Jump to content


Photo

HELP!!


  • This topic is locked This topic is locked
15 replies to this topic

#1 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 27 May 2007 - 01:02 PM

Hey guys just wondering if you could analyse this. One morning I woke up and my charger for my laptop was not working and my laptop was going very slow. It stil goes very slow.

This is my HiJack This log.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:55:05, on 27/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Craig H\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.c...://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 9965 bytes

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 30 May 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 03 June 2007 - 08:42 AM

Hi,

Noting suspicious was found on your log.

Take a look at this page created by miekiemoes, one of the Global Moderators here, on slow systems, and some things you can try to do to try to improve it:
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

You may be interested in scanning your computer with this tool.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found: Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply. You can use Notepad to open the DrWeb.cvs report.


Include a fresh HijackThis log for review.

Let me know what problem persist.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 07 June 2007 - 01:05 PM

I tried the CureIT thing and it found nothing and wouldn't let me save a logfile. My Laptop is slow. Forgot to state last time that my charger had broken at the time the laptop started going slow. Please do what you can. Thanks for the help.

Here is my new HiJack this logfile.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:02:56, on 07/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Craig H\Desktop\drweb-cureit.exe
C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX0\_start.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Craig H\Desktop\Desktop Icons\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 9663 bytes

#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 07 June 2007 - 07:08 PM

Download this file - combofix.exe

and save it to your desktop (Important). Also save the below command in Notepad as a text file so that you can copy/paste in safe mode.

"%userprofile%\desktop\combofix.exe"

Boot into safe mode by tapping the F8 key just before Windows starts to load.

go to start --> run and copy/paste in the following:

"%userprofile%\desktop\combofix.exe"

When finished, it shall produce a log for you. Save it and post that log in your next reply.

Note:

Do not mouseclick combofix's window whilst it's running. That may cause it to stall

In your next post, please include
  • new hijackthis log
  • combofix log
*use separate posts to ensure the logs don't get cut off!


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 09 June 2007 - 01:46 PM

"Craig H" - 2007-06-09 19:38:37 Service Pack 2
ComboFix 07-05.27.V - Running from: "C:\Documents and Settings\Craig H\Desktop\Desktop Icons\"


((((((((((((((((((((((((((((((( Files Created from 2007-05-09 to 2007-06-09 ))))))))))))))))))))))))))))))))))


2007-06-07 16:51 <DIR> d-------- C:\WINDOWS\pss
2007-06-07 16:41 <DIR> d-------- C:\Documents and Settings\CRAIGH~2\DoctorWeb
2007-06-07 16:41 <DIR> d-------- C:\DOCUME~1\CRAIGH~2\DoctorWeb
2007-06-02 20:45 <DIR> d-------- C:\Program Files\iPod
2007-06-02 20:44 <DIR> d-------- C:\Program Files\iTunes
2007-06-02 19:16 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-06-02 19:16 <DIR> d-------- C:\DOCUME~1\CRAIGH~2\APPLIC~1\Comodo
2007-06-02 19:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-06-02 19:11 <DIR> d-------- C:\Program Files\Comodo
2007-06-02 18:45 2,944 --a------ C:\WINDOWS\system32\mbmiodrvr.sys
2007-06-02 18:45 <DIR> d-------- C:\Program Files\Motherboard Monitor 5
2007-05-29 12:42 <DIR> d-------- C:\DOCUME~1\CRAIGH~2\APPLIC~1\Ahead
2007-05-29 12:30 <DIR> d-------- C:\Program Files\Nero
2007-05-29 12:30 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-05-29 12:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-05-29 12:02 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-05-28 12:11 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-05-15 16:49 <DIR> d-------- C:\DOCUME~1\CRAIGH~2\APPLIC~1\WinRAR
2007-05-15 16:32 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-05-15 16:32 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-05-15 16:32 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-05-15 16:32 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-05-15 16:32 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-05-15 16:32 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-05-15 16:32 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-05-15 16:32 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-05-15 16:32 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-05-15 16:31 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-05-15 16:13 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-05-14 13:21 <DIR> d--hs---- C:\RECYCLER
2007-05-10 16:47 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-02 19:38:18 -------- d-----w C:\Program Files\QuickTime
2007-05-29 12:40:18 -------- d-----w C:\Program Files\MSN Messenger
2007-05-29 12:01:04 -------- d-----w C:\Program Files\Common Files\LightScribe
2007-05-24 08:07:19 -------- d-----w C:\DOCUME~1\CRAIGH~2\APPLIC~1\FrostWire
2007-05-15 15:34:27 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-05-15 15:31:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-14 11:36:38 12 ----a-w C:\WINDOWS\bthservsdp.dat
2007-05-07 13:15:30 -------- d-----w C:\Program Files\MSXML 6.0
2007-05-07 13:11:14 -------- d-----w C:\Program Files\Reference Assemblies
2007-05-05 18:37:32 -------- d-----w C:\Program Files\directx
2007-05-05 18:37:18 -------- d-----w C:\Program Files\VGA USB Camera
2007-04-26 15:16:22 1,423 ----a-w C:\WINDOWS\mozver.dat
2007-04-22 14:03:06 -------- d-----w C:\DOCUME~1\CRAIGH~2\APPLIC~1\TVU Networks
2007-04-19 20:48:36 -------- d-----w C:\Program Files\Common Files\xing shared
2007-04-19 20:48:20 -------- d-----w C:\Program Files\Common Files\Real
2007-04-19 20:48:18 -------- d-----w C:\Program Files\Real
2007-04-19 20:48:00 -------- d-----w C:\DOCUME~1\CRAIGH~2\APPLIC~1\Real
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-09 11:34:32 81,920 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2007-03-23 05:07:56 1,683,280 ----a-w C:\WINDOWS\system32\XpsSvcs.dll
2007-03-23 05:07:54 583,504 ----a-w C:\WINDOWS\system32\XPSSHHDR.dll
2007-03-22 19:25:02 124,928 ----a-w C:\WINDOWS\system32\prntvpt.dll
2007-03-17 13:43:02 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-15 16:52:06 51,716 ----a-w C:\WINDOWS\system32\pdf995mon.dll
2007-03-15 16:52:06 122,880 ----a-w C:\WINDOWS\system32\pdfmona.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 00:48]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 12:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 C:\WINDOWS\system32\bthprops.cpl]
"LaunchApp"="Alaunch" []
"SkyTel"="SkyTel.EXE" []
"Alcmtr"="ALCMTR.EXE" []
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50]
"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 15:47]
"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-04-20 22:30]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-19 21:48]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-06-02 19:11]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-05-26 12:45]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 19:04]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00]
"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe" [2004-10-13 16:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2006-09-28 14:13]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

*Newly Created Service* -INT15.SYS

Contents of the 'Scheduled Tasks' folder
2007-05-11 20:49:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

********************************************************************

catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-09 19:42:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]


[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001105-0000-1000-8000-00805f9b34fb}]


[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]


Completion time: 2007-06-09 19:44:15
C:\ComboFix-quarantined-files.txt ... 2007-06-09 19:44

--- E O F ---

#7 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 09 June 2007 - 01:47 PM

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:46:46, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Craig H\Desktop\Desktop Icons\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 9646 bytes

#8 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 09 June 2007 - 01:55 PM

I've just been looking through my computer and finally found the CureIt Log.

=============================================================================
Dr.Web® Scanner for Windows v4.33.2 (4.33.2.10067)
Copyright © Igor Daniloff, 1992-2006
Log generated on: 2007-06-07, 16:41:54 [CRAIG][Craig H]
Command-line: "C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Professional x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.5.10110)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crwtoday.cdb - 3239 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43390.cdb - 2323 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43389.cdb - 1300 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43387.cdb - 1529 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43388.cdb - 2421 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43386.cdb - 1303 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43385.cdb - 1396 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43384.cdb - 2530 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43383.cdb - 3927 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43382.cdb - 1811 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43381.cdb - 1262 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43380.cdb - 906 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43379.cdb - 1485 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43378.cdb - 2545 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43377.cdb - 1031 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43376.cdb - 1390 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43375.cdb - 1633 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43374.cdb - 2090 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43373.cdb - 1252 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43372.cdb - 1289 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43371.cdb - 2370 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43370.cdb - 2022 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43369.cdb - 687 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43368.cdb - 1099 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43367.cdb - 1834 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43366.cdb - 4015 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43365.cdb - 1342 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43364.cdb - 1335 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43363.cdb - 1152 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43362.cdb - 1006 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43361.cdb - 878 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43360.cdb - 988 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43359.cdb - 1205 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43358.cdb - 1139 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43357.cdb - 1302 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43356.cdb - 1332 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43355.cdb - 2456 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43354.cdb - 1283 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43353.cdb - 795 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43352.cdb - 2016 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43351.cdb - 941 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43350.cdb - 1020 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43349.cdb - 1008 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43348.cdb - 1096 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43346.cdb - 1428 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwrtoday.cdb - 572 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwntoday.cdb - 206 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43309.cdb - 774 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43308.cdb - 838 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43307.cdb - 854 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43306.cdb - 781 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43305.cdb - 752 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43304.cdb - 793 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cwn43301.cdb - 772 virus records
[Virus base] C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\crwnasty.cdb - 4867 virus records
Total virus records: 209705
Key file: C:\DOCUME~1\CRAIGH~2\LOCALS~1\Temp\RarSFX1\cureit.key
License key number: 0010092936
Registered to: Dr.Web CureIt Project
License key activates: 2007-02-05
License key expires: 2010-02-11

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] c:\acer\empowering technology\admserv.exe
[Scan path] c:\acer\empowering technology\admtray.exe
[Scan path] c:\acer\empowering technology\edatasecurity\edsloader.exe
[Scan path] c:\acer\empowering technology\epower\acer epower management.exe
[Scan path] c:\acer\empowering technology\epower\epower_dmc.exe
[Scan path] c:\acer\empowering technology\erecovery\int15.sys
[Scan path] c:\acer\empowering technology\erecovery\monitor.exe
[Scan path] c:\documents and settings\all users\start menu\programs\startup\desktop.ini
[Scan path] c:\documents and settings\craig h\desktop\drweb-cureit.exe
[Scan path] c:\documents and settings\craig h\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\craig h\local settings\temp\rarsfx1\_start.exe
[Scan path] c:\documents and settings\craig h\local settings\temp\rarsfx1\cureit.exe
[Scan path] c:\documents and settings\craig h\start menu\programs\startup\desktop.ini
[Scan path] c:\program files\acer\orbicam\cameraassistant.exe
[Scan path] c:\program files\acer\orbicam\installhelper.exe
[Scan path] c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
[Scan path] c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
[Scan path] c:\program files\adobe\acrobat 7.0\reader\adobeupdatemanager.exe
[Scan path] c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
[Scan path] c:\program files\common files\ahead\lib\nerocheck.exe
[Scan path] c:\program files\common files\ahead\lib\nerodigitalext.dll
[Scan path] c:\program files\common files\ahead\lib\nmbgmonitor.exe
[Scan path] c:\program files\common files\ahead\lib\nmindexstoresvr.exe
[Scan path] c:\program files\common files\lightscribe\lssrvc.exe
[Scan path] c:\program files\common files\logitech\lvmvfm\lvprcsrv.exe
[Scan path] c:\program files\common files\microsoft shared\help\hxds.dll
[Scan path] c:\program files\common files\microsoft shared\office12\msoshext.dll
[Scan path] c:\program files\common files\microsoft shared\office12\msoxmlmf.dll
[Scan path] c:\program files\common files\microsoft shared\office12\odserv.exe
[Scan path] c:\program files\common files\microsoft shared\source engine\ose.exe
[Scan path] c:\program files\common files\microsoft shared\web folders\msonsext.dll
[Scan path] c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
[Scan path] c:\program files\common files\real\update_ob\realsched.exe
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\comodo\firewall\cmdagent.exe
[Scan path] c:\program files\comodo\firewall\cpf.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\grisoft\avg free\avgamsvr.exe
[Scan path] c:\program files\grisoft\avg free\avgcc.exe
[Scan path] c:\program files\grisoft\avg free\avgemc.exe
[Scan path] c:\program files\grisoft\avg free\avgse.dll
[Scan path] c:\program files\grisoft\avg free\avgupsvc.exe
[Scan path] c:\program files\grisoft\avg free\avgw.exe
[Scan path] c:\program files\intel\wireless\bin\evteng.exe
[Scan path] c:\program files\intel\wireless\bin\regsrvc.exe
[Scan path] c:\program files\intel\wireless\bin\s24evmon.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\itunes\itunes.exe
[Scan path] c:\program files\itunes\ituneshelper.exe
[Scan path] c:\program files\itunes\itunesminiplayer.dll
[Scan path] c:\program files\java\jre1.6.0_01\bin\jusched.exe
[Scan path] c:\program files\java\jre1.6.0_01\bin\ssv.dll
[Scan path] c:\program files\launch manager\lmanager.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\microsoft office\office12\grooveauditservice.exe
[Scan path] c:\program files\microsoft office\office12\groovemonitor.exe
[Scan path] c:\program files\microsoft office\office12\grooveshellextensions.dll
[Scan path] c:\program files\microsoft office\office12\groovesystemservices.dll
[Scan path] c:\program files\microsoft office\office12\mlshext.dll
[Scan path] c:\program files\microsoft office\office12\msohevi.dll
[Scan path] c:\program files\microsoft office\office12\olkfstub.dll
[Scan path] c:\program files\microsoft office\office12\onfilter.dll
[Scan path] c:\program files\mozilla firefox\firefox.exe
[Scan path] c:\program files\msn messenger\fsshext.8.1.0178.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
[Scan path] c:\program files\msn messenger\usnsvc.exe
[Scan path] c:\program files\nero\nero 7\nero backitup\nbservice.exe
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\quicktime\qttask.exe
[Scan path] c:\program files\real\realplayer\rpshell.dll
[Scan path] c:\program files\realtek\installshield\azmixersel.exe
[Scan path] c:\program files\synaptics\syntp\syntpcpl.dll
[Scan path] c:\program files\synaptics\syntp\syntpenh.exe
[Scan path] c:\program files\windows media player\wmpnetwk.exe
[Scan path] c:\program files\winpcap\rpcapd.exe
[Scan path] c:\program files\winrar\rarext.dll
[Scan path] c:\windows\alaunch.exe
[Scan path] c:\windows\alcmtr.exe
[Scan path] c:\windows\ehome\ehrecvr.exe
[Scan path] c:\windows\ehome\ehsched.exe
[Scan path] c:\windows\ehome\mcrdsvc.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe
[Scan path] c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
[Scan path] c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe
[Scan path] c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe
[Scan path] c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\network diagnostic\xpnetdiag.exe
[Scan path] c:\windows\skytel.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\audiodev.dll
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\bthprops.cpl
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfshim.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\abp480n5.sys
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\acpiec.sys
[Scan path] c:\windows\system32\drivers\adpu160m.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\aegisp.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\agp440.sys
[Scan path] c:\windows\system32\drivers\agpcpq.sys
[Scan path] c:\windows\system32\drivers\aha154x.sys
[Scan path] c:\windows\system32\drivers\aic78u2.sys
[Scan path] c:\windows\system32\drivers\aic78xx.sys
[Scan path] c:\windows\system32\drivers\aliide.sys
[Scan path] c:\windows\system32\drivers\alim1541.sys
[Scan path] c:\windows\system32\drivers\amdagp.sys
[Scan path] c:\windows\system32\drivers\amsint.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asc.sys
[Scan path] c:\windows\system32\drivers\asc3350p.sys
[Scan path] c:\windows\system32\drivers\asc3550.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avg7core.sys
[Scan path] c:\windows\system32\drivers\avg7rsw.sys
[Scan path] c:\windows\system32\drivers\avg7rsxp.sys
[Scan path] c:\windows\system32\drivers\avgarcln.sys
[Scan path] c:\windows\system32\drivers\avgarkt.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\avgclean.sys
[Scan path] c:\windows\system32\drivers\avgtdi.sys
[Scan path] c:\windows\system32\drivers\bcm4sbxp.sys
[Scan path] c:\windows\system32\drivers\bridge.sys
[Scan path] c:\windows\system32\drivers\bthenum.sys
[Scan path] c:\windows\system32\drivers\bthmodem.sys
[Scan path] c:\windows\system32\drivers\bthpan.sys
[Scan path] c:\windows\system32\drivers\bthport.sys
[Scan path] c:\windows\system32\drivers\bthusb.sys
[Scan path] c:\windows\system32\drivers\cbidf2k.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cd20xrnt.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\cmbatt.sys
[Scan path] c:\windows\system32\drivers\cmdide.sys
[Scan path] c:\windows\system32\drivers\cmdmon.sys
[Scan path] c:\windows\system32\drivers\compbatt.sys
[Scan path] c:\windows\system32\drivers\cpqarray.sys
[Scan path] c:\windows\system32\drivers\dac2w2k.sys
[Scan path] c:\windows\system32\drivers\dac960nt.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dkbfltr.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\dpti2o.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\ems7sk.sys
[Scan path] c:\windows\system32\drivers\epm-psd.sys
[Scan path] c:\windows\system32\drivers\epm-shd.sys
[Scan path] c:\windows\system32\drivers\esd7sk.sys
[Scan path] c:\windows\system32\drivers\esm7sk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\gmer.sys
[Scan path] c:\windows\system32\drivers\hdaudbus.sys
[Scan path] c:\windows\system32\drivers\hpn.sys
[Scan path] c:\windows\system32\drivers\hsf_cnxt.sys
[Scan path] c:\windows\system32\drivers\hsf_dpv.sys
[Scan path] c:\windows\system32\drivers\hsfhwazl.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i2omp.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\ini910u.sys
[Scan path] c:\windows\system32\drivers\inspect.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irda.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\lv321av.sys
[Scan path] c:\windows\system32\drivers\lvmvdrv.sys
[Scan path] c:\windows\system32\drivers\lvprcmon.sys
[Scan path] c:\windows\system32\drivers\lvusbsta.sys
[Scan path] c:\windows\system32\drivers\mdmxsdk.sys
[Scan path] c:\windows\system32\drivers\mhndrv.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mraid35x.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisfilt.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\netmnt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\ntidrvr.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\osafsloc.sys
[Scan path] c:\windows\system32\drivers\osaio.sys
[Scan path] c:\windows\system32\drivers\osanbm.sys
[Scan path] c:\windows\system32\drivers\ov519vid.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pcmcia.sys
[Scan path] c:\windows\system32\drivers\perc2.sys
[Scan path] c:\windows\system32\drivers\perc2hib.sys
[Scan path] c:\windows\system32\drivers\prisma02.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\ql1080.sys
[Scan path] c:\windows\system32\drivers\ql10wnt.sys
[Scan path] c:\windows\system32\drivers\ql12160.sys
[Scan path] c:\windows\system32\drivers\ql1240.sys
[Scan path] c:\windows\system32\drivers\ql1280.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasirda.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\rdpdr.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rfcomm.sys
[Scan path] c:\windows\system32\drivers\rtkhdaud.sys
[Scan path] c:\windows\system32\drivers\s24trans.sys
[Scan path] c:\windows\system32\drivers\sdbus.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\sisagp.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\smcirda.sys
[Scan path] c:\windows\system32\drivers\sparrow.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\sym_hi.sys
[Scan path] c:\windows\system32\drivers\sym_u3.sys
[Scan path] c:\windows\system32\drivers\symc810.sys
[Scan path] c:\windows\system32\drivers\symc8xx.sys
[Scan path] c:\windows\system32\drivers\syntp.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\toside.sys
[Scan path] c:\windows\system32\drivers\ultra.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbaudio.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaagp.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\w39n51.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wmiacpi.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\drivers\wudfpf.sys
[Scan path] c:\windows\system32\drivers\wudfrd.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\edstoolbar.dll
[Scan path] c:\windows\system32\epm-po.dll
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\fxsmon.dll
[Scan path] c:\windows\system32\fxssvc.exe
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\iedkcs32.dll
[Scan path] c:\windows\system32\ieframe.dll
[Scan path] c:\windows\system32\ieudinit.exe
[Scan path] c:\windows\system32\igfxdev.dll
[Scan path] c:\windows\system32\igfxext.exe
[Scan path] c:\windows\system32\igfxsrvc.exe
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lvcomsx.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mbmiodrvr.sys
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\msonpmon.dll
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\pcandis5.sys
[Scan path] c:\windows\system32\pdf995mon.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setupapi.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\tlntsvr.exe
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\upnpui.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\unsecapp.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wbem\wmiprvse.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wgalogon.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wpdshext.dll
[Scan path] c:\windows\system32\wpdshserviceobj.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\xpsshhdr.dll
[Scan path] c:\windows\system32\zipfldr.dll
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 444
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 1905 Kb/s
Scan time: 00:01:19
-----------------------------------------------------------------------------

[Scan path] D:\
[Scan path] C:\
C:\hiberfil.sys - read error
C:\Documents and Settings\Craig H\NTUSER.DAT - read error
C:\Documents and Settings\Craig H\NTUSER~1.LOG - read error
C:\Documents and Settings\Craig H\Application Data\Mozilla\Firefox\Profiles\bzwuykhw.default\PARENT~1.LOC - read error
C:\Documents and Settings\Craig H\Local Settings\Application Data\Ahead\Nero Home\BLAF65~1.DB- - read error
C:\Documents and Settings\Craig H\Local Settings\Application Data\Ahead\Nero Home\IS2~1.DB- - read error

Edited by craig-h, 10 June 2007 - 04:47 AM.


#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 10 June 2007 - 01:10 PM

Hello,

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE


Click on Fix Checked when finished and exit HijackThis.

Restart the computer normally.

Take a look at this page created by miekiemoes, one of the Global Moderators here, on slow systems, and some things you can try to do to try to improve it:
http://users.telenet...owcomputer.html

Let me know if you see some improvements.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 10 June 2007 - 02:19 PM

I've looked through the website and I had already done eveything and tested my RAM which is fine. The laptop is fairly new as I've only had it since February. I'm not noticing any improvement. Could it be something to do with a power surge since my charger stopped working when the laptop started slowing down.

Thanks for your help. I will put a fresh HiJack this Log on now.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:19:07, on 10/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Craig H\Desktop\Desktop Icons\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 9366 bytes

#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 11 June 2007 - 06:45 AM



Yes the power difficulties my have damaged a file or the registry.



You may have to revert to repairing it.



How to Perform a Windows XP Repair Install

http://www.michaelstevenstech.com/XPrepairinstall.htm


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 11 June 2007 - 01:47 PM

Instead of doing this, would it be a good idea to just use my backup discs, or would that not help it??

#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 11 June 2007 - 03:32 PM

If this all you got do it but before you do save your important data files on a CD.



p.s. did you try to execute the instructions on the page I suggested?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 12 June 2007 - 12:54 PM

Its all been backed up anyway and I had already defragmented twice. Before I swith off my laptop i delete all temporary files.

I don't know if it will work to be honest because I think it's just a power problem.

I still have the guarantee so I may aswell take it back.

Thank you for your help anyway.

#15 craig-h

craig-h

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 12 June 2007 - 01:01 PM

Double post sorry

Edited by craig-h, 12 June 2007 - 01:34 PM.


#16 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 13 June 2007 - 08:44 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button