Show Posts

Tech Clinic / Slow pc

« on: November 16, 2009, 09:46:23 AM »

info.txt logfile of random's system information tool 1.06 2009-11-16 09:08:34

======Uninstall list======

-->"C:\Program Files\HP Games\Airstrike 2 Gulf Thunder\Uninstall.exe"
-->"C:\Program Files\HP Games\Alien Shooter\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bistro Stars\Uninstall.exe"
-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\Family Feud\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Garden Dreams\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Snowy Space Trip\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
-->"C:\Program Files\WildTangent\Apps\My HP Game Console\Uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ÂµTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Acoustica Mixcraft 4.5-->C:\PROGRA~1\ACOUST~1\Unwise.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
AllMusicConverter 3.8.6-->"C:\Program Files\AllMusicConverter\unins000.exe"
AnyTV Free 2.44-->"C:\Program Files\FDRLab\AnyTV\unins000.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins001.exe"
Cheat Engine 5.5-->"C:\Program Files\Cheat Engine\unins000.exe"
Compaq Connections (remove only)-->C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Cross Fire En-->"C:\Program Files\Z8Games\CrossFire\unins000.exe"
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf
Deck Studio-->MsiExec.exe /X{59DA77AC-4A9F-4272-8800-FD3988EF35E8}
DISCover-->"C:\Program Files\DISC\uninstall.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB912024)-->"C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Support Overview-->"C:\WINDOWS\unins000.exe"
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(tm) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kaiba Corp Virtual Duel System 1.16-->"C:\Program Files\Kaiba Corp VDS\unins000.exe"
LimeWire 5.1.4-->"C:\Program Files\LimeWire\uninstall.exe"
Livestream Procaster-->MsiExec.exe /I{F3C514B0-F676-4D4E-91F7-A7EE89878593}
LogMeIn Hamachi-->C:\WINDOWS\system32\\msiexec.exe /i {067EC517-9731-43FD-B4D5-296EE0027BBB} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{067EC517-9731-43FD-B4D5-296EE0027BBB}
Malwarebytes' Anti-Malware-->"C:\Program Files\Market\unins000.exe"
Media Go-->MsiExec.exe /X{AEE307D5-9E65-4971-818E-C4D96DF55C64}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Standard Edition 2003 60 days trial-->c:\hp\bin\cloaker.exe c:\hp\bin\MSOffice\uninst.cmd
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Need4 Software Launcher 6.2-->C:\Program Files\Need4 Software Launcher\uninst.exe
Need4 Video Converter 6-->C:\Program Files\Need4 Video Converter 6\uninst.exe
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PFPortChecker 1.0.31-->C:\Program Files\PFPortChecker\uninst.exe
PlayStation®Network Downloader-->MsiExec.exe /X{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}
PlayStation®Store-->MsiExec.exe /X{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
PSP Video 9 5.03-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Remove WeatherBug Installer-->c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c c:\hp\bin\wbug\clean.bat
Rightdown Software - Toolbar-->regsvr32 /u /s "C:\Program Files\Rightdown Software SearchBar\rssb.dll"
RONIN-->MsiExec.exe /X{DF72F15A-76CE-46DD-A76E-3580E088D625}
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SPOREâ„¢-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x0009 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
Ultra Mobile 3GP Video Converter 5.2.0603-->"C:\Program Files\Ultra Mobile 3GP Video Converter\unins000.exe"
Update for Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Ventrilo Server-->MsiExec.exe /X{1D46A3A0-B37D-423A-91C2-101A49E2FF80}
Warcraft III-->C:\Program Files\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe
WE Unlimited 1.20-->"C:\Program Files\WE Unlimited\unins000.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB892050-->"C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe"
Windows XP Hotfix - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
WM Converter 2.0-->C:\Program Files\WM Converter\Uninstal.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft Public Test-PTR\Uninstall.exe
Yahoo! Toolbar for Internet Explorer-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
YouTube Downloader App 2.03-->C:\Program Files\Regensoft\Downloader App\uninstaller.exe
ZOrg-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28D30296-A495-4D1C-94BF-D9C5259F3D2F}\setup.exe" -l0x9 -removeonly

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: YOUR-4DACD0EA75
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 689
Source Name: Tcpip
Time Written: 20090816023126.000000-240
Event Type: warning
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 686
Source Name: Tcpip
Time Written: 20090816020326.000000-240
Event Type: warning
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 676
Source Name: W32Time
Time Written: 20090814161357.000000-240
Event Type: warning
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 7000
Message: The MCSTRM service failed to start due to the following error:
The system cannot find the file specified.

Record Number: 639
Source Name: Service Control Manager
Time Written: 20090814023446.000000-240
Event Type: error
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 7034
Message: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Record Number: 632
Source Name: Service Control Manager
Time Written: 20090814023245.000000-240
Event Type: error
User:

=====Application event log=====

Computer Name: YOUR-4DACD0EA75
Event Code: 20
Message:
Record Number: 738
Source Name: Google Update
Time Written: 20090919104237.000000-240
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4DACD0EA75
Event Code: 20
Message:
Record Number: 730
Source Name: Google Update
Time Written: 20090919102722.000000-240
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4DACD0EA75
Event Code: 1002
Message: Hanging application firefox.exe, version 1.9.1.3523, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 707
Source Name: Application Hang
Time Written: 20090917185012.000000-240
Event Type: error
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 1000
Message: Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x01530fd0.

Record Number: 676
Source Name: Application Error
Time Written: 20090913201822.000000-240
Event Type: error
User:

Computer Name: YOUR-4DACD0EA75
Event Code: 1000
Message: Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x01530fd0.

Record Number: 674
Source Name: Application Error
Time Written: 20090913201755.000000-240
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;c:\Python22;C:\Program Files\Common Files\DivX Shared;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=5f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

AND

ComboFix 09-11-11.02 - Compaq_Administrator 11/12/2009 3:28.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1982.1478 [GMT -5:00]
Running from: c:\documents and settings\Compaq_Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\rfy.tmp
c:\windows\system32\kubidima.dll
c:\windows\system32\napokoku.dll
c:\windows\system32\rekomeve.dll
c:\windows\Tasks\fkkqugoq.job

.
((((((((((((((((((((((((( Files Created from 2009-10-12 to 2009-11-12 )))))))))))))))))))))))))))))))
.

2009-11-12 06:41 . 2009-11-12 06:41 -------- d-----w- c:\program files\Market
2009-11-11 22:23 . 2009-11-12 08:05 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\AskToolbar
2009-11-11 12:30 . 2009-11-11 12:30 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Sega
2009-11-11 12:12 . 2009-11-11 12:12 -------- d-----w- c:\program files\Common Files\DirectX
2009-11-11 11:15 . 2009-11-11 11:16 -------- d-----w- c:\program files\Ask.com
2009-11-11 11:15 . 2009-11-11 11:15 -------- d-----w- c:\program files\uTorrent
2009-11-11 11:15 . 2009-11-11 11:20 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\uTorrent
2009-11-11 09:50 . 2009-11-11 09:50 -------- d-----w- c:\windows\San Andreas Mod Installer
2009-11-11 04:43 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-11 04:43 . 2009-11-12 06:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 04:43 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 01:32 . 2009-11-11 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-11 01:32 . 2009-11-11 01:32 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-10 00:00 . 2009-11-10 00:00 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-09 23:46 . 2009-11-09 23:46 -------- d-----w- c:\program files\FDRLab
2009-11-09 23:46 . 2009-11-09 23:46 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\FDRLab
2009-11-08 21:34 . 2009-11-08 22:03 -------- d-----w- c:\program files\keyclone
2009-11-08 14:01 . 2009-11-08 14:01 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Malwarebytes
2009-11-08 14:01 . 2009-11-08 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-07 17:25 . 2009-11-07 17:25 -------- d-----w- c:\program files\LogMeIn Hamachi
2009-11-03 05:52 . 2009-11-03 05:53 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\SPORE
2009-11-03 05:28 . 2009-11-03 05:28 -------- d--h--r- c:\documents and settings\Compaq_Administrator\Application Data\SecuROM
2009-11-03 04:57 . 2009-11-03 04:57 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-03 04:57 . 2009-11-03 04:57 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-03 04:56 . 2009-11-03 05:15 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\DAEMON Tools Lite
2009-11-03 04:56 . 2009-11-03 04:56 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-02 08:03 . 2009-11-02 08:03 -------- d-----w- C:\GAMES
2009-11-01 20:48 . 2007-10-23 14:27 110592 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\U3\temp\cleanup.exe
2009-11-01 20:45 . 2008-02-25 18:47 3489792 ---ha-w- c:\documents and settings\Compaq_Administrator\Application Data\U3\temp\Launchpad Removal.exe
2009-11-01 20:45 . 2009-11-01 20:48 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\U3
2009-10-29 19:22 . 2009-10-29 19:22 -------- d-----w- c:\program files\WM Converter
2009-10-25 10:34 . 2009-10-25 10:34 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Red Kawa
2009-10-25 10:16 . 2009-10-25 10:16 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Geckofx
2009-10-25 10:15 . 2009-10-25 10:15 -------- d-----w- c:\program files\Regensoft
2009-10-25 10:15 . 2009-10-25 10:15 -------- d-----w- c:\program files\AviSynth 2.5
2009-10-25 10:15 . 2009-10-25 10:15 -------- d-----w- c:\program files\Red Kawa
2009-10-25 10:12 . 2009-10-25 10:12 -------- d-----w- C:\Need4Video files
2009-10-25 10:11 . 2009-10-25 10:11 -------- d-----w- c:\program files\Need4 Software Launcher
2009-10-25 10:11 . 2009-10-25 10:11 -------- d-----w- c:\program files\Need4 Video Converter 6
2009-10-25 10:04 . 2009-10-25 10:04 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Sony
2009-10-25 10:03 . 2009-10-25 10:03 -------- d-----w- c:\program files\Common Files\Sony Shared
2009-10-25 10:03 . 2009-10-25 10:03 10134 ----a-r- c:\documents and settings\Compaq_Administrator\Application Data\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2009-10-25 10:03 . 2009-10-25 10:03 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Downloaded Installations
2009-10-25 10:03 . 2009-10-25 10:03 -------- d-----w- c:\program files\Sony
2009-10-25 10:03 . 2009-10-25 10:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-10-25 10:02 . 2009-10-25 10:02 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-10-25 10:00 . 2009-10-25 10:01 12212040 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Sony Setup\A34E95A5-C379-4746-B607-09AE7B36A102\WMFDist11-WindowsXP-x86-ENU.exe
2009-10-25 09:59 . 2009-10-25 10:03 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Sony
2009-10-25 09:59 . 2009-10-25 10:00 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Sony Setup
2009-10-25 09:59 . 2009-10-25 09:59 -------- d-----w- c:\program files\Sony Setup
2009-10-25 05:09 . 2009-10-25 05:09 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-25 04:09 . 2009-10-25 04:09 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\AdobeUM
2009-10-23 02:41 . 2009-10-23 02:50 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\TeamViewer
2009-10-23 02:41 . 2009-10-23 02:41 -------- d-----w- c:\program files\TeamViewer
2009-10-23 02:40 . 2009-10-23 02:40 -------- d-----w- c:\documents and settings\Compaq_Administrator\temp
2009-10-21 22:18 . 2009-10-21 22:18 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Blizzard Entertainment
2009-10-19 23:25 . 2009-10-25 04:55 -------- d-----w- c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Deployment
2009-10-18 17:38 . 2009-10-18 18:16 45 ----a-w- c:\documents and settings\Compaq_Administrator\jagex_runescape_preferences2.dat
2009-10-17 05:21 . 2009-09-23 14:41 26176 ---ha-w- c:\windows\system32\hamachi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 08:27 . 2009-07-25 20:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-12 07:59 . 2009-08-14 05:44 -------- d-----w- c:\program files\Spyware Doctor
2009-11-11 05:42 . 2009-07-31 20:53 -------- d-----w- c:\program files\Warcraft III
2009-11-11 04:29 . 2009-07-25 21:10 -------- d-----w- c:\program files\Rightdown Software SearchBar
2009-11-10 01:46 . 2009-08-12 19:46 -------- d-----w- c:\program files\World of Warcraft
2009-11-08 20:44 . 2007-01-10 22:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-03 05:28 . 2009-10-02 07:43 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-25 11:13 . 2009-07-21 19:05 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\LimeWire
2009-10-25 01:04 . 2009-10-04 03:36 -------- d-----w- c:\program files\World of Warcraft Public Test
2009-10-23 02:59 . 2009-10-12 09:27 -------- d-----w- c:\program files\Kaiba Corp VDS
2009-10-18 18:19 . 2009-07-29 01:52 38 ----a-w- c:\documents and settings\Compaq_Administrator\jagex_runescape_preferences.dat
2009-10-18 05:40 . 2009-10-02 07:43 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\SPORE Creature Creator
2009-10-13 01:23 . 2009-10-12 23:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Dillie-O Digital
2009-10-13 00:11 . 2009-10-13 00:11 -------- d-----w- c:\program files\CCleaner
2009-10-12 23:21 . 2009-10-12 23:21 995840 ----a-r- c:\documents and settings\Compaq_Administrator\Application Data\Microsoft\Installer\{DF72F15A-76CE-46DD-A76E-3580E088D625}\RONIN.exe
2009-10-12 23:21 . 2009-10-12 23:21 -------- d-----w- c:\program files\Dillie-O Digital
2009-10-12 23:21 . 2009-10-12 23:21 1244672 ----a-r- c:\documents and settings\Compaq_Administrator\Application Data\Microsoft\Installer\{59DA77AC-4A9F-4272-8800-FD3988EF35E8}\DeckStudio.exe
2009-10-12 22:40 . 2007-01-10 22:14 44088 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-12 22:18 . 2009-10-12 22:18 111528 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-10-12 22:16 . 2009-10-12 22:16 -------- d-----w- c:\program files\MSBuild
2009-10-12 22:16 . 2009-10-12 22:16 -------- d-----w- c:\program files\Reference Assemblies
2009-10-12 22:04 . 2009-10-12 22:04 -------- d-----w- c:\program files\MSXML 6.0
2009-10-06 06:36 . 2009-10-06 06:36 -------- d-----w- c:\program files\ZOrg
2009-10-06 06:06 . 2007-01-10 22:09 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-06 06:06 . 2009-10-06 06:04 17204720 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-06 06:04 . 2009-10-06 06:04 8406648 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-06 06:03 . 2009-10-06 06:03 10309448 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-06 06:03 . 2009-10-06 06:03 64000 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-06 06:03 . 2009-10-06 06:03 52288 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-06 06:03 . 2009-10-06 06:03 50688 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-06 06:03 . 2009-10-06 06:03 114688 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-06 06:02 . 2009-10-06 06:02 488968 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\setup\setup.exe
2009-10-06 05:09 . 2009-08-01 07:41 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Apple Computer
2009-10-06 05:07 . 2009-10-06 05:07 -------- d-----w- c:\program files\iTunes
2009-10-06 05:07 . 2009-10-06 05:07 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-06 05:07 . 2009-10-06 05:07 -------- d-----w- c:\program files\iPod
2009-10-06 05:07 . 2009-10-06 05:05 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 05:07 . 2009-10-06 05:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 05:07 . 2009-10-06 05:06 -------- d-----w- c:\program files\Bonjour
2009-10-06 05:06 . 2009-10-06 05:06 -------- d-----w- c:\program files\QuickTime
2009-10-04 19:08 . 2009-07-30 18:56 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Ventrilo
2009-10-04 04:09 . 2009-07-21 08:33 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-10-03 04:21 . 2009-10-03 04:21 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Sonic
2009-10-03 04:21 . 2009-10-03 04:21 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Leadertech
2009-10-02 07:36 . 2009-10-02 07:36 -------- d-----w- c:\program files\Electronic Arts
2009-10-01 00:30 . 2009-09-05 23:55 -------- d-----w- c:\program files\VentSrv
2009-09-23 21:03 . 2009-09-23 21:02 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Hamachi
2009-09-23 14:41 . 2009-04-23 15:15 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2009-09-21 21:09 . 2009-09-21 21:09 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe
2009-09-16 01:57 . 2009-09-16 01:57 -------- d-----w- c:\program files\PFPortChecker
2009-09-04 21:44 . 2009-10-02 07:43 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 21:44 . 2009-10-02 07:43 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 21:44 . 2009-10-02 07:42 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 21:29 . 2009-10-02 07:43 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 21:29 . 2009-10-02 07:43 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 21:29 . 2009-10-02 07:43 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 21:29 . 2009-10-02 07:43 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 21:29 . 2009-10-02 07:42 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8406d728-e394-4d1b-a63d-baba0b97b275}]
bopedisu.dll [BU]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 19:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-30 67584]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-14 185896]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"mevujewab"="c:\windows\system32\rekomeve.dll" [BU]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-06-14 16239616]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"c:\\Program Files\\VentSrv\\ventrilo_srv.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\PFPortChecker\\PFPortChecker.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft Public Test\\WoW-0.3.0.10522-enUS-ptr-downloader.exe"=
"c:\\Program Files\\World of Warcraft Public Test\\WoW-0.3.0.10522-to-0.3.0.10554-enUS-ptr-downloader.exe"=
"c:\\Program Files\\World of Warcraft Public Test\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft Public Test\\WoW-0.3.0.10554-to-0.3.0.10571-enUS-ptr-downloader.exe"=
"c:\\Program Files\\World of Warcraft Public Test\\WoW-0.3.0.10571-to-0.3.0.10596-enUS-ptr-downloader.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\iPod\\bin\\iPodService.exe"=
"c:\\WINDOWS\\system32\\dllhost.exe"=
"c:\\Program Files\\Avira\\AntiVir Desktop\\avguard.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Compaq_Administrator\\Desktop\\cluttered\\YUGIOHPC\\joey_pc.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58096:TCP"= 58096:TCP:Pando Media Booster
"58096:UDP"= 58096:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [8/14/2009 12:45 AM 130936]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/21/2009 2:18 PM 108289]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [10/29/2009 12:27 PM 1074568]
R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [7/22/2009 12:34 AM 23096]
S2 gupdate1ca0c272cb88fd2;Google Update Service (gupdate1ca0c272cb88fd2);c:\program files\Google\Update\GoogleUpdate.exe [7/24/2009 1:22 AM 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11/10/2009 11:43 PM 38224]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [8/14/2009 12:44 AM 348752]
S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [7/22/2009 12:34 AM 245760]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-11-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-14 05:41]

2009-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 06:22]

2009-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 06:22]

2009-11-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 19:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.buckeyecablesystem.com/express/index.html
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
Trusted Zone: trymedia.com
TCP: {95784DCE-D22F-4820-9A0A-6482FE5B3BDE} = 72.240.13.6,72.240.13.5
FF - ProfilePath - c:\documents and settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\u8q6t1d9.default\
FF - prefs.js: browser.startup.homepage - wowhead.com
FF - plugin: c:\documents and settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\u8q6t1d9.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

SharedTaskScheduler-{698ab086-1874-4224-a9dc-96942191ca8f} - c:\windows\system32\rekomeve.dll
SSODL-mukopowug-{698ab086-1874-4224-a9dc-96942191ca8f} - c:\windows\system32\rekomeve.dll
AddRemove-SONICHEROES - c:\docume~1\COMPAQ~1\DESKTOP\SONICH~1\unsetup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 03:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A3501F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x8a3501f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1637052564-2845929974-231691455-1007\Software\SecuROM\License information*]
"datasecu"=hex:0e,d3,fc,a2,73,8a,60,55,66,ad,d9,e8,80,b8,6e,3b,b2,df,c0,b7,2a,
6d,59,f5,53,37,bb,c1,a3,fe,26,c0,e9,9b,93,67,d6,86,99,82,e7,8f,33,41,89,62,\
"rkeysecu"=hex:5e,b7,c1,56,af,ca,b3,37,20,76,f3,f0,c7,49,60,35
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(908)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\arservice.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2009-11-12 3:38 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-12 08:38
ComboFix2.txt 2009-11-11 22:38
ComboFix3.txt 2009-11-11 04:34

Pre-Run: 47,835,586,560 bytes free
Post-Run: 47,800,836,096 bytes free

- - End Of File - - 0B29EC96130BDC382C3054E32A59DDDC

I have deleted some programs after running combofix, because i got viruses from them. don't know if that matters or not, but i figured i would let you know just in case.

Tech Clinic / Slow pc

« on: November 16, 2009, 09:22:00 AM »

I have a slow pc and i have no idea why. I dont think i have any viruses. And i use Ccleaner to clear out any random junk/registry errors. I do have an integrated graphics card, but idk how bad thats affecting me. I'm not sure if some of my hardware is bad, or something wrong in the software. but i figured id ask. Don't know what info you would need...so here is RSIT.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Compaq_Administrator at 2009-11-16 09:14:08
Microsoft Windows XP Professional Service Pack 2
System drive C: has 43 GB (30%) free of 144 GB
Total RAM: 1982 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:09 AM, on 11/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Compaq_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buckeyecablesystem.com/express/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {8406d728-e394-4d1b-a63d-baba0b97b275} - bopedisu.dll (file missing)
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Livestream Procaster] "C:\Program Files\Livestream Procaster\Procaster.exe" -autorun
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Chessmaster Challenge\Images\stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Chessmaster Challenge\Images\armhelper.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{95784DCE-D22F-4820-9A0A-6482FE5B3BDE}: NameServer = 72.240.13.6,72.240.13.5
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca0c272cb88fd2) (gupdate1ca0c272cb88fd2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SMServer - SMServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe

--
End of file - 9601 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-04-27 438848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-08-14 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-07-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8406d728-e394-4d1b-a63d-baba0b97b275}]
bopedisu.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll [2007-01-10 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-08-14 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-21 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-04-27 438848]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-30 67584]
"ftutil2"=ftutil2.dll,SetWriteCacheMode []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-13 16239616]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-23 237568]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-16 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-02-17 49152]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-14 185896]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-28 221184]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-08 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"Livestream Procaster"=C:\Program Files\Livestream Procaster\Procaster.exe [2009-10-28 6456608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DISC\DISCover.exe"="C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System"
"C:\Program Files\DISC\DiscStreamHub.exe"="C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"
"C:\Program Files\DISC\myFTP.exe"="C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(tm) Platform SE binary"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\VentSrv\ventrilo_srv.exe"="C:\Program Files\VentSrv\ventrilo_srv.exe:*:Enabled:ventrilo_srv"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\PFPortChecker\PFPortChecker.exe"="C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded."
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-enUS-ptr-downloader.exe"="C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enUS-ptr-downloader.exe"="C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft Public Test\Launcher.exe"="C:\Program Files\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enUS-ptr-downloader.exe"="C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enUS-ptr-downloader.exe"="C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\iPod\bin\iPodService.exe"="C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService"
"C:\WINDOWS\system32\dllhost.exe"="C:\WINDOWS\system32\dllhost.exe:*:Enabled:dllhost"
"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"="C:\Program Files\Avira\AntiVir Desktop\avguard.exe:*:Enabled:avguard"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:ÂµTorrent"
"C:\Documents and Settings\Compaq_Administrator\Desktop\cluttered\YUGIOHPC\joey_pc.exe"="C:\Documents and Settings\Compaq_Administrator\Desktop\cluttered\YUGIOHPC\joey_pc.exe:*:Enabled:joey_pc"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2009-11-16 09:08:20 ----D---- C:\rsit
2009-11-16 09:08:20 ----D---- C:\Program Files\trend micro
2009-11-16 08:35:52 ----D---- C:\Program Files\Livestream Procaster
2009-11-12 23:58:03 ----D---- C:\CFLog
2009-11-12 23:56:34 ----D---- C:\Program Files\Common Files\INCA Shared
2009-11-12 23:50:13 ----D---- C:\Program Files\Z8Games
2009-11-12 03:38:21 ----A---- C:\ComboFix.txt
2009-11-12 01:41:15 ----D---- C:\Program Files\Market
2009-11-11 07:30:19 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Sega
2009-11-11 07:12:02 ----D---- C:\Program Files\Common Files\DirectX
2009-11-11 06:15:57 ----D---- C:\Program Files\Ask.com
2009-11-11 06:15:32 ----D---- C:\Program Files\uTorrent
2009-11-11 06:15:11 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\uTorrent
2009-11-11 05:24:58 ----A---- C:\WINDOWS\WORDPAD.INI
2009-11-11 04:50:37 ----D---- C:\WINDOWS\San Andreas Mod Installer
2009-11-10 23:43:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-10 23:23:08 ----A---- C:\WINDOWS\zip.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\SWSC.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\SWREG.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\sed.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\PEV.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\NIRCMD.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\MBR.exe
2009-11-10 23:23:08 ----A---- C:\WINDOWS\grep.exe
2009-11-10 23:23:03 ----D---- C:\WINDOWS\ERDNT
2009-11-10 23:22:36 ----D---- C:\Qoobox
2009-11-10 20:32:10 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-10 20:32:10 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-09 19:01:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-09 19:01:14 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-11-09 19:00:56 ----D---- C:\Program Files\Windows Media Connect 2
2009-11-09 19:00:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-11-09 18:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-09 18:58:37 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-11-09 18:46:46 ----D---- C:\Program Files\FDRLab
2009-11-09 18:46:46 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\FDRLab
2009-11-08 16:34:02 ----D---- C:\Program Files\keyclone
2009-11-08 09:01:49 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2009-11-08 09:01:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-07 12:25:00 ----D---- C:\Program Files\LogMeIn Hamachi
2009-11-03 00:52:33 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\SPORE
2009-11-03 00:28:17 ----RHD---- C:\Documents and Settings\Compaq_Administrator\Application Data\SecuROM
2009-11-02 23:57:07 ----D---- C:\Program Files\DAEMON Tools Lite
2009-11-02 23:56:28 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\DAEMON Tools Lite
2009-11-02 23:56:09 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-11-02 03:03:13 ----D---- C:\GAMES
2009-11-01 15:45:01 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\U3
2009-10-29 14:22:12 ----D---- C:\Program Files\WM Converter
2009-10-25 05:34:20 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Red Kawa
2009-10-25 05:15:54 ----D---- C:\Program Files\Regensoft
2009-10-25 05:15:51 ----D---- C:\Program Files\AviSynth 2.5
2009-10-25 05:15:43 ----D---- C:\Program Files\Red Kawa
2009-10-25 05:12:34 ----D---- C:\Need4Video files
2009-10-25 05:11:24 ----D---- C:\Program Files\Need4 Software Launcher
2009-10-25 05:11:18 ----D---- C:\Program Files\Need4 Video Converter 6
2009-10-25 05:03:45 ----D---- C:\Program Files\Common Files\Sony Shared
2009-10-25 05:03:17 ----D---- C:\Program Files\Sony
2009-10-25 05:03:17 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2009-10-25 05:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-10-25 05:02:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-10-25 05:02:15 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-10-25 04:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2009-10-25 04:59:39 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Sony Setup
2009-10-25 04:59:39 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Sony
2009-10-25 04:59:35 ----D---- C:\Program Files\Sony Setup
2009-10-25 00:09:05 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-24 23:09:07 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\AdobeUM
2009-10-22 21:41:18 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\TeamViewer
2009-10-22 21:41:14 ----D---- C:\Program Files\TeamViewer

======List of files/folders modified in the last 1 months======

2009-11-16 09:10:28 ----D---- C:\WINDOWS\Prefetch
2009-11-16 09:10:23 ----D---- C:\WINDOWS\Temp
2009-11-16 09:10:23 ----AD---- C:\WINDOWS
2009-11-16 09:08:20 ----D---- C:\Program Files
2009-11-16 08:35:56 ----SHD---- C:\WINDOWS\Installer
2009-11-16 08:35:02 ----D---- C:\WINDOWS\WinSxS
2009-11-16 07:19:28 ----D---- C:\Program Files\Mozilla Firefox
2009-11-16 05:00:21 ----SD---- C:\WINDOWS\Tasks
2009-11-16 03:57:14 ----D---- C:\WINDOWS\system32\drivers
2009-11-15 07:39:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-15 07:39:17 ----D---- C:\WINDOWS\Registration
2009-11-15 07:37:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-11-15 01:25:09 ----D---- C:\Program Files\World of Warcraft
2009-11-12 23:57:57 ----D---- C:\WINDOWS\system32
2009-11-12 23:56:34 ----D---- C:\Program Files\Common Files
2009-11-12 03:34:46 ----A---- C:\WINDOWS\system.ini
2009-11-12 03:33:23 ----D---- C:\WINDOWS\system32\config
2009-11-12 03:31:42 ----D---- C:\WINDOWS\AppPatch
2009-11-12 03:27:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-12 02:59:32 ----D---- C:\Program Files\Spyware Doctor
2009-11-12 02:20:12 ----A---- C:\WINDOWS\WININIT.INI
2009-11-11 00:42:16 ----D---- C:\Program Files\Warcraft III
2009-11-10 23:29:04 ----D---- C:\Program Files\Rightdown Software SearchBar
2009-11-10 23:07:00 ----D---- C:\WINDOWS\system32\Restore
2009-11-09 19:20:20 ----D---- C:\WINDOWS\ehome
2009-11-09 19:01:36 ----HD---- C:\WINDOWS\inf
2009-11-09 19:01:35 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-09 19:01:03 ----A---- C:\WINDOWS\win.ini
2009-11-09 19:00:55 ----D---- C:\Program Files\Windows Media Player
2009-11-09 19:00:52 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-11-09 19:00:52 ----D---- C:\WINDOWS\Help
2009-11-08 15:44:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-03 00:28:16 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-10-28 17:30:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-25 06:13:20 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\LimeWire
2009-10-25 05:03:26 ----RSD---- C:\WINDOWS\assembly
2009-10-25 05:02:21 ----D---- C:\WINDOWS\system32\LogFiles
2009-10-25 05:00:08 ----D---- C:\WINDOWS\system32\mui
2009-10-24 20:04:10 ----D---- C:\Program Files\World of Warcraft Public Test
2009-10-22 22:13:22 ----A---- C:\DBUG.txt
2009-10-22 21:59:29 ----D---- C:\Program Files\Kaiba Corp VDS
2009-10-18 00:40:08 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\SPORE Creature Creator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2005-08-03 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2005-08-03 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2005-08-03 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2005-08-03 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2005-08-03 10112]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-08 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-18 9600]
R3 HSX_DP;HSX_DP; C:\WINDOWS\system32\DRIVERS\HSX_DP.sys [2005-12-06 936448]
R3 HSXHWBS2;HSXHWBS2; C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys [2005-12-06 241664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-14 4299264]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MusCAudio;MusCAudio; C:\WINDOWS\system32\drivers\MusCAudio.sys [2009-06-26 23096]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-03-31 27008]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-09 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 winachsx;winachsx; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-06 670208]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys []
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys []
S3 aqtsrld5;aqtsrld5; C:\WINDOWS\system32\drivers\aqtsrld5.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-09 26496]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-09 20480]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2005-08-03 58880]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-21 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-08-18 61440]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 Ventrilo;Ventrilo; C:\Program Files\VentSrv\ventrilo_svc.exe [2008-08-25 76800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S2 gupdate1ca0c272cb88fd2;Google Update Service (gupdate1ca0c272cb88fd2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-24 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-14 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-09 267776]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-09 14336]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-08-30 3264636]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
S3 SMServer;SMServer; C:\WINDOWS\system32\snmvtsvc.exe [2009-06-26 245760]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-09 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

TheTechGuide Forum

News:

Messages - shiffter

Tech Clinic / Slow pc

Tech Clinic / Slow pc