Go Back   Computer Juice > Computer Software > Virus, Spyware & Security
Reload this Page

friends computer slow

Register iSpy Downloads New Posts Donate Unanswered Posts Member List Search

Computer Juice raffle - Win PC hardware of your choice worth Ł500 / €680 / $1000 - Enter HERE!


Computer Juice - Forums - friends computer slow

Reply
< 1 2 3 >
 
Thread Tools
  #16  
Old 19-04-2008, 02:20 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

heres my ne hijack log Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:29 AM, on 4/19/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\CtHelper.exe
C:\Windows\System32\CTXFIHLP.EXE
C:\Users\Mark JR\Program Files\DNA\btdna.exe
C:\Windows\System32\CTXFISPI.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <Link hidden. Register for free to see this link!>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <Link hidden. Register for free to see this link!>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <Link hidden. Register for free to see this link!>
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <Link hidden. Register for free to see this link!>
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 72.233.61.2 L2authd.lineage2.com
O1 - Hosts: 72.233.61.2 L2testauthd.lineage2.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Mark JR\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - <Link hidden. Register for free to see this link!>
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - <Link hidden. Register for free to see this link!>
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - <Link hidden. Register for free to see this link!>
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - <Link hidden. Register for free to see this link!>
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - <Link hidden. Register for free to see this link!>
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - Unknown owner - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

--
End of file - 9690 bytes
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #17  
Old 19-04-2008, 02:52 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is online now
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 10:28 PM
Posts: 4,351
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default

friends computer slow

I gave you a link in post # 11 on the live update. What more information do you want?

Did you or did you not fix the items with MBAM?
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> No action taken. <<This needs to be fixed!

I also asked for an uninstall list.
__________________
.

Never argue with an idiot. They'll bring you down to their level, then beat you with experience.
.
.
Last edited by evilfantasy : 19-04-2008 at 04:40 PM.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #18  
Old 19-04-2008, 05:48 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

i fixed the mbam after u told me to all 27 gone
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #19  
Old 19-04-2008, 06:34 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is online now
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 10:28 PM
Posts: 4,351
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default

friends computer slow

Still need an uninstall list.

Go to add remove programs and uninstall BitTorrent DNA

----------

Open Hijackthis and select Do a system scan only then place a check mark next to

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

Close all windows except for Hijackthis and click Fix checked.

----------

Do you know what this is? O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid

----------

Please download Combofix by sUBs from one of the below links.
(Try all three if necessary)Important! Combofix.exe MUST be saved to and ran from the Desktop.
  • Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting Combofix.
  • Important! Temporarily disable your antivirus, script blocking and any antispyware real time protection before performing a scan.
    • Click <Link hidden. Register for free to see this link!> to see a list of security programs that should be disabled and how to disable them.
    • If yours is not listed and you don't know how to disable it, please ask.
  • Warning: Combofix disconnects your computer from the internet. The connection is automatically restored before Combofix completes its run.
  • Double click combofix.exe & follow the prompts.
    • Choose Yes to accept the Disclaimers.[
  • When finished, it will produce a log for you.
  • Post that log in your next reply.
Warning: Do not mouseclick combofix's window while it is running. That may cause it to stall
  • If Combofix runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your computer.
  • Important: Remember to re-enable your antivirus and antispyware before reconnecting to the Internet.

If needed, see this <Link hidden. Register for free to see this link!> with screenshots that will detail the downloading and running of combofix more thoroughly. Still be sure to rename combofix as detailed above.

----------

Next post add
Combofix log
Uninstall list
__________________
.

Never argue with an idiot. They'll bring you down to their level, then beat you with experience.
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #20  
Old 19-04-2008, 09:58 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

uh ... last time u had me to combofix for his computer he didnt have internet for a week XD
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #21  
Old 19-04-2008, 10:01 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is online now
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 10:28 PM
Posts: 4,351
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default

friends computer slow

I remember, didn't know it was the same computer.

Run this instead and post both logs.

Download Deckard's System Scanner (DSS) from <Link hidden. Register for free to see this link!> or <Link hidden. Register for free to see this link!> to your Desktop.
Note: You must be logged onto an account with administrator privileges.
  • Close all applications and windows.
  • Double-click on dss.exe to run it, and follow the prompts.
  • When the scan is complete, two text files will open
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized
  • Add the contents of main.txt in your post.
  • Also add extra.txt to your post.
What DSS will do:
  • Create a new System Restore point in Windows XP and Vista.
  • Clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  • Check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
__________________
.

Never argue with an idiot. They'll bring you down to their level, then beat you with experience.
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #22  
Old 19-04-2008, 10:02 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

no clue what the peer.exe thing is BUT the bittorrent dna isnt avaiable in add or remove programs
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #23  
Old 19-04-2008, 10:03 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is online now
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 10:28 PM
Posts: 4,351
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default

friends computer slow

Originally Posted by madcows7 View Post
no clue what the peer.exe thing is BUT the bittorrent dna isnt avaiable in add or remove programs
I've requested an uninstall list quite a few times now......
__________________
.

Never argue with an idiot. They'll bring you down to their level, then beat you with experience.
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #24  
Old 19-04-2008, 10:06 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

what unistall list i dont know how to get one im sorry my english sucks
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #25  
Old 19-04-2008, 10:15 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is online now
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 10:28 PM
Posts: 4,351
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default

friends computer slow

You need to read all of my posts. From <Link hidden. Register for free to see this link!>

Next:
Create An Uninstall List
  • Start HijackThis
  • Click on the Open the Misc Tools section
  • Click on the Open Uninstall Manager button.
  • Click on the Save list button and specify where you would like to save this file and click Save.
    • When you press Save button a notepad will open with the contents of that file.
  • Copy and paste that list in your reply.
__________________
.

Never argue with an idiot. They'll bring you down to their level, then beat you with experience.
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #26  
Old 19-04-2008, 10:20 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

.sol Editor 1.1.0.1
010 Editor 2.1.3
A Speeder (remove only)
AC3Filter (remove only)
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AGEIA PhysX v7.07.24
Ahead Nero - Burning Rom
Anarchy Online Classic Edition
Apple Software Update
Audacity 1.2.6
AutoHotkey 1.0.47.06
avast! Antivirus
AVI DVD Burner 2008 ver 3.90
AviSynth 2.5
BannedStory
BannedStory 3.0
Battle Realms
BattlePets
Bookworm Adventures Deluxe
Bookworm Adventures Deluxe 1.0
Bots
Bridge Building Game
Bridge Construction Set
Bridge Construction Set Demo 1.37
Broadcom 440x 10/100 Integrated Controller
C21
CABAL Online
Cain & Abel v4.9.10
CCleaner (remove only)
Cheat Engine 5.3
Counter-Strike: Source
Creative MediaSource 5
Darkeden
dBpowerAMP Music Converter
DominateGame 20050929 (dominate)
Don't Get Angry 2
Download Manager 2.3.6
Dragonball Source
Drug Wars
Dungeon Siege Demo
DVD Flick
DVD Shrink 3.2
DX-Ball 1.09
Earth's Special Forces
Easy Macro Recorder 3.65
FATE
Feeding Frenzy® 2: Shipwreck Showdown
FlyFF Resource Manager
Fraps
Frets On Fire
Game Console - WildGames
GamePark
GameSpy Arcade
GameTap
Garry's Mod
Geneforge 2
GhostOnline
Ghoul Hunter 1.0
Gladiator 1.01
GoldWave v5.20
GoToAssist 8.0.0.480
GPGNet
Half-Life 2
Half-Life 2: Lost Coast
HashTab 1.14 for x32
Helbreath USA
HijackThis 2.0.2
HybridCO
IGZ Lobby System
Insaniquarium Deluxe 1.1
Java 2 Runtime Environment, SE v1.4.2_03
Java 2 Runtime Environment, SE v1.4.2_15
Java(TM) 6 Update 2
Java(TM) 6 Update 3
KalOnlineEng
Kaspersky Online Scanner
LastChaos
Legend Of Mir 3
LimeWire 4.14.10
Lineage II
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Lu-Tze CFZ Compiler
Malwarebytes' Anti-Malware
MapleStory
Mega Manager
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Age of Empires II Trial Version
Microsoft Office Excel Viewer 2003
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft Virtual PC 2007
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Mount&Blade
Mozilla Firefox (2.0.0.11)
MP3/WAV/OGG/WMA/AC3 to CD Burner 1.2.20
Mu Gods
MySQL Maestro 7.6
MySQL Server 5.0
NVIDIA Drivers
OpenAL
PC Inspector File Recovery
Pcsx2 0.9.2 Watermoose
PDF Settings
Perfect Macro Recorder 1.50
Plant Tycoon
Pokemon PC 2.0
POKéMON Simulator 4.5
Pontifex Demo 10.19.01
Pontifex II
Portal
PremiumSoft Navicat 8.0 for MySQL
Proxifier version 2.6
PURGE Offline SPECIAL EDITION 1.0 (R3)
Qonquer Online Client 4351
QuickTime
Ragnarok Online
Ragnarok Sakray
Rakion International
RaySource 2.0.10.7348
RealPlayer
RF Online Episode 2
Rhapsody Player Engine
Rise and Fall
Robot Arena 2
Rumble Fighter
RYL Client ver 553
Savage
Shadowbane - Throne of Oblivion
Sierra On-Line Games (Remove only)
SmartFTP Client
SmartFTP Client 2.5 Setup Files (remove only)
Sound Blaster X-Fi
Source Dedicated Server
Source SDK Base
SpeedConnect Internet Accelerator v.7.0
SpeedFan (remove only)
SQLyog Community 6.16
Star Wars Battlefront
Starcraft Shareware(ED)
Steam
SUPERAntiSpyware Free Edition
Supreme Commander
SWAT 4
System Requirements Lab
TeamSpeak 2 RC2
The Universal 0.51.9
Tibia
Tibia MULTI-ip changer
Trials Construction Yard (remove only)
Trickster Online
UltimatePatch Setup
VC Runtimes MSI
VMware Workstation
WampServer 2.0
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
WinRAR archiver
Wolfenstein - Enemy Territory
WolfTeam International
WYDGLOBAL (remove only)
Xvid 1.1.3 final uninstall
Yahoo! Install Manager
Yahoo! Internet Mail
ZeroOnline
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #27  
Old 19-04-2008, 10:24 PM
No Avatar
CJ Member
 
madcows7 is offline
 
Join Date: Feb 2008
Last Online: Today 01:42 AM
Posts: 78
iTrader: (0)
madcows7 is on a distinguished road
Default

friends computer slow

here is dss logs
Deckard's System Scanner v20071014.68
Run by Mark JR on 2008-04-19 18:12:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
8: 2008-04-19 22:09:29 UTC - RP457 - test for dss
7: 2008-04-19 15:16:56 UTC - RP456 - Scheduled Checkpoint
6: 2008-04-18 22:54:15 UTC - RP455 - Installed SUPERAntiSpyware Free Edition
5: 2008-04-17 22:14:01 UTC - RP454 - Device Driver Package Install: Creative Sound, video and game controllers
4: 2008-04-17 21:23:37 UTC - RP452 - Configured Creative MediaSource 5


-- First Restore Point --
1: 2008-04-17 20:05:36 UTC - RP449 - test


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Mark JR.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:20:16 PM, on 4/19/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\CtHelper.exe
C:\Windows\System32\CTXFIHLP.EXE
C:\Users\Mark JR\Program Files\DNA\btdna.exe
C:\Windows\System32\CTXFISPI.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Mark JR\Desktop\dss.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Mark JR.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <Link hidden. Register for free to see this link!>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <Link hidden. Register for free to see this link!>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <Link hidden. Register for free to see this link!>
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <Link hidden. Register for free to see this link!>
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 72.233.61.2 L2authd.lineage2.com
O1 - Hosts: 72.233.61.2 L2testauthd.lineage2.com
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Mark JR\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - <Link hidden. Register for free to see this link!>
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - <Link hidden. Register for free to see this link!>
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - <Link hidden. Register for free to see this link!>
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - <Link hidden. Register for free to see this link!>
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - <Link hidden. Register for free to see this link!>
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - <Link hidden. Register for free to see this link!>
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - <Link hidden. Register for free to see this link!>
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - <Link hidden. Register for free to see this link!>
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - Unknown owner - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

--
End of file - 9649 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080419-180715-444 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20080419-180715-474 O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
backup-20080419-180715-813 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080419-180715-830 O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 npkcrypt - \??\c:\users\mark jr\desktop\odinms\gms\npkcrypt.sys
R3 kbdcap - c:\windows\system32\drivers\kbdcap.sys
R3 npkcusb - \??\c:\odinms\odinms\npkcusb.sys
R3 SASENUM - \??\c:\program files\superantispyware\sasenum.sys

S3 CEDRIVER53 - \??\c:\program files\cheat engine\dbk32.sys
S3 NPPTNT2 - \??\c:\windows\system32\npptnt2.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S2 MySQL - "c:\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\mysql\mysql server 5.0\my.ini" mysql (file missing)
S2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe (file missing)
S2 vmount2 (VMware Virtual Mount Manager Extended) - "c:\program files\common files\vmware\vmware virtual image editing\vmount2.exe" (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 ufad-ws60 (VMware Agent Service) - "c:\program files\vmware\vmware workstation\vmware-ufad.exe" -d "c:\program files\vmware\vmware workstation\\" -s ufad-p2v.xml (file missing)
S3 wampapache - "c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
S3 wampmysqld - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe wampmysqld


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: SCSI/RAID Host Controller
Device ID: ACPI\PNPA000\4&5D18F2DF&1
Manufacturer: (Standard mass storage controllers)
Name: SCSI/RAID Host Controller
PNP Device ID: ACPI\PNPA000\4&5D18F2DF&1
Service: a6hnlfh4

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter


-- Files created between 2008-03-19 and 2008-04-19 -----------------------------

2008-04-18 20:35:00 0 d-------- C:\Program Files\Windows Live Safety Center
2008-04-18 19:35:59 0 d-------- C:\Users\All Users\Malwarebytes
2008-04-18 19:35:57 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-18 18:56:28 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-04-18 18:54:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-17 17:25:49 25088 -----n--- C:\Windows\system32\CTSVCCTL.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>
2008-04-17 17:25:49 44032 -----n--- C:\Windows\system32\CTSVCCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2008-04-17 17:19:41 10240 --a------ C:\Windows\CTDCRES.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-04-17 15:40:37 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-17 15:32:51 0 d-------- C:\Program Files\AviDvdBurner
2008-04-16 22:10:04 0 d-------- C:\Program Files\AviSynth 2.5
2008-04-16 22:08:49 0 d-------- C:\Program Files\AC3Filter
2008-04-16 22:08:41 0 d-------- C:\Program Files\Easy RealMedia Tools
2008-04-16 22:00:25 0 d-------- C:\Users\All Users\DVD Shrink
2008-04-16 22:00:21 0 d-------- C:\Program Files\DVD Shrink
2008-04-15 19:55:34 0 d-------- C:\Windows\PCHEALTH
2008-04-15 19:55:34 0 d-------- C:\Program Files\MSN Messenger
2008-04-15 16:07:48 0 d-------- C:\AeriaGames
2008-04-14 11:35:07 0 d-------- C:\Program Files\SuperScan
2008-04-13 18:37:01 0 d-------- C:\Nexon
2008-04-12 21:11:08 0 d-------- C:\Program Files\CBS Software
2008-04-12 20:59:05 0 d-------- C:\Users\All Users\PCPitstop
2008-04-12 20:58:36 0 d-------- C:\Program Files\PCPitstop
2008-04-12 19:33:11 0 d-------- C:\Program Files\Liquid Entertainment
2008-04-12 16:22:36 0 d-------- C:\Program Files\uTorrent
2008-04-12 15:42:55 0 d-------- C:\Program Files\IDoser v4
2008-04-01 17:11:37 118784 --a------ C:\Windows\system32\msstdfmt.dll <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-03-29 20:26:58 0 d-------- C:\Program Files\SpeedFan
2008-03-29 17:22:55 0 d-------- C:\Windows\ShellNew
2008-03-29 17:22:53 0 d-------- C:\Program Files\AutoHotkey
2008-03-25 17:10:57 0 d-------- C:\Program Files\Common Files\xing shared
2008-03-24 17:47:21 0 d-------- C:\wamp
2008-03-24 16:42:17 0 d-------- C:\Program Files\FileZilla FTP Client
2008-03-23 15:42:22 0 d-------- C:\Program Files\MySQL
2008-03-20 21:01:15 0 d-------- C:\tibia 8.1
2008-03-20 13:55:49 0 d-------- C:\Program Files\Asprate
2008-03-20 13:54:02 0 d-------- C:\Tibia
2008-03-20 13:49:33 0 d-------- C:\tibia client 7.92
2008-03-20 13:30:58 0 d-------- C:\tibia v8.1
2008-03-20 12:31:55 0 d-------- C:\Program Files\Tibia
2008-03-19 15:41:54 0 d-------- C:\Users\All Users\Citrix
2008-03-19 15:41:00 0 d-------- C:\Program Files\Citrix
2008-03-19 15:17:16 0 d-------- C:\Program Files\Broadcom


-- Find3M Report ---------------------------------------------------------------

2008-04-19 18:16:46 0 d-------- C:\Users\Mark JR\AppData\Roaming\DNA
2008-04-19 13:54:40 0 d-------- C:\Program Files\OGPlanet
2008-04-19 10:16:23 0 d-------- C:\Program Files\Steam
2008-04-18 19:39:19 0 d-------- C:\Program Files\Common Files
2008-04-18 19:36:12 0 d-------- C:\Users\Mark JR\AppData\Roaming\Malwarebytes
2008-04-18 18:54:42 0 d-------- C:\Users\Mark JR\AppData\Roaming\SUPERAntiSpyware.com
2008-04-18 18:53:59 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-17 18:11:31 0 d-------- C:\Program Files\Ahead
2008-04-17 17:27:49 0 d--h----- C:\Program Files\Creative Installation Information
2008-04-17 17:20:21 409600 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-04-17 17:20:21 114688 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2008-04-17 17:20:13 0 d-------- C:\Users\Mark JR\AppData\Roaming\Creative
2008-04-17 16:08:32 0 d-------- C:\Users\Mark JR\AppData\Roaming\uTorrent
2008-04-17 15:33:12 0 d-------- C:\Program Files\Xvid
2008-04-15 16:07:42 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-13 16:43:15 0 d-------- C:\Program Files\Windows Mail
2008-04-12 23:22:21 0 d-------- C:\Users\Mark JR\AppData\Roaming\BitTorrent
2008-04-02 15:22:51 0 d-------- C:\Program Files\Common Files\Steam
2008-03-25 20:37:16 0 d-------- C:\Users\Mark JR\AppData\Roaming\FileZilla
2008-03-25 17:10:47 0 d-------- C:\Program Files\Common Files\Real
2008-03-23 16:40:55 0 d-------- C:\Users\Mark JR\AppData\Roaming\SQLyog
2008-03-20 16:03:41 0 d-------- C:\Users\Mark JR\AppData\Roaming\Tibia
2008-03-17 16:21:48 0 d-------- C:\Program Files\Starcraft Shareware(ED)
2008-03-16 15:58:33 0 d-------- C:\Program Files\PremiumSoft
2008-03-15 21:42:14 0 d-------- C:\Program Files\SQLyog Community
2008-03-15 20:37:03 0 d-------- C:\Program Files\SQL Maestro Group
2008-03-15 20:37:03 0 d-------- C:\Program Files\Common Files\SQL Maestro Group
2008-03-14 23:27:03 0 d-------- C:\Users\Mark JR\AppData\Roaming\SmartFTP
2008-03-14 23:26:07 0 d-------- C:\Program Files\SmartFTP Client
2008-03-14 23:24:46 0 d-------- C:\Program Files\SmartFTP Client 2.5 Setup Files
2008-03-14 20:18:46 0 d-------- C:\Program Files\HybridCO
2008-03-14 16:47:16 0 d-------- C:\Program Files\MP3 WAV OGG WMA AC3 to CD Burner
2008-03-14 16:32:51 0 d-------- C:\Program Files\Blaze Media Pro
2008-03-13 19:20:40 0 d-------- C:\Program Files\Trials Construction Yard
2008-03-13 19:20:10 0 d-------- C:\Program Files\Java
2008-03-12 17:45:19 0 d-------- C:\Program Files\ZeroOnline
2008-03-09 19:38:02 0 d-------- C:\Program Files\SystemRequirementsLab
2008-03-07 17:50:02 0 d-------- C:\Program Files\Dell
2008-03-07 14:06:36 0 d-------- C:\Users\Mark JR\AppData\Roaming\IGN_DLM<