Status: -

    Name: i8042prt.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    Address: 0xF76AB000 Size: 52480 File Visible: - Signed: -
    Status: -

    Name: intelide.sys
    Image Path: intelide.sys
    Address: 0xF7ADF000 Size: 5504 File Visible: - Signed: -
    Status: -

    Name: intelppm.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
    Address: 0xF784B000 Size: 36352 File Visible: - Signed: -
    Status: -

    Name: ipnat.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
    Address: 0xF2EB9000 Size: 152832 File Visible: - Signed: -
    Status: -

    Name: ipsec.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
    Address: 0xF2F60000 Size: 75264 File Visible: - Signed: -
    Status: -

    Name: IrBus.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\IrBus.sys
    Address: 0xF77CB000 Size: 46592 File Visible: - Signed: -
    Status: -

    Name: isapnp.sys
    Image Path: isapnp.sys
    Address: 0xF75DB000 Size: 37248 File Visible: - Signed: -
    Status: -

    Name: kbdclass.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    Address: 0xF79BB000 Size: 24576 File Visible: - Signed: -
    Status: -

    Name: kbdhid.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    Address: 0xF555B000 Size: 14592 File Visible: - Signed: -
    Status: -

    Name: KDCOM.DLL
    Image Path: C:\WINDOWS\system32\KDCOM.DLL
    Address: 0xF7ADB000 Size: 8192 File Visible: - Signed: -
    Status: -

    Name: kl1.sys
    Image Path: kl1.sys
    Address: 0xF6DEE000 Size: 5373952 File Visible: - Signed: -
    Status: -

    Name: klbg.sys
    Image Path: klbg.sys
    Address: 0xF764B000 Size: 45056 File Visible: - Signed: -
    Status: -

    Name: klif.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\klif.sys
    Address: 0xF2F93000 Size: 319488 File Visible: - Signed: -
    Status: -

    Name: klim5.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\klim5.sys
    Address: 0xF76CB000 Size: 40960 File Visible: - Signed: -
    Status: -

    Name: klmouflt.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\klmouflt.sys
    Address: 0xF6082000 Size: 36864 File Visible: - Signed: -
    Status: -

    Name: kmixer.sys
    Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
    Address: 0xB6622000 Size: 172416 File Visible: - Signed: -
    Status: -

    Name: ks.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
    Address: 0xF5772000 Size: 143360 File Visible: - Signed: -
    Status: -

    Name: KSecDD.sys
    Image Path: KSecDD.sys
    Address: 0xF73F5000 Size: 92928 File Visible: - Signed: -
    Status: -

    Name: Lbd.sys
    Image Path: Lbd.sys
    Address: 0xF765B000 Size: 57600 File Visible: - Signed: -
    Status: -

    Name: LBeepKE.sys
    Image Path: C:\WINDOWS\System32\Drivers\LBeepKE.sys
    Address: 0xF7C83000 Size: 3712 File Visible: - Signed: -
    Status: -

    Name: mnmdd.SYS
    Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
    Address: 0xF7B4B000 Size: 4224 File Visible: - Signed: -
    Status: -

    Name: mouclass.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
    Address: 0xF79D3000 Size: 23040 File Visible: - Signed: -
    Status: -

    Name: mouhid.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys
    Address: 0xF555F000 Size: 12160 File Visible: - Signed: -
    Status: -

    Name: MountMgr.sys
    Image Path: MountMgr.sys
    Address: 0xF760B000 Size: 42368 File Visible: - Signed: -
    Status: -

    Name: mrxdav.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    Address: 0xB81E0000 Size: 180608 File Visible: - Signed: -
    Status: -

    Name: mrxsmb.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    Address: 0xF2D0C000 Size: 455680 File Visible: - Signed: -
    Status: -

    Name: Msfs.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
    Address: 0xF78B3000 Size: 19072 File Visible: - Signed: -
    Status: -

    Name: msgpc.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
    Address: 0xF770B000 Size: 35072 File Visible: - Signed: -
    Status: -

    Name: mssmbios.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    Address: 0xF6DAA000 Size: 15488 File Visible: - Signed: -
    Status: -

    Name: Mup.sys
    Image Path: Mup.sys
    Address: 0xF730E000 Size: 105344 File Visible: - Signed: -
    Status: -

    Name: NDIS.sys
    Image Path: NDIS.sys
    Address: 0xF7328000 Size: 182656 File Visible: - Signed: -
    Status: -

    Name: ndistapi.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    Address: 0xF6DBE000 Size: 10112 File Visible: - Signed: -
    Status: -

    Name: ndisuio.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    Address: 0xB85EF000 Size: 14592 File Visible: - Signed: -
    Status: -

    Name: ndiswan.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    Address: 0xF5732000 Size: 91520 File Visible: - Signed: -
    Status: -

    Name: NDProxy.SYS
    Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
    Address: 0xF60E2000 Size: 40576 File Visible: - Signed: -
    Status: -

    Name: netbios.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
    Address: 0xF780B000 Size: 34688 File Visible: - Signed: -
    Status: -

    Name: netbt.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
    Address: 0xF2E91000 Size: 162816 File Visible: - Signed: -
    Status: -

    Name: nic1394.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
    Address: 0xF768B000 Size: 61824 File Visible: - Signed: -
    Status: -

    Name: Npfs.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
    Address: 0xF78BB000 Size: 30848 File Visible: - Signed: -
    Status: -

    Name: Ntfs.sys
    Image Path: Ntfs.sys
    Address: 0xF7355000 Size: 574976 File Visible: - Signed: -
    Status: -

    Name: ntkrnlpa.exe
    Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
    Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
    Status: -

    Name: Null.SYS
    Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
    Address: 0xF7D04000 Size: 2944 File Visible: - Signed: -
    Status: -

    Name: nv4_disp.dll
    Image Path: C:\WINDOWS\System32\nv4_disp.dll
    Address: 0xBD012000 Size: 5898240 File Visible: - Signed: -
    Status: -

    Name: nv4_mini.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    Address: 0xF58A3000 Size: 8055584 File Visible: - Signed: -
    Status: -

    Name: nvport.sys
    Image Path: C:\WINDOWS\system32\Drivers\nvport.sys
    Address: 0xF78D3000 Size: 28672 File Visible: - Signed: -
    Status: -

    Name: ohci1394.sys
    Image Path: ohci1394.sys
    Address: 0xF75EB000 Size: 61696 File Visible: - Signed: -
    Status: -

    Name: parport.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
    Address: 0xF5749000 Size: 80128 File Visible: - Signed: -
    Status: -

    Name: PartMgr.sys
    Image Path: PartMgr.sys
    Address: 0xF7863000 Size: 19712 File Visible: - Signed: -
    Status: -

    Name: ParVdm.SYS
    Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
    Address: 0xF7AF7000 Size: 6784 File Visible: - Signed: -
    Status: -

    Name: pci.sys
    Image Path: pci.sys
    Address: 0xF749B000 Size: 68224 File Visible: - Signed: -
    Status: -

    Name: pciide.sys
    Image Path: pciide.sys
    Address: 0xF7BA3000 Size: 3328 File Visible: - Signed: -
    Status: -

    Name: PCIIDEX.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    Address: 0xF785B000 Size: 28672 File Visible: - Signed: -
    Status: -

    Name: pcouffin.sys
    Image Path: C:\WINDOWS\System32\Drivers\pcouffin.sys
    Address: 0xF771B000 Size: 47360 File Visible: - Signed: -
    Status: -

    Name: PnpManager
    Image Path: \Driver\PnpManager
    Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
    Status: -

    Name: portcls.sys
    Image Path: C:\WINDOWS\system32\drivers\portcls.sys
    Address: 0xF3052000 Size: 147456 File Visible: - Signed: -
    Status: -

    Name: psched.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
    Address: 0xF5721000 Size: 69120 File Visible: - Signed: -
    Status: -

    Name: ptilink.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
    Address: 0xF79C3000 Size: 17792 File Visible: - Signed: -
    Status: -

    Name: rasacd.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
    Address: 0xF7AA7000 Size: 8832 File Visible: - Signed: -
    Status: -

    Name: rasl2tp.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    Address: 0xF76DB000 Size: 51328 File Visible: - Signed: -
    Status: -

    Name: raspppoe.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    Address: 0xF76EB000 Size: 41472 File Visible: - Signed: -
    Status: -

    Name: raspptp.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
    Address: 0xF76FB000 Size: 48384 File Visible: - Signed: -
    Status: -

    Name: raspti.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
    Address: 0xF79CB000 Size: 16512 File Visible: - Signed: -
    Status: -

    Name: RAW
    Image Path: \FileSystem\RAW
    Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
    Status: -

    Name: rdbss.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
    Address: 0xF2D7C000 Size: 175744 File Visible: - Signed: -
    Status: -

    Name: RDPCDD.sys
    Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
    Address: 0xF7B4D000 Size: 4224 File Visible: - Signed: -
    Status: -

    Name: rdpdr.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    Address: 0xF56F1000 Size: 196224 File Visible: - Signed: -
    Status: -

    Name: RDPWD.SYS
    Image Path: C:\WINDOWS\System32\Drivers\RDPWD.SYS
    Address: 0xB70BF000 Size: 139520 File Visible: - Signed: -
    Status: -

    Name: RecAgent.sys
    Image Path: RecAgent.sys
    Address: 0xF79EF000 Size: 13696 File Visible: - Signed: -
    Status: -

    Name: redbook.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
    Address: 0xF782B000 Size: 57600 File Visible: - Signed: -
    Status: -

    Name: rootrepeal.sys
    Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
    Address: 0xB7551000 Size: 49152 File Visible: No Signed: -
    Status: -

    Name: RtkHDAud.sys
    Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
    Address: 0xF3076000 Size: 4083712 File Visible: - Signed: -
    Status: -

    Name: Rtnicxp.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
    Address: 0xF575D000 Size: 85120 File Visible: - Signed: -
    Status: -

    Name: serenum.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
    Address: 0xF6DC6000 Size: 15744 File Visible: - Signed: -
    Status: -

    Name: serial.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
    Address: 0xF769B000 Size: 64512 File Visible: - Signed: -
    Status: -

    Name: sr.sys
    Image Path: sr.sys
    Address: 0xF740C000 Size: 73472 File Visible: - Signed: -
    Status: -

    Name: srv.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
    Address: 0xB7BD2000 Size: 353792 File Visible: - Signed: -
    Status: -

    Name: ssmdrv.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    Address: 0xF78CB000 Size: 23040 File Visible: - Signed: -
    Status: -

    Name: StarOpen.SYS
    Image Path: C:\WINDOWS\System32\Drivers\StarOpen.SYS
    Address: 0xF78C3000 Size: 24576 File Visible: - Signed: -
    Status: -

    Name: swenum.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
    Address: 0xF7B3B000 Size: 4352 File Visible: - Signed: -
    Status: -

    Name: sysaudio.sys
    Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
    Address: 0xB7FFF000 Size: 60800 File Visible: - Signed: -
    Status: -

    Name: tcpip.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
    Address: 0xF2EDF000 Size: 361600 File Visible: - Signed: -
    Status: -

    Name: TDI.SYS
    Image Path: C:\WINDOWS\system32\drivers\TDI.SYS
    Address: 0xF786B000 Size: 20480 File Visible: - Signed: -
    Status: -

    Name: TDTCP.SYS
    Image Path: C:\WINDOWS\System32\Drivers\TDTCP.SYS
    Address: 0xF795B000 Size: 21760 File Visible: - Signed: -
    Status: -

    Name: termdd.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
    Address: 0xF772B000 Size: 40704 File Visible: - Signed: -
    Status: -

    Name: tmcomm.sys
    Image Path: C:\WINDOWS\system32\drivers\tmcomm.sys
    Address: 0xB7A7A000 Size: 97280 File Visible: - Signed: -
    Status: -

    Name: update.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
    Address: 0xF5693000 Size: 384768 File Visible: - Signed: -
    Status: -

    Name: USBD.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
    Address: 0xF7B41000 Size: 8192 File Visible: - Signed: -
    Status: -

    Name: usbehci.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
    Address: 0xF79AB000 Size: 30208 File Visible: - Signed: -
    Status: -

    Name: usbhub.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
    Address: 0xF60A2000 Size: 59520 File Visible: - Signed: -
    Status: -

    Name: USBPORT.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
    Address: 0xF5843000 Size: 147456 File Visible: - Signed: -
    Status: -

    Name: usbuhci.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    Address: 0xF79A3000 Size: 20608 File Visible: - Signed: -
    Status: -

    Name: vga.sys
    Image Path: C:\WINDOWS\System32\drivers\vga.sys
    Address: 0xF78AB000 Size: 20992 File Visible: - Signed: -
    Status: -

    Name: VIDEOPRT.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
    Address: 0xF588F000 Size: 81920 File Visible: - Signed: -
    Status: -

    Name: VolSnap.sys
    Image Path: VolSnap.sys
    Address: 0xF761B000 Size: 52352 File Visible: - Signed: -
    Status: -

    Name: wanarp.sys
    Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
    Address: 0xF77FB000 Size: 34560 File Visible: - Signed: -
    Status: -

    Name: watchdog.sys
    Image Path: C:\WINDOWS\System32\watchdog.sys
    Address: 0xF78F3000 Size: 20480 File Visible: - Signed: -
    Status: -

    Name: wdmaud.sys
    Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
    Address: 0xB7E59000 Size: 83072 File Visible: - Signed: -
    Status: -

    Name: Win32k
    Image Path: \Driver\Win32k
    Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
    Status: -

    Name: win32k.sys
    Image Path: C:\WINDOWS\System32\win32k.sys
    Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
    Status: -

    Name: WMILIB.SYS
    Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
    Address: 0xF7ADD000 Size: 8192 File Visible: - Signed: -
    Status: -

    Name: WMIxWDM
    Image Path: \Driver\WMIxWDM
    Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
    Status: -

    Name: WudfPf.sys
    Image Path: WudfPf.sys
    Address: 0xF73E2000 Size: 77568 File Visible: - Signed: -
    Status: -



    Logfile of random's system information tool 1.07 (written by random/random)
    Run by user at 2010-05-16 23:17:02
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 7 GB (5%) free of 153 GB
    Total RAM: 1023 MB (32% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:17:14, on 16/05/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17023)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\ehome\RMSvc.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Documents and Settings\user\Desktop\RootRepeal.exe
    C:\Documents and Settings\user\Desktop\RSIT.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - http://www.intercasino.co.uk/?utm_sourc ... paign=home (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - http://www.intercasino.co.uk/?utm_sourc ... paign=home (file missing) (HKCU)
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/sr ... ab_srl.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - http://disney.go.com/pirates/online/tes ... eGames.cab
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1277564285
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - http://www.orderingmemory.com/controls/cpcScanner.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} - http://support.packardbell.com/files/ac ... inder2.CAB
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\ALDI Photo Service\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: TCTNWPT - Unknown owner - C:\DOCUME~1\user\LOCALS~1\Temp\TCTNWPT.exe (file missing)

    --
    End of file - 11975 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Driver Robot.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\ParetoLogic Registration.job
    C:\WINDOWS\tasks\ParetoLogic Update Version2.job
    C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
    C:\WINDOWS\tasks\Uniblue SpyEraser.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0BF43445-2F28-4351-9252-17FE6E806AA0}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-28 278128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\14643754]
    C:\Documents and Settings\All Users\Application Data\14643754\14643754.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
    C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2010-02-27 611712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
    C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadbandadvisor.exe]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
    C:\Program Files\CCleaner\CCleaner.exe [2010-04-23 1668920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2008-07-11 423200]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCure]
    C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
    C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.3]
    C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe /R []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
    C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
    C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
    C:\Program Files\Kontiki\KHost.exe [2008-02-27 1032376]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
    C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-03 91440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
    C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
    C:\Program Files\Napster\napster.exe [2009-09-30 323280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCguard]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDUiP6220DMon]
    C:\Program Files\Canon\Memory Card Utility\iP6220D\PDUiP6220DMon.exe [2005-05-06 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
    C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
    C:\Program Files\Spyware Doctor\SDTrayApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2007-02-05 476728]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-28 39408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
    C:\Program Files\ThreatFire\TFTray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-01-01 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tucan]
    C:\DOCUME~1\user\LOCALS~1\Temp\Temporary Directory 1 for AntiRootkit[1].zip\PAVARK.exe /Monitor []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherDPA]
    C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe -auto []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    C:\Program Files\Windows Defender\MSASCui.exe -hide []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Updates]
    c:\windows\system\Update.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^eFax 4.3.lnk]
    C:\PROGRA~1\EFAXME~1.3\J2GTray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Extender Resource Monitor.lnk]
    C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 18432]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-06-03 91440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2009-02-19 809488]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ulead Photo Express 3.0 SE Calendar Checker.lnk]
    C:\PROGRA~1\ULEADS~1\ULEADP~1.0SE\CalCheck.exe [1999-06-15 61440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Watch.lnk]
    C:\PROGRA~1\MUSTEK~1\Driver\WATCH.exe [2001-11-23 364544]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ZDWLan Utility.lnk]
    C:\PROGRA~1\ZYDAST~1\ZYDAS_~1.11G\ZDWlan.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^GameSpot Download Manager.lnk]
    C:\Program Files\GameSpot\GameSpotDownloadManager_Win32.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^Logitech Touch Mouse Server.lnk]
    C:\DOCUME~1\MRBURN~1\MYDOCU~1\DOWNLO~1\LOGITE~1\ITOUCH~1.EXE [2009-10-23 228352]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
    C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Loz^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
    C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Loz^Start Menu^Programs^Startup^Trailer Room.lnk]
    C:\DOCUME~1\Loz\APPLIC~1\TRAILE~1\Player.exe [2008-02-11 1022664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mr Burns^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
    C:\PROGRA~1\BBCIPL~1\BBCIPL~1.EXE [2010-04-30 95232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
    C:\PROGRA~1\ERUNT\AUTOBACK.EXE C:\WINDOWS\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^SpywareGuard.lnk]
    C:\PROGRA~1\SPYWAR~2\sgmain.exe [2003-08-29 360448]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "PACSPTISVR"=3
    "NBService"=3
    "MSCSPTISRV"=3
    "KService"=2
    "IDriverT"=3
    "dvpapi"=2
    "SPTISRV"=3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-02-19 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:MSI starter"
    "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\WINDOWS\kdx\KHost.exe"="C:\WINDOWS\kdx\KHost.exe:*:Enabled:Delivery Manager"
    "C:\Program Files\KService\KService.exe"="C:\Program Files\KService\KService.exe:*:Enabled:Delivery Manager Service"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\WINDOWS\ehome\ehshell.exe"="C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
    "C:\Program Files\Kontiki\KService.exe"="C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service"
    "C:\Documents and Settings\Loz\Local Settings\temp\ImInstaller\incredimail_installer.exe"="C:\Documents and Settings\Loz\Local Settings\temp\ImInstaller\incredimail_installer.exe:*:Enabled:IncrediMail Installer"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Disabled:Microsoft DirectX Diagnostic Tool"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Disabled:Azureus"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server"
    "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
    "C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
    "C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe"="C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech"
    "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
    "C:\Microgaming\Casino\GoldenTiger\casinogame.exe"="C:\Microgaming\Casino\GoldenTiger\casinogame.exe:*:Enabled:Game Launcher"
    "C:\Documents and Settings\Dr Who\Local Settings\temp\iTouch-Server-Win.exe"="C:\Documents and Settings\Dr Who\Local Settings\temp\iTouch-Server-Win.exe:*:Enabled:Logitech"
    "C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\iTouch-Server-Win.exe"="C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech"
    "C:\Program Files\InterCasinoEnglishGBP\Casino.exe"="C:\Program Files\InterCasinoEnglishGBP\Casino.exe:*:Enabled:Casino"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    ======File associations======

    .js - open - NOTEPAD.EXE %1
    .vbs - open - NOTEPAD.EXE %1

    ======List of files/folders created in the last 1 months======

    2010-05-16 23:17:02 ----DC---- C:\rsit
    2010-05-16 22:44:28 ----D---- C:\Documents and Settings\user\Application Data\AVS4YOU
    2010-05-16 21:04:07 ----D---- C:\Program Files\QuickTime
    2010-05-15 15:34:11 ----A---- C:\WINDOWS\system32\lsdelete.exe
    2010-05-15 12:58:34 ----D---- C:\Documents and Settings\user\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2010-05-14 22:52:37 ----D---- C:\Program Files\iPod
    2010-05-14 22:52:19 ----D---- C:\Program Files\iTunes
    2010-05-14 22:40:37 ----D---- C:\Program Files\Bonjour
    2010-05-13 23:19:17 ----HDC---- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-05-13 21:59:59 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2010-05-13 21:59:57 ----D---- C:\Program Files\Alwil Software
    2010-05-13 21:58:22 ----DC---- C:\Deckard
    2010-05-13 21:50:30 ----D---- C:\Documents and Settings\user\Application Data\Avira
    2010-05-13 21:21:28 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira
    2010-05-13 21:21:28 ----D---- C:\Program Files\Avira
    2010-05-13 05:01:35 ----D---- C:\WINDOWS\system32\MpEngineStore
    2010-05-12 21:44:05 ----A---- C:\WINDOWS\system32\MRT.INI
    2010-05-12 21:39:52 ----AC---- C:\mbam-error.txt
    2010-05-12 21:22:54 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
    2010-05-12 21:18:24 ----D---- C:\Program Files\Common Files\Roxio Shared
    2010-05-12 21:16:49 ----D---- C:\Program Files\CasinoOnNet
    2010-05-12 21:16:49 ----D---- C:\Documents and Settings\user\Application Data\CasinoOnNet
    2010-05-12 21:15:56 ----D---- C:\Program Files\AnvSoft
    2010-05-12 21:15:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
    2010-05-12 21:13:49 ----D---- C:\Program Files\VeryPDF Image2PDF v3.2
    2010-05-11 21:33:19 ----D---- C:\Documents and Settings\user\Application Data\Radialpoint
    2010-05-11 21:33:16 ----D---- C:\Documents and Settings\user\Application Data\Virgin Media
    2010-05-11 21:32:57 ----DC---- C:\Documents and Settings\All Users\Application Data\Radialpoint
    2010-05-11 21:32:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Virgin Media
    2010-05-11 21:32:53 ----D---- C:\Program Files\Virgin Media
    2010-05-04 17:53:57 ----D---- C:\Program Files\iPod(2)
    2010-05-04 17:53:27 ----DC---- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-05-04 17:53:27 ----D---- C:\Program Files\iTunes(2)
    2010-05-04 17:36:24 ----D---- C:\Program Files\Bonjour(2)
    2010-05-03 18:11:24 ----D---- C:\Documents and Settings\user\Application Data\dvdcss
    2010-05-01 00:30:52 ----A---- C:\WINDOWS\system32\post.txt
    2010-04-30 17:48:17 ----D---- C:\Program Files\BBC iPlayer Desktop
    2010-04-27 17:15:05 ----D---- C:\WINDOWS\winmain32

    ======List of files/folders modified in the last 1 months======

    2010-05-16 22:44:24 ----D---- C:\WINDOWS\system32\drivers
    2010-05-16 22:40:59 ----D---- C:\WINDOWS\Prefetch
    2010-05-16 22:17:36 ----D---- C:\WINDOWS\TEMP
    2010-05-16 22:14:36 ----D---- C:\WINDOWS\Registration
    2010-05-16 22:13:46 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-05-16 22:13:20 ----D---- C:\WINDOWS
    2010-05-16 22:11:35 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-05-16 21:09:33 ----SHD---- C:\WINDOWS\Installer
    2010-05-16 21:09:33 ----HDC---- C:\Config.Msi
    2010-05-16 21:04:07 ----RSHD---- C:\WINDOWS\system32
    2010-05-16 21:04:07 ----RD---- C:\Program Files
    2010-05-16 17:56:30 ----D---- C:\Program Files\Adobe
    2010-05-16 17:44:47 ----RSD---- C:\WINDOWS\assembly
    2010-05-16 17:43:42 ----D---- C:\Program Files\OpenOffice.org 2.0
    2010-05-16 17:41:21 ----DC---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2010-05-16 17:41:21 ----D---- C:\Program Files\Sony
    2010-05-16 17:39:38 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
    2010-05-16 17:27:51 ----SHC---- C:\boot.ini
    2010-05-16 17:27:51 ----AC---- C:\WINDOWS\system.ini
    2010-05-16 17:27:51 ----A---- C:\WINDOWS\win.ini
    2010-05-16 17:27:50 ----D---- C:\WINDOWS\pss
    2010-05-16 12:27:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2010-05-15 21:55:05 ----D---- C:\WINDOWS\system32\LogFiles
    2010-05-15 16:26:01 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe
    2010-05-15 16:08:57 ----D---- C:\Documents and Settings\user\Application Data\OpenOffice.org2
    2010-05-15 16:05:17 ----D---- C:\Program Files\Common Files
    2010-05-15 16:05:15 ----D---- C:\Program Files\SUPERAntiSpyware
    2010-05-15 16:04:53 ----D---- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
    2010-05-15 16:00:44 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
    2010-05-15 08:42:46 ----HD---- C:\WINDOWS\inf
    2010-05-14 22:52:36 ----D---- C:\Program Files\Common Files\Apple
    2010-05-14 22:45:43 ----SD---- C:\WINDOWS\Tasks
    2010-05-14 22:45:39 ----D---- C:\Program Files\Apple Software Update
    2010-05-14 22:43:19 ----D---- C:\WINDOWS\system32\CatRoot
    2010-05-14 22:41:25 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2010-05-14 22:01:40 ----D---- C:\WINDOWS\Minidump
    2010-05-14 18:07:58 ----A---- C:\WINDOWS\NeroDigital.ini
    2010-05-13 23:19:33 ----D---- C:\Program Files\Lavasoft
    2010-05-13 23:18:30 ----D---- C:\WINDOWS\WinSxS
    2010-05-13 22:58:38 ----D---- C:\Program Files\AVS4YOU
    2010-05-13 22:56:19 ----D---- C:\Documents and Settings\user\Application Data\Sony
    2010-05-13 22:48:02 ----D---- C:\WINDOWS\Debug
    2010-05-13 22:42:59 ----DC---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2010-05-13 22:42:09 ----D---- C:\Program Files\freestar
    2010-05-13 22:40:21 ----D---- C:\Program Files\DivX
    2010-05-13 22:40:11 ----DC---- C:\clickpix
    2010-05-13 22:37:36 ----D---- C:\Program Files\YouTube Downloader
    2010-05-13 21:46:45 ----D---- C:\Program Files\Yahoo!
    2010-05-13 20:58:20 ----D---- C:\Program Files\DVDVideoSoft
    2010-05-13 20:58:17 ----D---- C:\Program Files\Common Files\DVDVideoSoft
    2010-05-13 20:57:42 ----DC---- C:\Casino
    2010-05-13 20:54:48 ----D---- C:\Program Files\Common Files\Akamai
    2010-05-13 03:35:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2010-05-12 21:39:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-05-12 21:39:30 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2010-05-12 21:38:40 ----D---- C:\Program Files\Outlook Express
    2010-05-12 21:24:48 ----D---- C:\WINDOWS\system32\config
    2010-05-12 21:24:00 ----D---- C:\WINDOWS\system32\wbem
    2010-05-12 21:22:58 ----D---- C:\Program Files\Mozilla Firefox
    2010-05-12 21:20:20 ----DC---- C:\Documents and Settings
    2010-05-12 21:18:23 ----D---- C:\Program Files\Common Files\Napster Shared
    2010-05-12 21:18:22 ----D---- C:\Program Files\Napster
    2010-05-12 21:15:06 ----D---- C:\Program Files\AudioCommander
    2010-05-11 23:10:08 ----HD---- C:\WINDOWS\$hf_mig$
    2010-05-11 23:07:15 ----D---- C:\Program Files\Sony Ericsson
    2010-05-11 22:52:47 ----D---- C:\Program Files\Canon
    2010-05-11 22:35:14 ----DC---- C:\Documents and Settings\All Users\Application Data\DriverCure
    2010-05-11 22:29:34 ----D---- C:\Program Files\Datel
    2010-05-03 11:58:59 ----D---- C:\WINDOWS\ehome
    2010-05-02 16:04:22 ----D---- C:\Program Files\CCleaner
    2010-04-30 19:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
    2010-04-28 18:15:48 ----D---- C:\Program Files\Google
    2010-04-27 21:04:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2010-04-27 21:04:22 ----D---- C:\Program Files\Online Services
    2010-04-27 21:03:47 ----D---- C:\WINDOWS\system32\inetsrv
    2010-04-27 20:38:03 ----D---- C:\WINDOWS\system32\appmgmt
    2010-04-27 17:15:07 ----RSD---- C:\WINDOWS\Fonts
    2010-04-21 17:29:38 ----SHDC---- C:\RECYCLER
    2010-04-17 18:52:54 ----HDC---- C:\LG3G
    2010-04-17 18:15:12 ----D---- C:\Program Files\RocketDock
    2010-04-17 09:30:28 ----A---- C:\WINDOWS\ModemLog_LGE Mobile USB Modem.txt
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 16th, 2010, 6:31 pm

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
    R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-03-12 9072]
    R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-03-12 9200]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-09-05 296976]
    R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-09-30 5632]
    R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2010-02-27 73312]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
    R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-05-03 710144]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
    R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
    R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-09-16 47360]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S2 CSS DVP;CSS DVP; C:\WINDOWS\system32\DRIVERS\css-dvp.sys []
    S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
    S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
    S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
    S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-24 13224]
    S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-24 25512]
    S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2003-02-18 17504]
    S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2007-01-20 55216]
    S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2007-01-20 6576]
    S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2007-01-20 89872]
    S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2007-01-20 81728]
    S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2007-01-20 79488]
    S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
    S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2006-07-19 55936]
    S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    S3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136]
    S3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-07-19 36736]
    S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2006-07-19 71936]
    S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
    S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
    S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
    S3 QWAVEDRV;QWAVE driver; C:\WINDOWS\system32\DRIVERS\qwavedrv.sys [2005-10-20 14336]
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 rootrepeal;rootrepeal; \??\C:\WINDOWS\system32\drivers\rootrepeal.sys []
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
    S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
    S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
    S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
    S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
    S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
    S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
    S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
    S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
    S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
    S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
    S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
    S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
    S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
    S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
    S3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-16 41472]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbcm;USB Cable Modem 351000 NDIS Driver; C:\WINDOWS\system32\DRIVERS\usbcm.sys [2002-04-11 13335]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
    S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
    S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
    S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
    S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
    S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
    S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-13 1291544]
    R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\McrdSvc.exe [2005-10-20 96256]
    R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
    R2 RMSvc;Media Center Extender Resource Monitor; C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 28160]
    R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
    R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-16 135664]
    S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\ALDI Photo Service\Common\Database\bin\fbserver.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-25 867080]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-28 182768]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-02-19 121360]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 QWAVE;QWAVE service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 TCTNWPT;TCTNWPT; C:\DOCUME~1\user\LOCALS~1\Temp\TCTNWPT.exe []
    S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S4 KService;KService; C:\Program Files\Kontiki\KService.exe [2008-02-27 3072184]
    S4 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
    S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
    S4 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
    S4 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.06 2010-05-16 23:17:20










    ======Uninstall list======

    Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
    Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
    Adobe Flash CS4 Professional-->C:\Program Files\Common Files\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
    Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
    Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
    Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
    Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Reader 9.3.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    Any Video Converter 3.0.3-->"C:\Program Files\AnvSoft\Any Video Converter\unins000.exe"
    Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
    Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
    Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
    AudioCommander-->"C:\Documents and Settings\All Users\Application Data\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}\setup_ac.exe" REMOVE=TRUE MODIFY=FALSE
    AudioCommander-->C:\Documents and Settings\All Users\Application Data\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}\setup_ac.exe
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AVS Audio Converter version 6.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter6\unins000.exe"
    BBC iPlayer Desktop-->msiexec /qb /x {78225D0F-D12C-09E4-5D6D-A64D763E8982}
    BBC iPlayer Desktop-->MsiExec.exe /I{78225D0F-D12C-09E4-5D6D-A64D763E8982}
    Bonjour-->MsiExec.exe /X{8A253629-0511-4854-8B4E-46E57E66005C}
    Casino-On-Net-->C:\PROGRA~1\CASINO~1\UNWISE.EXE C:\PROGRA~1\CASINO~1\INSTALL.LOG
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    Coupon Printer-->"C:\Program Files\Coupon Printer\uninstall.exe" "/U:C:\Program Files\Coupon Printer\Uninstall\uninstall.xml"
    Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_5DE58217305E9793.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HijackThis 2.0.2-->"C:\PROGRA~1\TRENDM~1\HIJACK~1\HijackThis.exe" /uninstall
    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
    iTunes-->MsiExec.exe /I{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Logitech Touch Mouse Server 1.0-->C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\uninst.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Office Publisher 2007-->MsiExec.exe /X{91120000-0019-0000-0000-0000000FF1CE}
    Microsoft Office Standard 2007-->MsiExec.exe /X{91120000-0012-0000-0000-0000000FF1CE}
    Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Napster-->C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe -runfromtemp -l0x0009 -removeonly
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
    QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
    Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    William Hill CASINO CLUB-->"C:\Casino\William Hill CASINO CLUB\_SetupCasino.exe_27f3_en[1].exe" /uninstall
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    XPort 360-->"C:\Program Files\Datel\XPort 360\unins000.exe"

    =====HijackThis Backups=====

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2007-09-13]
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2007-09-13]
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/ac ... acking.cab [2007-09-13]
    O16 - DPF: {3B5E9B23-7537-4601-A9E8-FA0D956DEA16} (csauie1 Control) - http://www.couponreport.net/ftp/v3123/csauie1.cab [2007-09-13]
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ ... oupons.cab [2007-09-13]
    O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.asda-photo.co.uk/wpp/asda/ap ... loader.cab [2007-09-13]

    ======Hosts File======

    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com

    ======Security center information======

    AV: ThreatFire
    AV: AntiVir Desktop
    AV: avast! antivirus 4.8.1368 [VPS 100516-1]
    AV: Kaspersky Internet Security (disabled) (outdated)
    FW: Kaspersky Internet Security (disabled)

    ======System event log======

    Computer Name: USER-5C4FFC85DA
    Event Code: 7000
    Message: The Media Center Scheduler Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.


    Record Number: 96151
    Source Name: Service Control Manager
    Time Written: 20100503175203.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7009
    Message: Timeout (30000 milliseconds) waiting for the Media Center Scheduler Service service to connect.

    Record Number: 96150
    Source Name: Service Control Manager
    Time Written: 20100503175203.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7009
    Message: Timeout (30000 milliseconds) waiting for the Media Center Receiver Service service to connect.

    Record Number: 96149
    Source Name: Service Control Manager
    Time Written: 20100503175203.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7000
    Message: The CSS DVP service failed to start due to the following error:
    The system cannot find the file specified.


    Record Number: 96148
    Source Name: Service Control Manager
    Time Written: 20100503175203.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 1003
    Message: Error code 1000008e, parameter1 c0000005, parameter2 874dcfa1, parameter3 b81c8b58, parameter4 00000000.

    Record Number: 96143
    Source Name: System Error
    Time Written: 20100503121026.000000+060
    Event Type: error
    User:

    =====Application event log=====

    Computer Name: USER-5C4FFC85DA
    Event Code: 100
    Message: Task Scheduling Error: Continuously busy for more than a second

    Record Number: 12818
    Source Name: Bonjour Service
    Time Written: 20100510153241.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 2570
    Message: Adobe Active File Monitor Service has Started.

    Record Number: 12813
    Source Name: Adobe Active File Monitor 8.0
    Time Written: 20100510153214.000000+060
    Event Type:
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 100
    Message: 236: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)

    Record Number: 12812
    Source Name: Bonjour Service
    Time Written: 20100510134136.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 2570
    Message: Adobe Active File Monitor Service has Started.

    Record Number: 12806
    Source Name: Adobe Active File Monitor 8.0
    Time Written: 20100510120200.000000+060
    Event Type:
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 100
    Message: 408: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)

    Record Number: 12805
    Source Name: Bonjour Service
    Time Written: 20100510024940.000000+060
    Event Type: error
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=2
    "OS"=Windows_NT
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\WINDOWS\system32\gs\gs7.05\bin;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_REVISION"=0409
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "windir"=%SystemRoot%
    "DXSDK_DIR"=C:\Program Files\Microsoft DirectX SDK (November 2008)\
    "asl.log"=Destination=file;OnFirstLog=command,environment
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------



    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel0.slt
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel1.slt
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel2.slt
    c:\documents and settings\dr who\my documents\downloads\adobe_flash_cs4_professional___keygen.4786499.tpb.torrent
    c:\documents and settings\dr who\my documents\downloads\fl_cs4_crack.rar
    c:\documents and settings\dr who\my documents\downloads\win-egydown\keygen.exe
    c:\documents and settings\dr who\my documents\downloads\xbox 360 profile editor v2 - cracked\devcomponents.dotnetbar2.dll
    c:\documents and settings\dr who\my documents\downloads\xbox 360 profile editor v2 - cracked\leonsaunders.dll
    c:\microgaming\casino\bjballroom\global\gameregistry\crackerjack1.inf
    c:\microgaming\casino\bjballroom\local\en\menudescriptions\txt_desc_crackerjack1.dat
    c:\microgaming\casino\captaincooks\global\gameregistry\crackerjack1.inf
    c:\microgaming\casino\casinoclassic\global\gameregistry\crackerjack1.inf
    c:\microgaming\casino\goldentiger\global\gameregistry\crackerjack1.inf
    c:\microgaming\casino\virtualcity\global\gameregistry\crackerjack1.inf
    c:\program files\microsoft directx sdk (november 2008)\samples\c++\direct3d\uvatlas\crackdecl.cpp
    c:\program files\microsoft directx sdk (november 2008)\samples\c++\direct3d\uvatlas\crackdecl.h
    scanner sequence 3.IG.11
    ----- EOF -----



    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4107

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.11

    16/05/2010 22:34:43
    mbam-log-2010-05-16 (22-34-43).txt

    Scan type: Quick scan
    Objects scanned: 191454
    Time elapsed: 15 minute(s), 31 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 16th, 2010, 6:32 pm

    I had to split my replies- file too big to post!! :-)
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby melboy » May 16th, 2010, 6:51 pm

    Cracks, Keygens, Warez etc.

    If your computer is infected, this would be the main reason. Visiting crack sites/warez sites - and other questionable/illegal sites is always a risk. Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, System Restore etc.

    If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

    In 2006, a study revealed that 59% of keygens and crack tools downloaded from peer-to-peer networks contained malicious or "unwanted" software.

    Additionally, The distribution and use of cracked copies is illegal in almost every developed country.
    In using the crack, the 'cracker' has broken the 'End User Licence Agreement' (EULA) of the product concerned.


    As the log(s) you've posted indicate, you've used one or more of the above, we will not provide you with any help unless they are removed.


    May I draw your attention to the forum rules on the Use of "cracked" programmes

    Please remove all forms of illegal software from your computer before we continue.

    Please reply with a fresh CKScanner log after removing the items.
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 17th, 2010, 4:06 am

    Hi Melboy

    Thanks for your reply.

    I really am unaware of any cracked software which you are referring to?

    There are 5 different users on this computer- so I will have to ask questions to the other users. It certainly would not be myself downloading such illegal items- I am well aware of the risk this type of software gives you- which is why I`m so against P2P software etc..

    All my own programs in my user are legitimate and whereby I require to purchase such a license- then I go ahead and do so.

    In regards to removing these- I am unsure where the programs actually are and what they are named as? Are you prepared to assist me with this- otherwise I will not be able to post up a new CKScanner log as they will still be on the computer.

    Regards

    rich
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby melboy » May 17th, 2010, 3:37 pm

    Hi

    I think you need to ask the user(s) who installs/uses the cracks/cracked programs to remove them.

    The user account "Dr Who" seems mostly to blame.

    C:\documents and settings\dr who\my documents\downloads\adobe_flash_cs4_professional___keygen.4786499.tpb.torrent
    c:\documents and settings\dr who\my documents\downloads\fl_cs4_crack.rar
    c:\documents and settings\dr who\my documents\downloads\win-egydown\keygen.exe
    c:\documents and settings\dr who\my documents\downloads\xbox 360 profile editor v2 - cracked\devcomponents.dotnetbar2.dll
    c:\documents and settings\dr who\my documents\downloads\xbox 360 profile editor v2 - cracked\leonsaunders.dll


    ====================================


    After the cracked items are removed, follow the instructions below and post the resultant logs.


    Uninstall list

    Please post an Uninstall list.

    1. Open HijackThis.
    2. Click on the Open the Misc Tools section button.
    3. Look under System tools.
    4. Click on the Open Uninstall Manager... button.
    5. Click on the Save list... button.
    6. It will prompt you to save. Save this log in a convenient location, such as your Desktop By default it's named uninstall_list.txt.
    7. Notepad will open. Please post this log in your next reply.



    CKScanner

    • Doubleclick CKScanner.exe and click Search For Files.
    • After a very short time, when the cursor hourglass disappears, click Save List To File.
    • A message box will verify the file saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.



    WVCheck

    Please download WVCheck by Artellos from Here and save it to your desktop.

    • Double click WVCheck.exe to run it.
    • As prompted, press enter on your keyboard to continue. The program can take a while depending on your hard drive space.
    • When the program is finished, notepad will open, copy the contents of the notepad file as a reply.
    • The log can be found on your desktop named WVCheck_Time_DD-MM-Year.txt


    MGADiag

    Download the diagnostic tool MGADiag and save it to your desktop.

    • Double-click on MGADiag.exe.
    • Click Run and Run again.
    • Click Continue, then Copy.
    • Paste the report in your next reply.


    In your next reply:
    1. MGADiag log
    2. Uninstall list.
    3. CKFiles.txt
    4. WVCheck_****_**-**-****.txt
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 17th, 2010, 6:24 pm

    Hi Melboy :-)

    Here are my logs:-

    Ad-Aware
    Ad-Aware
    Adobe AIR
    Adobe AIR
    Adobe Anchor Service CS4
    Adobe Bridge CS4
    Adobe CMaps CS4
    Adobe Color EU Extra Settings CS4
    Adobe Color JA Extra Settings CS4
    Adobe Color NA Recommended Settings CS4
    Adobe CSI CS4
    Adobe Default Language CS4
    Adobe Device Central CS4
    Adobe Drive CS4
    Adobe Dynamiclink Support
    Adobe ExtendScript Toolkit CS4
    Adobe Extension Manager CS4
    Adobe Flash CS4
    Adobe Flash CS4 Extension - Flash Lite STI en
    Adobe Flash CS4 Professional
    Adobe Flash CS4 STI-en
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Linguistics CS4
    Adobe Media Encoder CS4
    Adobe Media Player
    Adobe Media Player
    Adobe Output Module
    Adobe PDF Library Files CS4
    Adobe Reader 9.3.2
    Adobe Search for Help
    Adobe Service Manager Extension
    Adobe Setup
    Adobe Type Support CS4
    Adobe Update Manager CS4
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS4
    AdobeColorCommonSetCMYK
    AdobeColorCommonSetRGB
    Any Video Converter 3.0.3
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AudioCommander
    AudioCommander
    avast! Antivirus
    Avira AntiVir Personal - Free Antivirus
    AVS Audio Converter version 6.1
    BBC iPlayer Desktop
    BBC iPlayer Desktop
    Bonjour
    Casino-On-Net
    CCleaner
    Connect
    Coupon Printer
    Final Media Player 2010
    Google Earth
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    HiJackThis
    HijackThis 2.0.2
    iTunes
    kuler
    Logitech Touch Mouse Server 1.0
    Malwarebytes' Anti-Malware
    Microsoft Office Publisher 2007
    Microsoft Office Standard 2007
    Mozilla Firefox (3.6.3)
    Napster
    PDF Settings CS4
    Photoshop Camera Raw
    Pixel Bender Toolkit
    QuickTime
    RocketDock 1.3.5
    Spelling Dictionaries Support For Adobe Reader 9
    Suite Shared Configuration CS4
    Uninstall 1.0.0.1
    Update for Windows Internet Explorer 7 (KB980182)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    William Hill CASINO CLUB
    Windows Media Player Firefox Plugin
    Windows XP Media Center Edition 2005 KB925766
    XPort 360



    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel0.slt
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel1.slt
    c:\casino\william hill casino club\data\slots_safecracker\3d\reel2.slt
    scanner sequence 3.AB.11
    ----- EOF -----



    Windows Validation Check
    Log Created On: 2311_17-05-2010
    ------------------------

    WVCheck's Registry Dump
    -----------------------
    Auto-Update Option: Download updates and install them automatically.
    ------------------------------
    Last Success Time for Update Detection: 2010-05-17 07:49:44
    Last Success Time for Update Download: 2010-05-12 20:35:54
    Last Success Time for Update Installation: 2010-05-12 20:44:05


    WVCheck's File Dump
    -------------------
    WVCheck found no files.


    WVCheck's HOSTS File Check
    -------------------
    WVCheck found no bad lines in the hosts file.


    -------- End of File, program close at 2319_17-05-2010 --------


    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Genuine
    Validation Code: 0
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-KBT2H-3HQV7-XBXWT
    Windows Product Key Hash: KCpSXxQK1F6XW50UTHmFP8Ez+mQ=
    Windows Product ID: 76487-OEM-2281447-67470
    Windows Product ID Type: 3
    Windows License Type: OEM System Builder
    Windows OS version: 5.1.2600.2.00010100.3.0.med
    ID: {77FE0C2C-A543-415D-A222-BF4B3B260824}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.9.1
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-230-1
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    Windows XP Notifications Data-->
    Cached Result: 0
    File Exists: Yes
    Version: 1.7.18.5
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Standard 2007 - 100 Genuine
    Microsoft Office Publisher 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{77FE0C2C-A543-415D-A222-BF4B3B260824}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.med</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-XBXWT</PKey><PID>76487-OEM-2281447-67470</PID><PIDType>3</PIDType><SID>S-1-5-21-329068152-602162358-682003330</SID><SYSTEM><Manufacturer>NEC COMPUTERS INTERNATIONAL</Manufacturer><Model>GA-8I915PMD</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>10J</Version><SMBIOSVersion major="2" minor="3"/><Date>20060223000000.000000+000</Date></BIOS><HWID>CB4F3F570184406D</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.5"/><File Name="WgaLogon.dll" Version="1.7.18.5"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0012-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Standard 2007</Name><Ver>12</Ver><Val>4E71718A6503F75</Val><Hash>vOFvhq4Lv2DycxNbKzUBYrcClEE=</Hash><Pid>81607-954-2648107-64078</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0019-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Publisher 2007</Name><Ver>12</Ver><PidType>0</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

    Licensing Data-->
    N/A

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: yes
    Marker string from BIOS: 10160:Packard Bell B.V|10160:Packard Bell B.V|1FA67:Packard Bell B.V|1FA67:Packard Bell B.V|14430:SYNNEX TECHNOLOGY INTERNATIONAL CORP|14430:SYNNEX TECHNOLOGY INTERNATIONAL CORP|14430:SYNNEX TECHNOLOGY INTERNATIONAL CORP
    Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

    OEM Activation 2.0 Data-->
    N/A
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 18th, 2010, 12:35 pm

    Hi again!!

    Run a new scan and here is the CK log:-

    CKScanner - Additional Security Risks - These are not necessarily bad
    scanner sequence 3.MN.11
    ----- EOF -----

    Thanks :-)
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby melboy » May 18th, 2010, 12:45 pm

    Hi

    Let's see if we can progress.


    RSIT (Random's System Information Tool)

    • Ensure rsit.exe is on your desktop
    • Click Start > Run
    • Copy/paste the following into the run box & click OK
      "%userprofile%\desktop\rsit.exe" /info
    • Click Continue at the disclaimer screen
    • Once it has finished, two logs will open, log.txt (<<will be maximized) and info.txt (<<will be minimized)
    • Copy & paste the contents of both logs in your next reply


    TFC

    • Save any unsaved work. TFC will close all open application windows.
    • Double-click TFC.exe to run the program.
    • Click the Start button in the bottom left of TFC
    • If prompted, click "Yes" to reboot.

    Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



    ESET Online Scanner

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    • Please go here then click on: Image
      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on: Image
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Now click on: Image
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
    • Now click on: Image
    • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    • Copy and paste that log as a reply to this topic.

    Note: Do not forget to re-enable your Anti-Virus application after running the above scan!



    In your next reply:
    1. RSIT log.txt
    2. RSIT info.txt
    3. Eset log
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK

    Re: Computer Internet Connection Very Slow???

    Unread postby rich2568 » May 19th, 2010, 3:38 pm

    Hi Melboy :-)


    It appears that the ESET Online Scanner doesn`t seem to get to 100%- before I get an error message on the screen? It gets to approx 85%- and that is taking about 3 hours??

    I`ve posted the other 2 logs as you required.

    I will keep trying the ESET Scanner if that`s what you require?

    Regards,

    Rich



    Logfile of random's system information tool 1.07 (written by random/random)
    Run by user at 2010-05-19 09:07:41
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 75 GB (49%) free of 153 GB
    Total RAM: 1023 MB (22% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 09:08:03, on 19/05/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17023)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\ehome\RMSvc.exe
    C:\WINDOWS\system32\slserv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\VirginMedia\V Stuff Backup\v_stuff_backup.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\VirginMedia\V Stuff Backup\AGMailAgent.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Documents and Settings\user\desktop\rsit.exe
    C:\Program Files\Trend Micro\HijackThis\user.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [V Stuff Backup] "C:\Program Files\VirginMedia\V Stuff Backup\v_stuff_backup.exe" /delayed
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - http://www.intercasino.co.uk/?utm_sourc ... paign=home (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - http://www.intercasino.co.uk/?utm_sourc ... paign=home (file missing) (HKCU)
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/sr ... ab_srl.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
    O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - http://disney.go.com/pirates/online/tes ... eGames.cab
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1277564285
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - http://www.orderingmemory.com/controls/cpcScanner.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} - http://support.packardbell.com/files/ac ... inder2.CAB
    O16 - DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} - http://downloads.virginmedia.com/CST/ver1/xp_mail.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 10964 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Driver Robot.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\ParetoLogic Registration.job
    C:\WINDOWS\tasks\ParetoLogic Update Version2.job
    C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
    C:\WINDOWS\tasks\Uniblue SpyEraser.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0BF43445-2F28-4351-9252-17FE6E806AA0}

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-03-29 2343120]
    "V Stuff Backup"=C:\Program Files\VirginMedia\V Stuff Backup\v_stuff_backup.exe [2010-04-14 8263584]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\14643754]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
    C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2010-02-27 611712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadbandadvisor.exe]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
    C:\Program Files\CCleaner\CCleaner.exe [2010-04-23 1668920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCure]
    C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
    C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.3]
    C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe /R []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
    C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
    C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
    C:\Program Files\Kontiki\KHost.exe [2008-02-27 1032376]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
    C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-03 91440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
    C:\Program Files\Napster\napster.exe /systray []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCguard]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDUiP6220DMon]
    C:\Program Files\Canon\Memory Card Utility\iP6220D\PDUiP6220DMon.exe [2005-05-06 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
    C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-01-01 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tucan]
    C:\DOCUME~1\user\LOCALS~1\Temp\Temporary Directory 1 for AntiRootkit[1].zip\PAVARK.exe /Monitor []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherDPA]
    C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe -auto []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    C:\Program Files\Windows Defender\MSASCui.exe -hide []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Updates]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^eFax 4.3.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Extender Resource Monitor.lnk]
    C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 18432]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-06-03 91440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2009-02-19 809488]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ulead Photo Express 3.0 SE Calendar Checker.lnk]
    C:\PROGRA~1\ULEADS~1\ULEADP~1.0SE\CalCheck.exe [1999-06-15 61440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Watch.lnk]
    C:\PROGRA~1\MUSTEK~1\Driver\WATCH.exe [2001-11-23 364544]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ZDWLan Utility.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^GameSpot Download Manager.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^Logitech Touch Mouse Server.lnk]
    C:\DOCUME~1\MRBURN~1\MYDOCU~1\DOWNLO~1\LOGITE~1\ITOUCH~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dr Who^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
    C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Loz^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
    C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Loz^Start Menu^Programs^Startup^Trailer Room.lnk]
    C:\DOCUME~1\Loz\APPLIC~1\TRAILE~1\Player.exe [2008-02-11 1022664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mr Burns^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
    C:\PROGRA~1\BBCIPL~1\BBCIPL~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
    C:\PROGRA~1\ERUNT\AUTOBACK.EXE C:\WINDOWS\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^SpywareGuard.lnk]
    C:\PROGRA~1\SPYWAR~2\sgmain.exe [2003-08-29 360448]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "PACSPTISVR"=3
    "NBService"=3
    "MSCSPTISRV"=3
    "KService"=2
    "IDriverT"=3
    "dvpapi"=2
    "SPTISRV"=3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-02-19 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=
    "HonorAutoRunSetting"=
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:MSI starter"
    "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\WINDOWS\ehome\ehshell.exe"="C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\Kontiki\KService.exe"="C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Disabled:Microsoft DirectX Diagnostic Tool"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server"
    "C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe"="C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech"
    "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
    "C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\iTouch-Server-Win.exe"="C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    ======File associations======

    .js - open - NOTEPAD.EXE %1
    .vbs - open - NOTEPAD.EXE %1

    ======List of files/folders created in the last 2 months======

    2010-05-18 21:49:35 ----A---- C:\WINDOWS\system32\Redemption.dll
    2010-05-18 21:49:32 ----D---- C:\Program Files\VirginMedia
    2010-05-18 14:37:23 ----DC---- C:\Documents and Settings\All Users\Application Data\IObit
    2010-05-18 14:33:50 ----D---- C:\Documents and Settings\user\Application Data\IObit
    2010-05-18 14:33:49 ----D---- C:\Program Files\IObit
    2010-05-18 00:06:31 ----A---- C:\WINDOWS\system32\MyDefragScreenSaver_v4.2.9.exe
    2010-05-18 00:06:30 ----D---- C:\Program Files\MyDefrag v4.2.9
    2010-05-17 23:20:12 ----DC---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    2010-05-17 21:21:41 ----D---- C:\Documents and Settings\user\Application Data\FinalMediaPlayer
    2010-05-17 21:21:35 ----D---- C:\Program Files\FinalMediaPlayer
    2010-05-17 21:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
    2010-05-16 23:17:02 ----DC---- C:\rsit
    2010-05-16 22:44:28 ----D---- C:\Documents and Settings\user\Application Data\AVS4YOU
    2010-05-16 21:04:07 ----D---- C:\Program Files\QuickTime
    2010-05-15 15:34:11 ----A---- C:\WINDOWS\system32\lsdelete.exe
    2010-05-15 12:58:34 ----D---- C:\Documents and Settings\user\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2010-05-14 22:52:37 ----D---- C:\Program Files\iPod
    2010-05-14 22:52:19 ----D---- C:\Program Files\iTunes
    2010-05-13 23:19:17 ----HDC---- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-05-13 21:59:59 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2010-05-13 21:59:57 ----D---- C:\Program Files\Alwil Software
    2010-05-13 21:50:30 ----D---- C:\Documents and Settings\user\Application Data\Avira
    2010-05-13 21:21:28 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira
    2010-05-13 21:21:28 ----D---- C:\Program Files\Avira
    2010-05-13 05:01:35 ----D---- C:\WINDOWS\system32\MpEngineStore
    2010-05-12 21:44:05 ----A---- C:\WINDOWS\system32\MRT.INI
    2010-05-12 21:39:52 ----AC---- C:\mbam-error.txt
    2010-05-12 21:22:54 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
    2010-05-12 21:18:24 ----D---- C:\Program Files\Common Files\Roxio Shared
    2010-05-12 21:16:49 ----D---- C:\Documents and Settings\user\Application Data\CasinoOnNet
    2010-05-12 21:15:56 ----D---- C:\Program Files\AnvSoft
    2010-05-12 21:15:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
    2010-05-12 21:13:49 ----D---- C:\Program Files\VeryPDF Image2PDF v3.2
    2010-05-11 21:33:19 ----D---- C:\Documents and Settings\user\Application Data\Radialpoint
    2010-05-11 21:33:16 ----D---- C:\Documents and Settings\user\Application Data\Virgin Media
    2010-05-11 21:32:57 ----DC---- C:\Documents and Settings\All Users\Application Data\Radialpoint
    2010-05-11 21:32:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Virgin Media
    2010-05-04 17:53:27 ----DC---- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-05-04 17:53:27 ----D---- C:\Program Files\iTunes(2)
    2010-05-03 18:11:24 ----D---- C:\Documents and Settings\user\Application Data\dvdcss
    2010-05-01 00:30:52 ----A---- C:\WINDOWS\system32\post.txt
    2010-04-27 17:15:05 ----D---- C:\WINDOWS\winmain32
    2010-04-04 00:56:33 ----A---- C:\WINDOWS\system32\UnCasino5.exe
    2010-03-26 21:49:05 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
    2010-03-20 22:23:32 ----AC---- C:\WINDOWS\ModemLog_LGE Mobile USB Modem #2.txt

    ======List of files/folders modified in the last 2 months======

    2010-05-19 09:05:24 ----SD---- C:\WINDOWS\Tasks
    2010-05-19 09:05:21 ----D---- C:\WINDOWS\TEMP
    2010-05-19 09:03:40 ----D---- C:\WINDOWS\Registration
    2010-05-19 09:02:34 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-05-19 09:02:14 ----D---- C:\WINDOWS
    2010-05-19 08:19:19 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-05-18 22:34:30 ----D---- C:\Program Files\Magic Gallery 5
    2010-05-18 22:17:08 ----SHD---- C:\System Volume Information
    2010-05-18 21:49:43 ----DC---- C:\Documents and Settings\All Users\Application Data\VirginMedia
    2010-05-18 21:49:36 ----RSHD---- C:\WINDOWS\system32
    2010-05-18 21:49:32 ----RD---- C:\Program Files
    2010-05-18 19:25:37 ----SD---- C:\WINDOWS\Downloaded Program Files
    2010-05-18 19:21:59 ----SHDC---- C:\RECYCLER
    2010-05-18 19:21:59 ----DC---- C:\Documents and Settings
    2010-05-18 19:21:59 ----D---- C:\WINDOWS\system32\appmgmt
    2010-05-18 19:17:24 ----D---- C:\WINDOWS\Prefetch
    2010-05-18 19:11:36 ----SHD---- C:\WINDOWS\Installer
    2010-05-18 19:11:34 ----HDC---- C:\Config.Msi
    2010-05-18 19:11:22 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe
    2010-05-18 19:11:15 ----D---- C:\Program Files\Common Files\Adobe
    2010-05-18 16:40:44 ----D---- C:\Program Files\Google
    2010-05-18 16:24:56 ----D---- C:\Documents and Settings\user\Application Data\MailFrontier
    2010-05-18 16:24:55 ----DC---- C:\Documents and Settings\All Users\Application Data\Kontiki
    2010-05-18 16:24:54 ----D---- C:\WINDOWS\system32\config
    2010-05-18 16:24:51 ----D---- C:\Program Files\Common Files\Motive
    2010-05-18 16:24:49 ----D---- C:\WINDOWS\ehome
    2010-05-18 16:24:49 ----D---- C:\Program Files\Internet Explorer
    2010-05-18 16:24:49 ----D---- C:\Program Files\ContentaConverter-PREMIUM
    2010-05-18 16:24:48 ----DC---- C:\hijackthis
    2010-05-18 16:24:35 ----DC---- C:\Need4Video files
    2010-05-18 16:24:27 ----D---- C:\WINDOWS\system32\CatRoot
    2010-05-18 16:23:33 ----D---- C:\Program Files\Common Files
    2010-05-18 14:25:28 ----D---- C:\WINDOWS\system32\LogFiles
    2010-05-18 14:02:19 ----A---- C:\WINDOWS\NeroDigital.ini
    2010-05-18 08:42:33 ----SHC---- C:\boot.ini
    2010-05-18 08:42:33 ----AC---- C:\WINDOWS\system.ini
    2010-05-18 08:42:33 ----A---- C:\WINDOWS\win.ini
    2010-05-17 21:20:09 ----HD---- C:\WINDOWS\inf
    2010-05-17 21:19:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2010-05-17 20:22:40 ----DC---- C:\Casino
    2010-05-16 22:44:24 ----D---- C:\WINDOWS\system32\drivers
    2010-05-16 17:56:30 ----D---- C:\Program Files\Adobe
    2010-05-16 17:44:47 ----RSD---- C:\WINDOWS\assembly
    2010-05-16 17:41:21 ----DC---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2010-05-16 17:27:50 ----D---- C:\WINDOWS\pss
    2010-05-15 16:08:57 ----D---- C:\Documents and Settings\user\Application Data\OpenOffice.org2
    2010-05-15 16:05:15 ----D---- C:\Program Files\SUPERAntiSpyware
    2010-05-15 16:04:53 ----D---- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
    2010-05-15 16:00:44 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
    2010-05-14 22:52:36 ----D---- C:\Program Files\Common Files\Apple
    2010-05-14 22:45:39 ----D---- C:\Program Files\Apple Software Update
    2010-05-14 22:41:25 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2010-05-14 22:01:40 ----D---- C:\WINDOWS\Minidump
    2010-05-13 23:19:33 ----D---- C:\Program Files\Lavasoft
    2010-05-13 23:18:30 ----D---- C:\WINDOWS\WinSxS
    2010-05-13 22:58:38 ----D---- C:\Program Files\AVS4YOU
    2010-05-13 22:56:19 ----D---- C:\Documents and Settings\user\Application Data\Sony
    2010-05-13 22:48:02 ----D---- C:\WINDOWS\Debug
    2010-05-13 22:42:59 ----DC---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2010-05-13 22:40:21 ----D---- C:\Program Files\DivX
    2010-05-13 22:37:36 ----D---- C:\Program Files\YouTube Downloader
    2010-05-13 20:58:20 ----D---- C:\Program Files\DVDVideoSoft
    2010-05-13 20:58:17 ----D---- C:\Program Files\Common Files\DVDVideoSoft
    2010-05-13 20:54:48 ----D---- C:\Program Files\Common Files\Akamai
    2010-05-13 03:35:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2010-05-12 21:39:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-05-12 21:39:30 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2010-05-12 21:38:40 ----D---- C:\Program Files\Outlook Express
    2010-05-12 21:24:00 ----D---- C:\WINDOWS\system32\wbem
    2010-05-12 21:18:23 ----D---- C:\Program Files\Common Files\Napster Shared
    2010-05-11 23:10:08 ----HD---- C:\WINDOWS\$hf_mig$
    2010-05-11 22:52:47 ----D---- C:\Program Files\Canon
    2010-05-11 22:35:14 ----DC---- C:\Documents and Settings\All Users\Application Data\DriverCure
    2010-05-11 22:29:34 ----D---- C:\Program Files\Datel
    2010-05-02 16:04:22 ----D---- C:\Program Files\CCleaner
    2010-04-30 19:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
    2010-04-27 21:04:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2010-04-27 21:04:22 ----D---- C:\Program Files\Online Services
    2010-04-27 21:03:47 ----D---- C:\WINDOWS\system32\inetsrv
    2010-04-27 17:15:07 ----RSD---- C:\WINDOWS\Fonts
    2010-04-17 18:15:12 ----D---- C:\Program Files\RocketDock
    2010-04-17 09:30:28 ----A---- C:\WINDOWS\ModemLog_LGE Mobile USB Modem.txt
    2010-04-16 08:33:36 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
    2010-04-13 11:07:56 ----DC---- C:\Documents and Settings\All Users\Application Data\NOS
    2010-04-04 01:01:27 ----D---- C:\WINDOWS\system32\en-US
    2010-03-25 14:16:38 ----AC---- C:\WINDOWS\Ulead32.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
    R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-03-12 9072]
    R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-03-12 9200]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-09-05 296976]
    R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-09-30 5632]
    R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2010-02-27 73312]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
    R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-05-03 710144]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
    R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
    R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-09-16 47360]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S2 CSS DVP;CSS DVP; C:\WINDOWS\system32\DRIVERS\css-dvp.sys []
    S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
    S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
    S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
    S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-24 13224]
    S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-24 25512]
    S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2003-02-18 17504]
    S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2007-01-20 55216]
    S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2007-01-20 6576]
    S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2007-01-20 89872]
    S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2007-01-20 81728]
    S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2007-01-20 79488]
    S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
    S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2006-07-19 55936]
    S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    S3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136]
    S3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-07-19 36736]
    S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2006-07-19 71936]
    S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
    S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
    S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
    S3 QWAVEDRV;QWAVE driver; C:\WINDOWS\system32\DRIVERS\qwavedrv.sys [2005-10-20 14336]
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
    S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
    S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
    S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
    S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
    S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
    S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
    S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
    S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
    S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
    S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
    S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
    S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
    S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
    S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
    S3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-16 41472]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbcm;USB Cable Modem 351000 NDIS Driver; C:\WINDOWS\system32\DRIVERS\usbcm.sys [2002-04-11 13335]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
    S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
    S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
    S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
    S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
    S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
    S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
    R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-13 1291544]
    R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-10-20 96256]
    R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
    R2 RMSvc;Media Center Extender Resource Monitor; C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 28160]
    R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
    S2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-02-19 121360]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 QWAVE;QWAVE service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]
    S4 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
    S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\ALDI Photo Service\Common\Database\bin\fbserver.exe []
    S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-25 867080]
    S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-16 135664]
    S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S4 KService;KService; C:\Program Files\Kontiki\KService.exe [2008-02-27 3072184]
    S4 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
    S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
    S4 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
    S4 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
    S4 TCTNWPT;TCTNWPT; C:\DOCUME~1\user\LOCALS~1\Temp\TCTNWPT.exe []

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.06 2010-05-19 09:08:12

    ======Uninstall list======

    Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
    Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
    Adobe Flash CS4 Professional-->C:\Program Files\Common Files\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
    Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
    Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
    Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
    Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
    Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
    AudioCommander-->C:\Documents and Settings\All Users\Application Data\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}\setup_ac.exe
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AVS Audio Converter version 6.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter6\unins000.exe"
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Final Media Player 2010-->"C:\Program Files\FinalMediaPlayer\unins000.exe"
    Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HijackThis 2.0.2-->"C:\PROGRA~1\TRENDM~1\HIJACK~1\HijackThis.exe" /uninstall
    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
    iTunes-->MsiExec.exe /I{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Logitech Touch Mouse Server 1.0-->C:\Documents and Settings\Mr Burns\My Documents\Downloads\Logitech Touch Mouse Server\uninst.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Office Publisher 2007-->MsiExec.exe /X{91120000-0019-0000-0000-0000000FF1CE}
    Microsoft Office Standard 2007-->MsiExec.exe /X{91120000-0012-0000-0000-0000000FF1CE}
    MyDefrag v4.2.9-->"C:\Program Files\MyDefrag v4.2.9\unins000.exe"
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
    QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
    V Stuff Backup v1.6.2.18253-->"C:\Program Files\VirginMedia\V Stuff Backup\unins000.exe"
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    William Hill CASINO CLUB-->"C:\Casino\William Hill CASINO CLUB\_SetupCasino.exe_27f3_en[1].exe" /uninstall
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
    XPort 360-->"C:\Program Files\Datel\XPort 360\unins000.exe"

    =====HijackThis Backups=====

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2007-09-13]
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2007-09-13]
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/ac ... acking.cab [2007-09-13]
    O16 - DPF: {3B5E9B23-7537-4601-A9E8-FA0D956DEA16} (csauie1 Control) - http://www.couponreport.net/ftp/v3123/csauie1.cab [2007-09-13]
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ ... oupons.cab [2007-09-13]
    O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.asda-photo.co.uk/wpp/asda/ap ... loader.cab [2007-09-13]

    ======Hosts File======

    127.0.0.1 localhost
    127.0.0.1 http://www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 http://www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 http://www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 http://www.032439.com

    ======Security center information======

    AV: ThreatFire
    AV: AntiVir Desktop
    AV: avast! antivirus 4.8.1368 [VPS 100518-1]
    AV: Kaspersky Internet Security (disabled) (outdated)
    FW: Kaspersky Internet Security (disabled)

    ======System event log======

    Computer Name: USER-5C4FFC85DA
    Event Code: 7009
    Message: Timeout (30000 milliseconds) waiting for the Media Center Extender Service service to connect.

    Record Number: 96892
    Source Name: Service Control Manager
    Time Written: 20100509195305.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7000
    Message: The Media Center Scheduler Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.


    Record Number: 96891
    Source Name: Service Control Manager
    Time Written: 20100509195305.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7009
    Message: Timeout (30000 milliseconds) waiting for the Media Center Scheduler Service service to connect.

    Record Number: 96890
    Source Name: Service Control Manager
    Time Written: 20100509195305.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7009
    Message: Timeout (30000 milliseconds) waiting for the Media Center Receiver Service service to connect.

    Record Number: 96889
    Source Name: Service Control Manager
    Time Written: 20100509195305.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 7000
    Message: The CSS DVP service failed to start due to the following error:
    The system cannot find the file specified.


    Record Number: 96888
    Source Name: Service Control Manager
    Time Written: 20100509195305.000000+060
    Event Type: error
    User:

    =====Application event log=====

    Computer Name: USER-5C4FFC85DA
    Event Code: 2570
    Message: Adobe Active File Monitor Service has Started.

    Record Number: 12948
    Source Name: Adobe Active File Monitor 8.0
    Time Written: 20100511230453.000000+060
    Event Type:
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 2570
    Message: Adobe Active File Monitor Service has Started.

    Record Number: 12899
    Source Name: Adobe Active File Monitor 8.0
    Time Written: 20100511221400.000000+060
    Event Type:
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 100
    Message:
    Record Number: 12898
    Source Name: Bonjour Service
    Time Written: 20100511220418.000000+060
    Event Type: error
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 2570
    Message: Adobe Active File Monitor Service has Started.

    Record Number: 12890
    Source Name: Adobe Active File Monitor 8.0
    Time Written: 20100511212132.000000+060
    Event Type:
    User:

    Computer Name: USER-5C4FFC85DA
    Event Code: 100
    Message:
    Record Number: 12889
    Source Name: Bonjour Service
    Time Written: 20100511211954.000000+060
    Event Type: error
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=2
    "OS"=Windows_NT
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\WINDOWS\system32\gs\gs7.05\bin;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_REVISION"=0409
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "windir"=%SystemRoot%
    "DXSDK_DIR"=C:\Program Files\Microsoft DirectX SDK (November 2008)\
    "asl.log"=Destination=file;OnFirstLog=command,environment
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    rich2568
    Regular Member
     
    Posts: 33
    Joined: June 1st, 2008, 7:58 am

    Re: Computer Internet Connection Very Slow???

    Unread postby melboy » May 19th, 2010, 4:05 pm

    If you're failing with the ESET scan try this one instead:

    BitDefender - Online Scan

    Please go to the Bitdefender website to perform an online scan.
    1. Click on Start Scanner... check the I Agree to the Terms and Conditions box... then press Start Here.
    2. You will be prompted to install BitDefender software... an ActiveX component. Please allow it and install it.
    3. Click on Folders to Scan
      • Check the Desktop box.
      • Under My Computer... you may have to click on the (+) sign to expand... UNCHECK the following:
        • Floppy Drive, if applicable
        • CD and/or DVD drive box(es)
        • Network drive box(es)
        • My Network Places... then click OK.
      • Click on Cleaning Options, the "Set scan options" window appears... place a CHECK in the following:
          Scanning options (These are normally checked, by default)
        • Scan boot sectors
        • Scan files... also... click the (+) sign and select All Files... leave other defaults as they are.
        • Use heuristic detection
        • Detect incomplete virus bodies
          Action options
        • Select Report only option
        • Click on the + sign next to Second Action.
        • Select Report only option... then click OK.
    4. Click on Click here to scan link.
      The scan engine & virus definitions will load and the scan will begin. (This will take a while, please be patient.)
      When the scan is finished...
    5. Click on Click here to export the scan report... Click on Desktop on your left.
    6. In the File Name box, copy and paste in BDReport.txt
    7. In the Save As Type box, select Text (Tab Delimited) (*.txt) file... then click Save.
      Please copy and paste the contents of the BDReport.txt file, into your next reply.
    User avatar
    melboy
    MRU Expert
    MRU Expert
     
    Posts: 3670
    Joined: July 25th, 2008, 4:25 pm
    Location: UK
    Advertisement
    Register to Remove

    Next

    • Similar Topics
      Replies
      Views
      Last post

    Return to Infected? Virus, malware, adware, ransomware, oh my!



    Who is online

    Users browsing this forum: No registered users and 288 guests

    Contact us:

    Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

    Member site: UNITE Against Malware