|
Hi,
Problem: Everything is so, so slow. Almost ground to a halt. Task Manager shows only 8000k of physical memory available from a possible 196,000. CPU usage is OK. I have deleted a lot of programs, music files etc.
Here are the requested logs:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:41:22 PM, on 4/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\Webshots\Webshots.scr
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [NDSTray.exe] C:\Program Files\Toshiba\ConfigFree\NDSTray.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [IVPServiceMgr] C:\toshiba\ivp\ism\ivpsvmgr.exe O4 - HKLM\..\Run: [BCWipeTM Startup] "C:\Program Files\Jetico\BCWipe\BCWipeTM.exe" startup O4 - HKLM\..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe /bt O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=389D086T&id=menu_ie_frameO8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=389D086T&id=menu_ie_imageO8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=389D086T&id=menu_ie_linkO8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=389D086T&id=menu_ie_excludeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=389D086T&id=menu_ie_reportO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206576153890O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsu!!!!a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SNMP Service (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing) O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe O24 - Desktop Component 0: (no name) - http://www.bbc.co.uk/radio4/index/images/sandi_toksvig247x165.jpg--
End of file - 9925 bytes
Generated 04/30/2008 at 02:42 PM
Application Version : 4.0.1154
Core Rules Database Version : 3450
Trace Rules Database Version: 1442
Scan type : Complete Scan
Total Scan Time : 00:40:45
Memory items scanned : 439
Memory threats detected : 0
Registry items scanned : 4635
Registry threats detected : 0
File items scanned : 10651
File threats detected : 3
Adware.Tracking Cookie
C:\Documents and Settings\Bruce\Cookies\bruce@indextools[2].txt
Malware.LocusSoftware Inc/PCPrivacyTool
C:\Documents and Settings\Bruce\Application Data\ultra\uninstall.bat
C:\Documents and Settings\Bruce\Application Data\ultra
Start Time= Wed 04/30/2008 16:14:57.25
QuickScan did not find any signs of infected files
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-04-30 13:58:26 ( .D... ) "C:\Program Files\SUPERAntiSpyware"
2008-04-30 13:58:26 ( .D... ) "C:\Documents and Settings\Bruce\Application Data\SUPERAntiSpyware.com"
2008-04-30 13:57:00 ( .D... ) "C:\Program Files\Common Files\Wise Installation Wizard"
2008-04-30 12:32:20 ( .D... ) "C:\Program Files\Trend Micro"
2008-04-26 11:23:26 2560 ( A.... ) "C:\WINDOWS\_MSRSTRT.EXE"
2008-04-23 13:34:42 691545 ( A.... ) "C:\WINDOWS\unins000.exe"
2008-04-23 13:16:38 ( .D... ) "C:\Program Files\SpywareBlaster"
2008-04-23 11:53:32 ( .D... ) "C:\Documents and Settings\Bruce\Application Data\AVG7"
2008-04-23 11:49:28 ( .D... ) "C:\Program Files\Grisoft"
2008-04-06 14:56:20 19836024 ( A.... ) "C:\WINDOWS\system32\MRT.exe"
2008-03-28 08:54:24 ( .D... ) "C:\Program Files\Microsoft CAPICOM 2.1.0.2"
2008-03-19 18:47:00 1845248 ( A.... ) "C:\WINDOWS\system32\win32k.sys"
2008-03-19 18:47:00 1845248 ( A.... ) "C:\WINDOWS\system32\win32k.sys"
2008-03-01 22:06:32 826368 ( A.... ) "C:\WINDOWS\system32\wininet.dll"
2008-03-01 22:06:30 1159680 ( A.... ) "C:\WINDOWS\system32\urlmon.dll"
2008-03-01 22:06:30 671232 ( ..... ) "C:\WINDOWS\system32\mstime.dll"
2008-03-01 22:06:30 233472 ( A.... ) "C:\WINDOWS\system32\webcheck.dll"
2008-03-01 22:06:30 105984 ( A.... ) "C:\WINDOWS\system32\url.dll"
2008-03-01 22:06:30 102912 ( ..... ) "C:\WINDOWS\system32\occache.dll"
2008-03-01 22:06:30 44544 ( ..... ) "C:\WINDOWS\system32\pngfilt.dll"
2008-03-01 22:06:28 478208 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll"
2008-03-01 22:06:28 193024 ( ..... ) "C:\WINDOWS\system32\msrating.dll"
2008-03-01 22:06:26 459264 ( A.... ) "C:\WINDOWS\system32\msfeeds.dll"
2008-03-01 22:06:26 267776 ( A.... ) "C:\WINDOWS\system32\iertutil.dll"
2008-03-01 22:06:26 52224 ( A.... ) "C:\WINDOWS\system32\msfeedsbs.dll"
2008-03-01 22:06:26 27648 ( ..... ) "C:\WINDOWS\system32\jsproxy.dll"
2008-03-01 22:06:24 6066176 ( A.... ) "C:\WINDOWS\system32\ieframe.dll"
2008-03-01 22:06:24 44544 ( ..... ) "C:\WINDOWS\system32\iernonce.dll"
2008-03-01 22:06:22 384512 ( ..... ) "C:\WINDOWS\system32\iedkcs32.dll"
2008-03-01 22:06:22 383488 ( A.... ) "C:\WINDOWS\system32\ieapfltr.dll"
2008-03-01 22:06:22 347136 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll"
2008-03-01 22:06:22 230400 ( ..... ) "C:\WINDOWS\system32\ieaksie.dll"
2008-03-01 22:06:22 214528 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll"
2008-03-01 22:06:22 153088 ( ..... ) "C:\WINDOWS\system32\ieakeng.dll"
2008-03-01 22:06:22 133120 ( ..... ) "C:\WINDOWS\system32\extmgr.dll"
2008-03-01 22:06:22 63488 ( A.... ) "C:\WINDOWS\system32\icardie.dll"
2008-03-01 22:06:20 124928 ( A.... ) "C:\WINDOWS\system32\advpack.dll"
2008-03-01 18:36:30 3591680 ( A.... ) "C:\WINDOWS\system32\mshtml.dll"
2008-02-29 17:55:24 70656 ( ..... ) "C:\WINDOWS\system32\ie4uinit.exe"
2008-02-22 19:00:52 13824 ( A.... ) "C:\WINDOWS\system32\ieudinit.exe"
2008-02-22 02:33:32 139264 ( A.... ) "C:\WINDOWS\system32\javaws.exe"
2008-02-22 01:23:40 135168 ( A.... ) "C:\WINDOWS\system32\javaw.exe"
2008-02-22 01:23:36 135168 ( A.... ) "C:\WINDOWS\system32\java.exe"
2008-02-20 15:51:06 282624 ( A.... ) "C:\WINDOWS\system32\gdi32.dll"
2008-02-20 14:32:44 148992 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll"
2008-02-20 14:32:44 45568 ( A.... ) "C:\WINDOWS\system32\dnsrslvr.dll"
2008-02-15 14:44:26 161792 ( ..... ) "C:\WINDOWS\system32\ieakui.dll"
((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"LtMoh"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
"TPSMain"="TPSMain.exe"
"NDSTray.exe"="C:\\Program Files\\Toshiba\\ConfigFree\\NDSTray.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA Zooming Utility\\SmoothView.exe"
"Pinger"="C:\\TOSHIBA\\IVP\\ISM\\pinger.exe /run"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"IVPServiceMgr"="C:\\toshiba\\ivp\\ism\\ivpsvmgr.exe"
"BCWipeTM Startup"="\"C:\\Program Files\\Jetico\\BCWipe\\BCWipeTM.exe\" startup"
"Ad Muncher"="C:\\Program Files\\Ad Muncher\\AdMunch.exe /bt"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"TOSCDSPD"="C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
Contents of the 'Scheduled Tasks' folder
Completion time: Wed 04/30/2008 16:15:55.09
ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt
Start Time= Wed 04/30/2008 15:33:24.93
QuickScan did not find any signs of infected files
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-04-30 13:58:26 ( .D... ) "C:\Program Files\SUPERAntiSpyware"
2008-04-30 13:58:26 ( .D... ) "C:\Documents and Settings\Bruce\Application Data\SUPERAntiSpyware.com"
2008-04-30 13:57:00 ( .D... ) "C:\Program Files\Common Files\Wise Installation Wizard"
2008-04-30 12:32:20 ( .D... ) "C:\Program Files\Trend Micro"
2008-04-26 11:23:26 2560 ( A.... ) "C:\WINDOWS\_MSRSTRT.EXE"
2008-04-23 13:34:42 691545 ( A.... ) "C:\WINDOWS\unins000.exe"
2008-04-23 13:16:38 ( .D... ) "C:\Program Files\SpywareBlaster"
2008-04-23 11:53:32 ( .D... ) "C:\Documents and Settings\Bruce\Application Data\AVG7"
2008-04-23 11:49:28 ( .D... ) "C:\Program Files\Grisoft"
2008-04-06 14:56:20 19836024 ( A.... ) "C:\WINDOWS\system32\MRT.exe"
2008-03-28 08:54:24 ( .D... ) "C:\Program Files\Microsoft CAPICOM 2.1.0.2"
2008-03-19 18:47:00 1845248 ( A.... ) "C:\WINDOWS\system32\win32k.sys"
2008-03-19 18:47:00 1845248 ( A.... ) "C:\WINDOWS\system32\win32k.sys"
2008-03-01 22:06:32 826368 ( A.... ) "C:\WINDOWS\system32\wininet.dll"
2008-03-01 22:06:30 1159680 ( A.... ) "C:\WINDOWS\system32\urlmon.dll"
2008-03-01 22:06:30 671232 ( ..... ) "C:\WINDOWS\system32\mstime.dll"
2008-03-01 22:06:30 233472 ( A.... ) "C:\WINDOWS\system32\webcheck.dll"
2008-03-01 22:06:30 105984 ( A.... ) "C:\WINDOWS\system32\url.dll"
2008-03-01 22:06:30 102912 ( ..... ) "C:\WINDOWS\system32\occache.dll"
2008-03-01 22:06:30 44544 ( ..... ) "C:\WINDOWS\system32\pngfilt.dll"
2008-03-01 22:06:28 478208 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll"
2008-03-01 22:06:28 193024 ( ..... ) "C:\WINDOWS\system32\msrating.dll"
2008-03-01 22:06:26 459264 ( A.... ) "C:\WINDOWS\system32\msfeeds.dll"
2008-03-01 22:06:26 267776 ( A.... ) "C:\WINDOWS\system32\iertutil.dll"
2008-03-01 22:06:26 52224 ( A.... ) "C:\WINDOWS\system32\msfeedsbs.dll"
2008-03-01 22:06:26 27648 ( ..... ) "C:\WINDOWS\system32\jsproxy.dll"
2008-03-01 22:06:24 6066176 ( A.... ) "C:\WINDOWS\system32\ieframe.dll"
2008-03-01 22:06:24 44544 ( ..... ) "C:\WINDOWS\system32\iernonce.dll"
2008-03-01 22:06:22 384512 ( ..... ) "C:\WINDOWS\system32\iedkcs32.dll"
2008-03-01 22:06:22 383488 ( A.... ) "C:\WINDOWS\system32\ieapfltr.dll"
2008-03-01 22:06:22 347136 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll"
2008-03-01 22:06:22 230400 ( ..... ) "C:\WINDOWS\system32\ieaksie.dll"
2008-03-01 22:06:22 214528 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll"
2008-03-01 22:06:22 153088 ( ..... ) "C:\WINDOWS\system32\ieakeng.dll"
2008-03-01 22:06:22 133120 ( ..... ) "C:\WINDOWS\system32\extmgr.dll"
2008-03-01 22:06:22 63488 ( A.... ) "C:\WINDOWS\system32\icardie.dll"
2008-03-01 22:06:20 124928 ( A.... ) "C:\WINDOWS\system32\advpack.dll"
2008-03-01 18:36:30 3591680 ( A.... ) "C:\WINDOWS\system32\mshtml.dll"
2008-02-29 17:55:24 70656 ( ..... ) "C:\WINDOWS\system32\ie4uinit.exe"
2008-02-22 19:00:52 13824 ( A.... ) "C:\WINDOWS\system32\ieudinit.exe"
2008-02-22 02:33:32 139264 ( A.... ) "C:\WINDOWS\system32\javaws.exe"
2008-02-22 01:23:40 135168 ( A.... ) "C:\WINDOWS\system32\javaw.exe"
2008-02-22 01:23:36 135168 ( A.... ) "C:\WINDOWS\system32\java.exe"
2008-02-20 15:51:06 282624 ( A.... ) "C:\WINDOWS\system32\gdi32.dll"
2008-02-20 14:32:44 148992 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll"
2008-02-20 14:32:44 45568 ( A.... ) "C:\WINDOWS\system32\dnsrslvr.dll"
2008-02-15 14:44:26 161792 ( ..... ) "C:\WINDOWS\system32\ieakui.dll"
((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"LtMoh"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
"TPSMain"="TPSMain.exe"
"NDSTray.exe"="C:\\Program Files\\Toshiba\\ConfigFree\\NDSTray.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA Zooming Utility\\SmoothView.exe"
"Pinger"="C:\\TOSHIBA\\IVP\\ISM\\pinger.exe /run"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"IVPServiceMgr"="C:\\toshiba\\ivp\\ism\\ivpsvmgr.exe"
"BCWipeTM Startup"="\"C:\\Program Files\\Jetico\\BCWipe\\BCWipeTM.exe\" startup"
"Ad Muncher"="C:\\Program Files\\Ad Muncher\\AdMunch.exe /bt"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"TOSCDSPD"="C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
Contents of the 'Scheduled Tasks' folder
Completion time: Wed 04/30/2008 15:34:19.12
ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt
| 
|