Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop Slowdown ~ Potentially Bad Files


  • This topic is locked This topic is locked
2 replies to this topic

#1 finewines

finewines

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 10 March 2007 - 03:22 PM

My laptop has been slowing down and not running right. A couple of weeks a go I noticed my firewall was turned off and that there was strange file in the advanced settings of my firewall and . I didn't think much of it after I deleted it since I have AVG on my machine and Mcafee as well but ... If anyone could take a look I would really appreciate it since I am at a total loss at this point. I ran the comboscan and here is the result of my scan.

Thanks in advance.

Kimberly



ComboScan v20070306.20 run by kimberly ford on 2007-03-10 at 14:51:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as kimberly ford.exe) ---------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 2:51:58 PM, on 3/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\SiteAdvisor\6028\SAService.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Documents and Settings\kimberly ford\Desktop\bleeping\comboscan.exe
C:\DOCUME~1\KIMBER~1\MYDOCU~1\download\KIMBER~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware Pro\AAW2007AW.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [RegRun WinBait] C:\WINDOWS\winbait.exe
O4 - HKLM\..\Run: [@RegRunOnSecure] C:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Regrun2] C:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
O4 - HKCU\..\Run: [Registry] "C:\Program Files\Greatis\RegRunSuite\lsoon.exe" -1 30 "C:\Program Files\Greatis\RegRunSuite\rescue.exe" /a "c:\backreg\rstore.ini"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,9...pdatePortal.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0202181173534704) (0202181173534704mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\020218~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe


-- Files created between 2007-02-10 and 2007-03-10 -----------------------------

2007-03-10 12:40:43 0 d-------- C:\Program Files\Safer Networking<SAFERN~1>
2007-03-10 02:05:18 22016 --a------ C:\WINDOWS\system32\Partizan.exe
2007-03-10 01:50:46 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Regrun
2007-03-10 01:50:46 0 d-------- C:\backreg
2007-03-10 01:50:06 8944 --a------ C:\WINDOWS\system32\drivers\UnHackMeDrv.sys<UNHACK~1.SYS>
2007-03-10 01:49:55 25773 --a------ C:\WINDOWS\system32\drivers\regguard.sys
2007-03-10 01:49:54 2 -rahs-o-t C:\WINDOWS\winstart.bat
2007-03-10 01:41:47 16384 --a------ C:\WINDOWS\WinBait.exe
2007-03-10 01:41:47 438272 --a------ C:\WINDOWS\RunGuard.exe
2007-03-10 01:41:44 0 d-------- C:\Program Files\Greatis
2007-03-09 21:48:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-03-09 21:29:45 0 d-------- C:\ERDNT
2007-03-09 20:32:00 0 d-------- C:\Program Files\Windows Defender<WIFD1F~1>
2007-03-09 20:04:55 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-03-07 19:38:32 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2007-03-07 19:38:31 19392 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2007-03-05 22:38:54 5632 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-02-23 14:15:26 47 --a------ C:\WINDOWS\readdoc.cmd
2007-02-21 14:55:49 0 dr-h----- C:\MSOCache
2007-02-21 14:22:27 0 d-------- C:\sql2ksp3
2007-02-21 11:04:16 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2007-02-20 22:19:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2007-02-20 22:17:18 0 d-------- C:\Program Files\Logitech
2007-02-20 22:07:51 255848 --a------ C:\WINDOWS\system32\xactengine2_6.dll<XA3066~1.DLL>
2007-02-20 22:07:50 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll<XA3C56~1.DLL>
2007-02-20 22:07:49 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-02-19 22:28:11 199448 --a------ C:\WINDOWS\system32\LCCoin13.dll
2007-02-19 22:28:05 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-02-19 22:24:58 0 d-------- C:\WINDOWS\system32\drivers\umdf
2007-02-19 22:23:57 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll<XINPUT~4.DLL>
2007-02-19 22:23:57 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll<XA3856~1.DLL>
2007-02-19 22:23:57 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll<X3DAUD~2.DLL>
2007-02-19 22:23:56 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll<XINPUT~3.DLL>
2007-02-19 22:23:56 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll<XACTEN~4.DLL>
2007-02-19 22:23:56 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-02-19 19:15:55 78464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2007-02-18 00:27:41 0 d-------- C:\Program Files\Common Files\Skype
2007-02-17 21:49:50 0 d-------- C:\943272a4f4eec594af7dad5f63<943272~1>
2007-02-17 21:38:06 0 d-------- C:\WINDOWS\system32\windows media<WINDOW~1>
2007-02-17 21:37:58 0 d--h----- C:\WINDOWS\msdownld.tmp
2007-02-17 21:37:54 0 d-------- C:\Program Files\Windows Media Components<WI15DA~1>
2007-02-17 21:12:50 348160 --a------ C:\WINDOWS\system\msvcr71.dll
2007-02-17 21:12:48 0 d-------- C:\Program Files\Common Files\Logitech
2007-02-17 21:11:44 0 d-------- C:\Program Files\Common Files\LogiShrd
2007-02-17 11:46:23 0 d-------- C:\WINDOWS\.file_store_32<FILE_S~1>
2007-02-17 11:02:33 0 d-------- C:\WINDOWS\.jagex_cache_32<JAGEX_~1>
2007-02-16 21:40:59 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-02-16 21:40:50 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-02-16 21:40:47 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-02-16 21:40:44 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-02-16 21:40:41 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-02-16 21:40:38 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-02-16 21:40:36 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-02-16 21:40:27 59264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-02-16 21:40:13 53760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-02-16 21:37:10 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-02-14 18:27:24 0 d-------- C:\WINDOWS\Adobe Illustrator CS<ADOBEI~1>
2007-02-11 15:40:12 0 d-------- C:\Documents and Settings\kimberly ford\ramfree
2007-02-10 22:11:25 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor<SITEAD~1>
2007-02-10 22:11:06 0 d-------- C:\Program Files\SiteAdvisor<SITEAD~1>
2007-02-10 22:11:06 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\SiteAdvisor<SITEAD~1>
2007-02-10 22:11:06 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor<SITEAD~1>
2007-02-10 22:10:19 143360 --a------ C:\WINDOWS\system32\dunzip32.dll
2007-02-10 22:09:44 107608 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
2007-02-10 22:08:43 0 d-------- C:\Program Files\Common Files\McAfee


-- Find3M Report ---------------------------------------------------------------

2007-03-10 08:51:23 0 d-------- C:\Program Files\McAfee
2007-03-10 01:13:45 0 dr-h----- C:\Documents and Settings\kimberly ford\Application Data\yahoo!
2007-03-10 00:55:59 0 d-------- C:\Program Files\Java
2007-03-09 23:57:28 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-03-09 21:48:08 0 d-------- C:\Program Files\Lavasoft
2007-03-09 20:17:05 0 d-------- C:\Program Files\Apoint
2007-03-09 20:16:03 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-03-09 20:16:02 0 d-------- C:\Program Files\Microsoft ActiveSync<MI3AA1~1>
2007-03-09 20:15:10 0 d-------- C:\Program Files\Google
2007-03-09 20:14:51 0 d-------- C:\Program Files\GoogleAFE<GOOGLE~1>
2007-03-09 20:08:58 47784 --a------ C:\Documents and Settings\kimberly ford\Application Data\wklnhst.dat
2007-03-07 19:38:16 0 d-------- C:\Program Files\Grisoft
2007-03-05 18:04:13 0 d---s---- C:\Documents and Settings\kimberly ford\Application Data\Microsoft<MICROS~1>
2007-03-05 17:09:25 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\AdobeUM
2007-02-25 23:44:26 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Adobe
2007-02-22 09:04:27 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\AVG7
2007-02-21 13:08:20 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Help
2007-02-19 21:56:35 0 d-------- C:\Program Files\AIM
2007-02-18 01:34:36 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Skype
2007-02-18 00:27:41 0 d-------- C:\Program Files\Skype
2007-02-14 18:32:31 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-14 18:23:55 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-11 15:45:50 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\LimeWire
2007-02-11 14:56:48 0 d-------- C:\Program Files\McAfee.com
2007-02-06 07:47:52 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-05 15:40:48 1024 --a------ C:\WINDOWS\system32\pdf2word.DAT
2007-01-31 14:38:06 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-01-29 15:58:42 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\.gaim<GAIM~1>
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-19 16:53:53 0 d-------- C:\Program Files\AvantGo
2007-01-19 16:30:17 2508 --a------ C:\Documents and Settings\kimberly ford\Application Data\$_hpcst$.hpc
2007-01-19 16:18:20 0 d-------- C:\Program Files\Garmin
2007-01-18 18:35:23 24575 --a------ C:\WINDOWS\system32\Setwinsyspios.dll<SETWIN~1.DLL>
2007-01-16 21:03:22 0 d-------- C:\Program Files\LimeWire
2007-01-16 18:31:20 0 d-------- C:\Program Files\Common Files\AOL
2007-01-16 01:41:42 71600 --a------ C:\Documents and Settings\kimberly ford\Application Data\GDIPFONTCACHEV1.DAT<GDIPFO~1.DAT>
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-11 14:41:27 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Aim
2007-01-11 14:38:42 0 d-------- C:\Program Files\AIM6
2007-01-11 14:35:45 0 d-------- C:\Documents and Settings\kimberly ford\Application Data\Mozilla
2007-01-11 14:06:41 0 d-------- C:\Program Files\ejabberd-1.1.2<EJABBE~1.2>
2007-01-11 10:34:31 0 d-------- C:\Program Files\Psi
2007-01-10 20:06:49 0 d-------- C:\Program Files\Yahoo!
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-22 11:41:24 323624 --a------ C:\WINDOWS\system32\wiaaut.dll
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 16:52:18 8453632 --a------ C:\WINDOWS\system32\shell32(3).dll<SHELL3~2.DLL>
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"H/PC Connection Agent"="\"C:\\PROGRA~1\\MI3AA1~1\\wcescomm.exe\""
"FreeRAM XP"="\"C:\\Program Files\\YourWare Solutions\\FreeRAM XP Pro\\FreeRAM XP Pro.exe\" -win"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"Regrun2"="C:\\PROGRA~1\\Greatis\\REGRUN~1\\WatchDog.exe"
"Registry"="\"C:\\Program Files\\Greatis\\RegRunSuite\\lsoon.exe\" -1 30 \"C:\\Program Files\\Greatis\\RegRunSuite\\rescue.exe\" /a \"c:\\backreg\\rstore.ini\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"EOUApp"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\EOUWiz.exe\""
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"Synchronization Manager"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,\
73,74,65,6d,33,32,5c,6d,6f,62,73,79,6e,63,2e,65,78,65,20,2f,6c,6f,67,6f,6e,\
00
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"MskAgentexe"="C:\\Program Files\\McAfee\\MSK\\MskAgent.exe"
"SiteAdvisor"="C:\\Program Files\\SiteAdvisor\\6028\\SiteAdv.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"Ad-Watch"="C:\\Program Files\\Lavasoft\\Ad-Aware Pro\\AAW2007AW.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"RegRun WinBait"="C:\\WINDOWS\\winbait.exe"
"@RegRunOnSecure"="C:\\PROGRA~1\\Greatis\\REGRUN~1\\OnSecure.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\0]
"Operation"=dword:00000001
"Target"="\\??\\C:\\DOCUME~1\\KIMBER~1\\LOCALS~1\\Temp\\~nsu.tmp\\Au_.exe"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\1]
"Operation"=dword:00000001
"Target"="\\??\\C:\\PROGRA~1\\Yahoo!\\Common\\ymmapi.dll"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\10]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\data1.cab"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\11]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\setup.exe"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\12]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\setup.exe"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\13]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\14]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\15]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\16]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DLA\\DLASHX_W.DLL"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\17]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\18]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\19]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\2]
"Operation"=dword:00000001
"Target"="\\??\\C:\\DOCUME~1\\KIMBER~1\\LOCALS~1\\Temp\\GLB1A2B.EXE"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\20]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\21]
"Operation"=dword:00000001
"Target"="C:\\WINDOWS\\SYSTEM32\\DRIVERS\\LVPR2MON.SYS"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\3]
"Operation"=dword:00000001
"Target"="\\??\\C:\\PROGRA~1\\Yahoo!\\Common\\ylogin.dll"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\4]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Config.Msi\\34b3ad.rbf"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\5]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Config.Msi\\34b3ae.rbf"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\6]
"Operation"=dword:00000001
"Target"="\\??\\C:\\WINDOWS\\twain_32\\LogiVid"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\7]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\data1.cab"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\8]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\setup.exe"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\9]
"Operation"=dword:00000001
"Target"="\\??\\C:\\Program Files\\Common Files\\Logitech\\QCDRV\\BIN\\"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
"Flags"=dword:00000080
"Title"="RegRun II Secure Start"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\@Regrun2]
@="RegRun II Secure Start"
"1"="C:\\PROGRA~1\\Greatis\\REGRUN~1\\regrun2.exe /w"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\McAgent.exe"
"_AntiSpyware"="C:\\Program Files\\McAfee\\McAfee AntiSpyware\\MssCli.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{F552DDE6-2090-4bf4-B924-6141E87789A5}"="RegRun Script Checker Shell Hook DLL"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
Shell\AutoRun\command E:\setup.exe
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_0202181173534704MCINSTCLEANUP


-- End of ComboScan: finished at 2007-03-10 at 14:52:32 ------------------------

BC AdBot (Login to Remove)

 


m

#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:08:25 AM

Posted 11 March 2007 - 06:23 AM

Hi,

The reason why your laptop is so slowly is not because of malware, but because you exaggerate with all the Security tools being installed and running in the background.

I notice from your log that you are running more than one different Anti-Virus programs with Auto-protect enabled. McAfee and AVG
Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!
The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.
Also because more than one Antivirus and Firewall installed are not compatible with eachother, it can cause system performance problems and a serious system slowdown.

I would strongly advise you to only have one Anti-Virus with the Auto-Protect feature running at any one time!
If you decide to only keep one Anti-Virus installed,
you should uninstall the other(s) through the Add or Remove Programs option in Control Panel.

I also see you have RegRun installed... and having Adwatch and Windows Defender running in the background. Regrun and Adwatch are both doing the same, watches over the registry and every change and block it. They are just interfering with eachother.
I also see you blocked legit entries with Regrun. If you're not sure how to use a tool and are not sure what to allow and what to block, I recommend you uninstall it, this to prevent problems.
Please don't overdo with security related tools, because it causes an extra slowdown.

Also read here: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:08:25 AM

Posted 21 March 2007 - 04:34 AM

Since there is no feedback anymore, I assume this issue is resolved ... so, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users