Strangely slow computer [Archive] - Safer-Networking Forums

Felga

2009-03-26, 11:12

Hi,

I have just bought a new laptop, installed windows and all stuff what i need. He have enoguh of RAM , hard disk with 320 gb (freshly defragmented) and it should work great with these hardware components but he isn't. He is strangely slow :sad:

HP6735s
AMD dual core procesor 2,0 ghz
3 GB of ram

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:20, on 26.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 6520 bytes

Other topic: http://forums.spybot.info/showthread.php?t=46932

peku006

2009-03-29, 19:40

Hello and Welcome to Safer Networking,

My name is peku006 and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

Please observe these rules while we work:

If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Please continue to respond until I give you the "All Clear"

If you follow these instructions, everything should go smoothly.

1 - download and run RSIT

Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

2 - Status Check
Please reply with

1.the logs from RSIT (log.txt ,info.txt)

Thanks peku006

Felga

2009-03-29, 20:31

Hello, and thanks for responding

LOG.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by Radica at 2009-03-29 20:28:54
Microsoft Windows XP Professional Service Pack 2
System drive C: has 292 GB (96%) free of 305 GB
Total RAM: 2813 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:02, on 29.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Radica\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Radica.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 6708 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-21 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2009-03-21 1945600]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1044480]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-21 136600]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 177456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-05-12 576104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-10 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-02-08 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Protocol"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:*:Enabled:World in Conflict"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:*:Enabled:World in Conflict - Online Only"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:*:Enabled:World in Conflict - Dedicated Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-03-29 20:28:54 ----D---- C:\rsit
2009-03-26 12:12:09 ----D---- C:\Program Files\Trend Micro
2009-03-22 14:28:54 ----D---- C:\Program Files\Microsoft
2009-03-22 14:28:29 ----D---- C:\Program Files\Windows Live SkyDrive
2009-03-22 14:27:58 ----D---- C:\Program Files\Windows Live
2009-03-22 14:17:10 ----D---- C:\Program Files\Common Files\Windows Live
2009-03-22 13:38:37 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-03-22 13:38:36 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-03-22 13:38:35 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-03-22 13:38:33 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-03-22 13:38:31 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-03-22 13:28:15 ----D---- C:\Program Files\Sierra Entertainment
2009-03-22 01:09:04 ----D---- C:\WINDOWS\pss
2009-03-22 01:06:01 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-03-22 01:03:22 ----D---- C:\Program Files\Microsoft Works
2009-03-22 01:03:04 ----D---- C:\Program Files\MSBuild
2009-03-22 01:02:38 ----D---- C:\Program Files\CCleaner
2009-03-22 01:02:28 ----D---- C:\Program Files\Microsoft Visual Studio
2009-03-22 01:02:28 ----D---- C:\Program Files\Common Files\DESIGNER
2009-03-22 01:01:20 ----D---- C:\Program Files\Microsoft.NET
2009-03-22 00:58:10 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-03-22 00:57:03 ----D---- C:\WINDOWS\SHELLNEW
2009-03-22 00:56:36 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-22 00:56:26 ----D---- C:\Program Files\Microsoft Office
2009-03-22 00:56:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-22 00:55:36 ----RHD---- C:\MSOCache
2009-03-22 00:52:37 ----D---- C:\Documents and Settings\Radica\Application Data\DAEMON Tools Pro
2009-03-22 00:52:37 ----D---- C:\Documents and Settings\Radica\Application Data\DAEMON Tools
2009-03-22 00:50:27 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-03-22 00:50:01 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-03-22 00:49:24 ----D---- C:\Program Files\DAEMON Tools Lite
2009-03-22 00:42:50 ----D---- C:\Documents and Settings\Radica\Application Data\DAEMON Tools Lite
2009-03-22 00:16:47 ----D---- C:\WINDOWS\system32\LogFiles
2009-03-22 00:08:22 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-03-22 00:05:54 ----D---- C:\Program Files\Kaspersky Lab
2009-03-22 00:05:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-03-22 00:05:21 ----D---- C:\kav
2009-03-21 23:55:05 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-21 23:55:05 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-21 23:55:05 ----A---- C:\WINDOWS\system32\java.exe
2009-03-21 23:55:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-21 23:53:29 ----D---- C:\Documents and Settings\Radica\Application Data\Sun
2009-03-21 23:44:27 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-21 23:42:15 ----D---- C:\Documents and Settings\Radica\Application Data\WinRAR
2009-03-21 23:15:36 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-03-21 23:15:35 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-03-21 22:53:13 ----SHD---- C:\RECYCLER
2009-03-21 22:45:16 ----D---- C:\Documents and Settings\Radica\Application Data\Macromedia
2009-03-21 22:45:16 ----D---- C:\Documents and Settings\Radica\Application Data\Adobe
2009-03-21 22:43:32 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-21 22:42:17 ----A---- C:\WINDOWS\system32\unrar.dll
2009-03-21 22:42:17 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-03-21 22:42:17 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-03-21 22:42:17 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-03-21 22:42:17 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-03-21 22:42:15 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-03-21 22:42:15 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-03-21 22:42:15 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-03-21 22:42:14 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-03-21 22:42:14 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-03-21 22:42:14 ----A---- C:\WINDOWS\system32\divx.dll
2009-03-21 22:42:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-03-21 22:42:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-03-21 22:42:12 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-03-21 22:42:11 ----D---- C:\Program Files\K-Lite Codec Pack
2009-03-21 22:42:11 ----D---- C:\Documents and Settings\Radica\Application Data\Real
2009-03-21 22:42:11 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-03-21 22:41:12 ----D---- C:\Program Files\Sun
2009-03-21 22:40:34 ----D---- C:\Program Files\Java
2009-03-21 22:39:31 ----D---- C:\Program Files\Common Files\Java
2009-03-21 22:26:48 ----D---- C:\Documents and Settings\Radica\Application Data\Mozilla
2009-03-21 22:26:43 ----D---- C:\Program Files\Mozilla Firefox
2009-03-21 22:26:06 ----D---- C:\Program Files\WinRAR
2009-03-21 22:11:24 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-03-21 22:11:24 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-03-21 22:11:24 ----D---- C:\Program Files\Analog Devices
2009-03-21 22:11:24 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-03-21 22:10:32 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-03-21 22:01:31 ----D---- C:\Program Files\HP Webcam Application
2009-03-21 21:59:36 ----A---- C:\WINDOWS\system32\hpqnt.dll
2009-03-21 21:58:34 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-03-21 21:58:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-03-21 21:58:00 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-03-21 21:55:38 ----A---- C:\WINDOWS\system32\BCMLogon.dll
2009-03-21 21:55:37 ----A---- C:\WINDOWS\system32\vcredist_x86.exe
2009-03-21 21:55:37 ----A---- C:\WINDOWS\system32\vcredist_x86.bat
2009-03-21 21:55:37 ----A---- C:\WINDOWS\system32\preflib.dll
2009-03-21 21:55:37 ----A---- C:\WINDOWS\system32\bcmwlu00.exe
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\WLTRYSVC.EXE
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\wltrynt.dll
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\WLTRAY.EXE
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\WLBCGCBPRO731.DLL
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\BCMWLTRY.EXE
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\bcmwlpkt.dll
2009-03-21 21:55:36 ----A---- C:\WINDOWS\system32\bcm1xsup.dll
2009-03-21 21:55:35 ----D---- C:\Program Files\Broadcom
2009-03-21 21:55:35 ----A---- C:\WINDOWS\system32\bcmwlcoi.dll
2009-03-21 21:55:10 ----A---- C:\WINDOWS\HBCIKRNL.INI
2009-03-21 21:54:59 ----D---- C:\Program Files\SCM Microsystems
2009-03-21 21:54:51 ----D---- C:\Documents and Settings\Radica\Application Data\ATI
2009-03-21 21:54:51 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-03-21 21:54:48 ----D---- C:\WINDOWS\Downloaded Installations
2009-03-21 21:49:20 ----RSD---- C:\WINDOWS\assembly
2009-03-21 21:48:57 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-21 21:48:24 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-03-21 21:47:34 ----D---- C:\Program Files\ATI Technologies
2009-03-21 21:46:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-21 21:46:25 ----D---- C:\Program Files\AMD
2009-03-21 21:46:15 ----D---- C:\Documents and Settings\Radica\Application Data\InstallShield
2009-03-21 21:44:31 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-03-21 21:44:24 ----D---- C:\Program Files\WIDCOMM
2009-03-21 21:43:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-21 21:43:03 ----D---- C:\Program Files\Common Files\InstallShield
2009-03-21 21:42:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-21 21:42:58 ----D---- C:\WINDOWS\system32\HP3DG
2009-03-21 21:41:37 ----D---- C:\Program Files\Marvell
2009-03-21 21:39:02 ----D---- C:\Program Files\Hewlett-Packard
2009-03-21 21:38:59 ----D---- C:\SWSetup
2009-03-21 20:36:17 ----D---- C:\Documents and Settings\Radica\Application Data\Identities
2009-03-21 20:36:15 ----HD---- C:\Program Files\Uninstall Information
2009-03-21 20:36:09 ----SD---- C:\Documents and Settings\Radica\Application Data\Microsoft
2009-03-21 20:36:09 ----ASH---- C:\Documents and Settings\Radica\Application Data\desktop.ini
2009-03-21 20:34:58 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-21 20:34:57 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-21 20:34:57 ----D---- C:\WINDOWS\Prefetch
2009-03-21 20:34:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-21 20:21:10 ----D---- C:\WINDOWS\system32\xircom
2009-03-21 20:21:10 ----D---- C:\Program Files\xerox
2009-03-21 20:21:10 ----D---- C:\Program Files\microsoft frontpage
2009-03-21 20:20:53 ----A---- C:\WINDOWS\control.ini
2009-03-21 20:20:53 ----A---- C:\AUTOEXEC.BAT
2009-03-21 20:20:41 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-03-21 20:19:54 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-21 20:19:54 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-21 20:19:54 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-03-21 20:19:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-03-21 20:19:45 ----HD---- C:\Program Files\WindowsUpdate
2009-03-21 20:19:25 ----D---- C:\WINDOWS\system32\DirectX
2009-03-21 20:19:04 ----A---- C:\WINDOWS\system32\atrace.dll
2009-03-21 20:19:01 ----A---- C:\WINDOWS\system32\desktop.ini
2009-03-21 20:19:01 ----A---- C:\WINDOWS\desktop.ini
2009-03-21 20:18:54 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-03-21 20:18:52 ----D---- C:\Program Files\Common Files\Services
2009-03-21 20:18:52 ----A---- C:\WINDOWS\system32\acctres.dll
2009-03-21 20:18:49 ----SD---- C:\WINDOWS\Tasks
2009-03-21 20:18:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-03-21 20:18:48 ----D---- C:\Program Files\Common Files\MSSoap
2009-03-21 20:18:44 ----D---- C:\WINDOWS\srchasst
2009-03-21 20:18:43 ----D---- C:\WINDOWS\system32\Macromed
2009-03-21 20:18:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-03-21 20:18:40 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wups.dll
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-03-21 20:18:39 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-03-21 20:18:38 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-03-21 20:18:38 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-21 20:18:38 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-03-21 20:18:38 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-03-21 20:18:33 ----D---- C:\Program Files\Movie Maker
2009-03-21 20:18:30 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-03-21 20:18:30 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-03-21 20:18:30 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-03-21 20:18:30 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-03-21 20:18:25 ----D---- C:\WINDOWS\system32\Restore
2009-03-21 20:18:25 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-03-21 20:18:25 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-03-21 20:18:25 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-03-21 20:18:24 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-03-21 20:18:24 ----A---- C:\WINDOWS\system32\srclient.dll
2009-03-21 20:18:24 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-03-21 20:18:24 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-03-21 20:18:24 ----A---- C:\WINDOWS\system32\ils.dll
2009-03-21 20:18:23 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-03-21 20:18:23 ----A---- C:\WINDOWS\system32\msconf.dll
2009-03-21 20:18:23 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-03-21 20:18:20 ----D---- C:\Program Files\NetMeeting
2009-03-21 20:18:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-03-21 20:18:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-03-21 20:18:19 ----A---- C:\WINDOWS\system32\inetres.dll
2009-03-21 20:18:19 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-03-21 20:18:17 ----D---- C:\Program Files\Outlook Express
2009-03-21 20:18:17 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-03-21 20:18:16 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-03-21 20:18:16 ----A---- C:\WINDOWS\system32\mstask.dll
2009-03-21 20:18:16 ----A---- C:\WINDOWS\system32\isign32.dll
2009-03-21 20:18:16 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-03-21 20:18:16 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-03-21 20:18:15 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-03-21 20:18:10 ----D---- C:\Program Files\Common Files\System
2009-03-21 20:18:03 ----D---- C:\Program Files\Internet Explorer
2009-03-21 20:17:33 ----D---- C:\Program Files\ComPlus Applications
2009-03-21 20:17:31 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-21 20:17:31 ----A---- C:\WINDOWS\vb.ini
2009-03-21 20:17:27 ----D---- C:\WINDOWS\Registration
2009-03-21 20:17:20 ----D---- C:\Program Files\Online Services
2009-03-21 20:17:19 ----D---- C:\Program Files\Windows Media Player
2009-03-21 20:17:12 ----D---- C:\Program Files\Messenger
2009-03-21 20:17:08 ----D---- C:\Program Files\MSN Gaming Zone
2009-03-21 20:17:08 ----A---- C:\WINDOWS\system32\write.exe
2009-03-21 20:16:59 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-03-21 20:16:59 ----A---- C:\WINDOWS\system32\hticons.dll
2009-03-21 20:16:59 ----A---- C:\WINDOWS\system32\avwav.dll
2009-03-21 20:16:59 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-03-21 20:16:59 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-03-21 20:16:58 ----A---- C:\WINDOWS\system32\winchat.exe
2009-03-21 20:16:52 ----A---- C:\WINDOWS\system32\getuname.dll
2009-03-21 20:16:51 ----A---- C:\WINDOWS\system32\winmine.exe
2009-03-21 20:16:51 ----A---- C:\WINDOWS\system32\sol.exe
2009-03-21 20:16:51 ----A---- C:\WINDOWS\system32\charmap.exe
2009-03-21 20:16:51 ----A---- C:\WINDOWS\system32\calc.exe
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\tskill.exe
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\reset.exe
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-03-21 20:16:50 ----A---- C:\WINDOWS\system32\freecell.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\tscon.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\shadow.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\regini.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\msg.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\logoff.exe
2009-03-21 20:16:49 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-03-21 20:16:48 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-03-21 20:16:48 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-03-21 20:16:48 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\stclient.dll
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-03-21 20:16:47 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-03-21 20:16:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-03-21 20:16:28 ----D---- C:\Program Files\MSN
2009-03-21 20:16:27 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-03-21 20:16:26 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-03-21 20:16:26 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-03-21 20:16:26 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-03-21 20:16:25 ----D---- C:\Program Files\Windows NT
2009-03-21 20:16:25 ----A---- C:\WINDOWS\system32\spider.exe
2009-03-21 20:16:25 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-03-21 20:16:25 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-03-21 20:16:24 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-03-21 20:16:24 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-03-21 20:16:24 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-03-21 20:16:23 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-03-21 20:16:22 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-03-21 20:16:22 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-03-21 20:16:21 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-03-21 20:16:21 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-03-21 20:16:21 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-03-21 20:16:21 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-03-21 20:16:21 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-03-21 20:16:20 ----D---- C:\WINDOWS\system32\Com
2009-03-21 20:16:20 ----A---- C:\WINDOWS\system32\colbact.dll
2009-03-21 20:16:20 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-03-21 20:16:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-03-21 20:16:19 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-03-21 20:16:19 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-03-21 20:16:19 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-03-21 20:16:18 ----A---- C:\WINDOWS\system32\comuid.dll
2009-03-21 20:16:18 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-03-21 20:16:11 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-03-21 20:16:11 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-03-21 20:16:11 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-03-21 20:16:11 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-03-21 20:14:37 ----A---- C:\WINDOWS\system32\h323log.txt
2009-03-21 20:05:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-21 20:05:52 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-03-21 20:04:56 ----A---- C:\WINDOWS\system32\usbui.dll
2009-03-21 20:03:39 ----SHD---- C:\WINDOWS\Installer
2009-03-21 20:03:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-21 20:03:38 ----D---- C:\Program Files\Common Files\ODBC
2009-03-21 20:03:38 ----A---- C:\WINDOWS\ODBCINST.INI
2009-03-21 20:03:35 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-03-21 20:03:34 ----RD---- C:\Program Files
2009-03-21 20:03:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-21 20:03:34 ----D---- C:\Program Files\Common Files
2009-03-21 20:03:31 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-03-21 20:03:31 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-03-21 20:03:31 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-03-21 20:03:29 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-03-21 20:03:27 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-03-21 20:03:25 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-03-21 20:03:25 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-03-21 20:03:25 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-03-21 20:03:25 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-03-21 20:03:25 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-03-21 20:03:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-03-21 20:03:20 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-03-21 20:03:20 ----A---- C:\WINDOWS\system32\irclass.dll
2009-03-21 20:03:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-03-21 20:03:20 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-03-21 20:03:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-03-21 20:03:18 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-03-21 20:03:17 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-03-21 20:03:17 ----A---- C:\WINDOWS\system32\batt.dll
2009-03-21 20:03:17 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-03-21 20:03:16 ----A---- C:\WINDOWS\system32\storprop.dll
2009-03-21 20:03:08 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-03-21 20:03:04 ----RA---- C:\WINDOWS\SET8.tmp
2009-03-21 20:03:02 ----RA---- C:\WINDOWS\SET4.tmp
2009-03-21 20:03:00 ----RA---- C:\WINDOWS\SET3.tmp
2009-03-21 20:02:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-21 20:02:56 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-21 20:02:50 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-21 20:02:29 ----SHD---- C:\System Volume Information
2009-03-21 20:02:29 ----D---- C:\Documents and Settings
2009-03-21 20:01:43 ----RSH---- C:\boot.ini
2009-03-21 19:56:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-21 19:56:31 ----RSD---- C:\WINDOWS\Fonts
2009-03-21 19:56:31 ----RD---- C:\WINDOWS\Web
2009-03-21 19:56:31 ----HD---- C:\WINDOWS\inf
2009-03-21 19:56:31 ----D---- C:\WINDOWS\WinSxS
2009-03-21 19:56:31 ----D---- C:\WINDOWS\twain_32
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Temp
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\wins
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\wbem
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\usmt
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\spool
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\ShellExt
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\Setup
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\ras
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\oobe
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\npp
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\mui
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\IME
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\icsxml
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\ias
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\export
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\drivers
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\dhcp
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\config
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\3com_dmi
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\3076
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\2052
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1054
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1042
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1041
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1037
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1033
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1031
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1028
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32\1025
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system32
2009-03-21 19:56:31 ----D---- C:\WINDOWS\system
2009-03-21 19:56:31 ----D---- C:\WINDOWS\security
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Resources
2009-03-21 19:56:31 ----D---- C:\WINDOWS\repair
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Provisioning
2009-03-21 19:56:31 ----D---- C:\WINDOWS\PeerNet
2009-03-21 19:56:31 ----D---- C:\WINDOWS\pchealth
2009-03-21 19:56:31 ----D---- C:\WINDOWS\mui
2009-03-21 19:56:31 ----D---- C:\WINDOWS\msapps
2009-03-21 19:56:31 ----D---- C:\WINDOWS\msagent
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Media
2009-03-21 19:56:31 ----D---- C:\WINDOWS\java
2009-03-21 19:56:31 ----D---- C:\WINDOWS\ime
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Help
2009-03-21 19:56:31 ----D---- C:\WINDOWS\ehome
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Driver Cache
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Debug
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Cursors
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Connection Wizard
2009-03-21 19:56:31 ----D---- C:\WINDOWS\Config
2009-03-21 19:56:31 ----D---- C:\WINDOWS\AppPatch
2009-03-21 19:56:31 ----D---- C:\WINDOWS\addins
2009-03-21 19:56:31 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-03-22 00:57:20 ----A---- C:\WINDOWS\win.ini
2009-03-21 20:03:33 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R3 Accelerometer;HP Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2008-05-23 28592]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-11 338944]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-11 3230720]
R3 BCM43XX;Upravljacki program za Broadcom 802.11 mrežni adapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-03-21 1391104]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-05-14 879624]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-04-04 296320]
S3 aiaw2xo2;aiaw2xo2; C:\WINDOWS\system32\drivers\aiaw2xo2.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-05-14 74688]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-10 561152]
R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-12 264800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-21 152984]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2009-03-21 24576]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

INFO.TXT

info.txt logfile of random's system information tool 1.06 2009-03-29 20:29:14

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Broadcom Wireless Utility-->"C:\Program Files\Broadcom\Broadcom 802.11\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11_App\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11"
Catalyst Control Center - Branding-->MsiExec.exe /I{C349C10C-1474-4000-9073-9299856C8A70}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP 3D DriveGuard-->MsiExec.exe /X{E5C1C126-1687-4868-A3DD-B807176E4970}
HP BatteryCheck 2.10 A2-->"C:\Program Files\InstallShield Installation Information\{69DAC00A-7665-4E9B-B441-093D40736429}\setup.exe" -runfromtemp -l0x0009 -removeonly uninst
HP Common Access Service Library-->MsiExec.exe /I{732A3F80-008B-4350-BD58-EC5AE98707B8}
HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
HP Quick Launch Buttons 6.40 L2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\Setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Webcam Application-->C:\Program Files\InstallShield Installation Information\{154E4F71-DFC0-4B31-8D99-F97615031B02}\setup.exe -runfromtemp -l0x0009 -removeonly
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
K-Lite Mega Codec Pack 3.9.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
SCR3xxx Smart Card Reader-->MsiExec.exe /I{9A154D6D-13D6-4CA1-BB3A-E792C18DACBF}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0009 -removeonly

======Security center information======

AV: Kaspersky Internet Security (outdated)
FW: Kaspersky Internet Security

======System event log======

Computer Name: LAPTOP
Event Code: 1007
Message: Your computer has automatically configured the IP address for the Network
Card with network address 0021007F57A1. The IP address being used is 169.254.100.150.

Record Number: 251
Source Name: Dhcp
Time Written: 20090321213557.000000+060
Event Type: warning
User:

Computer Name: LAPTOP
Event Code: 17
Message: The device sent an incorrect response(s) following a keyboard reset.

Record Number: 147
Source Name: i8042prt
Time Written: 20090321211315.000000+060
Event Type: warning
User:

Computer Name: LAPTOP
Event Code: 59
Message: Generate Activation Context failed for C:\Documents and Settings\Radica\Local Settings\Temp\{43801800-cfee-11d2-a41b-006097b55ad3}\RegPermWriter.exe.
Reference error message: The operation completed successfully.
.

Record Number: 73
Source Name: SideBySide
Time Written: 20090321204715.000000+060
Event Type: error
User:

Computer Name: LAPTOP
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.VC80.CRT.
Reference error message: The referenced assembly is not installed on your system.
.

Record Number: 72
Source Name: SideBySide
Time Written: 20090321204715.000000+060
Event Type: error
User:

Computer Name: LAPTOP
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.

Record Number: 71
Source Name: SideBySide
Time Written: 20090321204715.000000+060
Event Type: error
User:

=====Application event log=====

Computer Name: LAPTOP
Event Code: 5603
Message: A provider, Provider_BIOSInterface, has been registered in the WMI namespace, root\HP\InstrumentedBIOS, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 15
Source Name: WinMgmt
Time Written: 20090321191757.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP
Event Code: 5603
Message: A provider, Provider_BIOSInterface, has been registered in the WMI namespace, root\HP\InstrumentedBIOS, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 14
Source Name: WinMgmt
Time Written: 20090321191757.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 13
Source Name: WinMgmt
Time Written: 20090321191757.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 12
Source Name: WinMgmt
Time Written: 20090321191757.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 11
Source Name: WinMgmt
Time Written: 20090321191755.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

peku006

2009-03-30, 08:23

Hi Felga

System Still Slow?
You may wish to try StartupLite. (http://www.malwarebytes.org/startuplite.php) Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware (http://www.bleepingcomputer.com/forums/index.php?showtopic=87058&view=findpost&p=487112)

1 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) and save it to a convenient location.
Double click on mbam-setup.exe to install it.
Before clicking the Finish button, make sure that these 2 boxes are checked (ticked): Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
Select the Scanner tab. Click on Perform full scan, then click on Scan.
Leave the default options as it is and click on Start Scan.
When done, you will be prompted. Click OK, then click on Show Results.
Checked (ticked) all items except items in the System Volume Information folder and click on Remove Selected.

http://i35.photobucket.com/albums/d165/ndmmxiaomayi/mayi/mbam1.png

After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

2 - Status Check
Please reply with

1. the Malwarebytes' Anti-Malware Log

Thanks peku006

Felga

2009-03-30, 21:16

Hi, i disabled all startup programs what program said me. No malware found but computer is still slow! :sad:

Felga

2009-03-30, 21:16

Malwarebytes' Anti-Malware 1.35
Database version: 1920
Windows 5.1.2600 Service Pack 2

30.3.2009 21:09:20
mbam-log-2009-03-30 (21-09-20).txt

Scan type: Full Scan (C:\|)
Objects scanned: 101362
Time elapsed: 16 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

peku006

2009-03-31, 10:32

Hi Felga

but computer is still slow
in which case ,when you start it or when you use

1 - Clean temp files

Download and Run ATF Cleaner
Download ATF (Atribune Temp File) CleanerÂ© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

if you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

if you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program

2 - Kaspersky Online Scan

Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with

1. the Kaspersky online scanner report
2. a fresh HijackThis log

Thanks peku006

Felga

2009-03-31, 16:51

Hi again, kaspersky found nothing, computer still slow!!!!! :sad::sad:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:12, on 31.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5990 bytes

KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, March 31, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, March 31, 2009 11:58:34
Records in database: 1989302
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
Scan statistics
Files scanned 28093
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 00:49:30

No malware has been detected. The scan area is clean.
The selected area was scanned.

peku006

2009-03-31, 17:18

Hi Felga
There is no malware that would be causing your problem.May be software,hardware,windows problem.
Unfortunately you are now outside my area of knowledge, so I'm going to have to recommend that you visit one of the tech forums for assistance.
http://www.techsupportforum.com/
http://www.bleepingcomputer.com/forums/
http://forums.whatthetech.com/forums.html
http://forums.pcpitstop.com/

Felga

2009-04-01, 13:24

Ohhh okay, thanks anyway

peku006

2009-04-02, 19:22

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.