Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Running Extremely Slow! Pls Help Me :'(


  • This topic is locked This topic is locked
6 replies to this topic

#1 gibby_G

gibby_G

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:25 AM

Posted 02 April 2007 - 09:38 PM

My antivirus (AOL Active Virus Shield) always pops up the alert and asks me to delete the infected files(mostly .dll and .sys files).
Unfortunately, the deleting process is fail. Many files are just skipped. :thumbsup:
Here is the log, please help me. Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 10:34:41 AM, on 4/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\V-Gear LiveShow\LiveShow.exe
C:\WINDOWS\vsnppro.exe
C:\Program Files\Common Files\System\Updaterun.exe
C:\Program Files\Folder Guard XP\FGKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\PROGRA~1\iesnap\navplay.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Chow Chee Ping\Desktop\Spyware Removal\KillBox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\FlashGet\flashget.exe
C:\Downloads\KillBox.exe
C:\Documents and Settings\Chow Chee Ping\Desktop\Spyware Removal\hijackthis\HijackThis.exe

O2 - BHO: CLDown Object - {0BECAB3A-E1F8-45E6-8332-38DD750EBA01} - C:\Program Files\Tuotu\TuoTuHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: μ???? - {6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} - C:\Program Files\superutilbar\superutilbar.dll
O2 - BHO: Advance Helper - {8E25AC4A-B129-451B-BEE2-3B510BB751DA} - C:\WINDOWS\system32\NTDLL32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: IE Browser Helper - {D0903A3B-F0EA-434a-9742-98C5335C7946} - C:\WINDOWS\system32\IEHelper.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: ?3μ(FlashGet) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: μ????1???2.0 - {03465FF5-00AE-411a-9C34-960ED566EC03} - C:\Program Files\superutilbar\superutilbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKLM\..\Run: [V-Gear LiveShow] "C:\Program Files\V-Gear LiveShow\LiveShow.exe" -m
O4 - HKLM\..\Run: [snppro] C:\WINDOWS\vsnppro.exe
O4 - HKLM\..\Run: [System] C:\Program Files\Common Files\System\Updaterun.exe
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard XP\FGKey.exe /Start
O4 - HKLM\..\Run: [Desktop] "C:\WINDOWS\system32\internet.exe"
O4 - HKLM\..\Run: [Internet] "C:\WINDOWS\system32\internet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Taskbar Hide] C:\Program Files\Taskbar Hide\TaskBar.exe -Start
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 使用脱兔下载 - C:\Program Files\Tuotu\TT_one.htm
O8 - Extra context menu item: 使用脱兔下载全部链接 - C:\Program Files\Tuotu\TT_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ?3μ - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: ?3μ(FlashGet) - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-los...bGameLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136873311025
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\NTDLL32.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: lebm - {8E4EBCBE-45E7-4F21-9FBB-8F91BBFABF3A} - C:\PROGRA~1\kdal\lebm.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Active Virus Shield (AVP) - Unknown owner - C:\Program Files\AOL\Active Virus Shield\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Internet Connection Manager - Unknown owner - C:\WINDOWS\system32\internet.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLABR11\webserver\bin\matlabserver.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: WebPrint - Unknown owner - c:\windows\system32\webprint.exe

Edited by gibby_G, 02 April 2007 - 09:50 PM.


BC AdBot (Login to Remove)

 


#2 gibby_G

gibby_G
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:25 AM

Posted 02 April 2007 - 09:43 PM

Here is the System Repair Engineer log file if u might need it, thanks.

2007-04-03,10:37:31

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [N/A]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<Sonic RecordNow!><> [N/A]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc.]
<Taskbar Hide><C:\Program Files\Taskbar Hide\TaskBar.exe -Start> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Synaptics, Inc.]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<AGRSMMSG><AGRSMMSG.exe> [Agere Systems]
<Tvs><C:\Program Files\Toshiba\Tvs\TvsTray.exe> [TOSHIBA Corporation]
<dla><C:\WINDOWS\system32\dla\tfswctrl.exe> [Sonic Solutions]
<SmoothView><C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe> [TOSHIBA Corporation]
<PadTouch><C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe> [TOSHIBA]
<THotkey><C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe> [TOSHIBA]
<TFncKy><TFncKy.exe> [N/A]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<TPSMain><TPSMain.exe> [TOSHIBA Corporation]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)N/A]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe> [Sun Microsystems, Inc.]
<aol><"C:\Program Files\AOL\Active Virus Shield\avp.exe"> [AOL]
<V-Gear LiveShow><"C:\Program Files\V-Gear LiveShow\LiveShow.exe" -m> [Asiamajor Inc.]
<snppro><C:\WINDOWS\vsnppro.exe> [Sonix]
<System><C:\Program Files\Common Files\System\Updaterun.exe> [N/A]
<FG_Monitor><C:\Program Files\Folder Guard XP\FGKey.exe /Start> [(Verified)WinAbility? Software Corporation]
<Desktop><"C:\WINDOWS\system32\internet.exe"> [N/A]
<Internet><"C:\WINDOWS\system32\internet.exe"> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\WINDOWS\system32\NTDLL32.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Corporation]
<lebm><C:\PROGRA~1\kdal\lebm.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]

==================================
Startup Folders
[Bluetooth Manager]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk --> C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [TOSHIBA CORPORATION.]><N>

==================================
Services
[Adobe LM Service / Adobe LM Service]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Active Virus Shield / AVP]
<"C:\Program Files\AOL\Active Virus Shield\avp.exe" -r><AOL>
[Microsoft Update Service / BNESS]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\MROXT.DLL,Export 1087><Microsoft Corporation>
[ConfigFree Service / CFSvcs]
<C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe><TOSHIBA CORPORATION>
[DVD-RAM_Service / DVD-RAM_Service]
<C:\WINDOWS\system32\DVDRAMSV.exe><Matsubleepa Electric Industrial Co., Ltd.>
[Google Updater Service / gusvc]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InterBase Guardian / InterBaseGuardian]
<C:\Program Files\Borland\InterBase\bin\ibguard.exe><Borland Software Corporation>
[InterBase Server / InterBaseServer]
<C:\Program Files\Borland\InterBase\bin\ibserver.exe><Borland Software Corporation>
[Internet Connection Manager / Internet Connection Manager]
<"C:\WINDOWS\system32\internet.exe"><N/A>
[MATLAB Server / matlabserver]
<C:\MATLABR11\webserver\bin\matlabserver.exe><N/A>
[Navoct / Navoct]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Application Accelerator / Scripts]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\jpvks.dll><Microsoft Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[TOSHIBA Application Service / TAPPSRV]
<"C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"><TOSHIBA Corp.>
[WebPrint / WebPrint]
<2 - The system cannot find the file specified.
><N/A>

==================================
Drivers
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[TOSHIBA V92 Software Modem / AgereSoftModem]
<system32\DRIVERS\AGRSM.sys><Agere Systems>
[drvmcdb / drvmcdb]
<\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm]
<system32\drivers\drvnddm.sys><Sonic Solutions>
[FGUARD32 / FGUARD32]
<\??\C:\Program Files\Folder Guard XP\FGUARD32.SYS><WinAbility? Software Corporation>
[HSFHWCD2 / HSFHWCD2]
<system32\DRIVERS\HSFHWCD2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[iscFlash / iscFlash]
<\??\C:\DOCUME~1\CHOWCH~1\LOCALS~1\Temp\isc2Etmp\iscflash.sys><N/A>
[IVI ASPI Shell / Iviaspi]
<system32\drivers\iviaspi.sys><InterVideo, Inc.>
[kl1 / kl1]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[mdmxsdk / mdmxsdk]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[meiudf / meiudf]
<System32\Drivers\meiudf.sys><Matsubleepa Electric Industrial Co.,Ltd.>
[mspcidrv / mspcidrv]
<system32\DRIVERS\mspcidrv.sys><Windows ® 2000 DDK provider>
[msqmx / msqmx]
<\SystemRoot\system32\drivers\msqmx.sys><N/A>
[TOSHIBA Network Device Usermode I/O Protocol / Netdevio]
<system32\DRIVERS\netdevio.sys><TOSHIBA Corporation.>
[NSNDIS5 NDIS Protocol Driver / NSNDIS5]
<\??\C:\WINDOWS\system32\NSNDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nver / nverb]
<\SystemRoot\System32\DRIVERS\nverb.sys><N/A>
[Padus ASPI Shell / Pfc]
<system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SMC IrCC Miniport Device Driver / SMCIRDA]
<system32\DRIVERS\smcirda.sys><SMC>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[USB PC Camera (snppro) / SNPPRO]
<system32\DRIVERS\snppro.sys><N/A>
[sscdbhk5 / sscdbhk5]
<system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln]
<system32\drivers\ssrtln.sys><Sonic Solutions>
[SYMIDSCO / SYMIDSCO]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20050901.036\symidsco.sys><N/A>
[Synaptics TouchPad Driver / SynTP]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tfsnboio / tfsnboio]
<system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs]
<system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct]
<system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres]
<system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs]
<system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio]
<system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool]
<system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf]
<system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa]
<system32\dla\tfsnudfa.sys><Sonic Solutions>
[tifm21 / tifm21]
<system32\drivers\tifm21.sys><Texas Instruments>
[TOSHIBA Bluetooth HID port driver / toshidpt]
<system32\drivers\Toshidpt.sys><TOSHIBA Corporation.>
[Bluetooth Port Driver from Toshiba / tosporte]
<system32\DRIVERS\tosporte.sys><TOSHIBA Corporation>
[Bluetooth RFBUS from TOSHIBA / Tosrfbd]
<System32\Drivers\tosrfbd.sys><TOSHIBA CORPORATION>
[Bluetooth RFBNEP from TOSHIBA / Tosrfbnp]
<System32\Drivers\tosrfbnp.sys><TOSHIBA Corporation>
[Bluetooth RFCOMM from TOSHIBA / Tosrfcom]
<System32\Drivers\tosrfcom.sys><TOSHIBA Corporation>
[Bluetooth ACPI from TOSHIBA / tosrfec]
<system32\DRIVERS\tosrfec.sys><TOSHIBA Corporation>
[Bluetooth RFHID from TOSHIBA / Tosrfhid]
<system32\DRIVERS\Tosrfhid.sys><TOSHIBA Corporation.>
[Bluetooth Personal Area Network from TOSHIBA / tosrfnds]
<system32\DRIVERS\tosrfnds.sys><TOSHIBA Corporation.>
[Bluetooth USB Controller / Tosrfusb]
<System32\Drivers\tosrfusb.sys><TOSHIBA CORPORATION>
[Toshiba Mobile PC Service / TVALD]
<system32\DRIVERS\NBSMI.sys><Toshiba Corporation>
[Toshiba Virtual Sound with SRS technologies / Tvs]
<system32\DRIVERS\Tvs.sys><TOSHIBA Corporation>
[VCD VNC Virtual Network Adapter / vcddev]
<system32\DRIVERS\vcdvnic.sys><VNN B.J.>
[Intel® PRO/Wireless 2200BG Network Connection Driver for Windows XP / w29n51]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[Wlan1934 / Wlan1934]
<\??\C:\WINDOWS\system32\drivers\wlan1934.sys><N/A>
[World Standard Teletext Codec / WSTCODEC]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
Browser Add-ons
[CLDown Object]
{0BECAB3A-E1F8-45E6-8332-38DD750EBA01} <C:\Program Files\Tuotu\TuoTuHelper.dll, N/A>
[Flashget Catch Url Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, BitComet>
[实用搜索]
{6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[Advance Helper]
{8E25AC4A-B129-451B-BEE2-3B510BB751DA} <C:\WINDOWS\system32\NTDLL32.dll, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[IE Browser Helper]
{D0903A3B-F0EA-434a-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[gFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[Java Plug-in 1.5.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[快车]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, N/A>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411a-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Minesweeper Flags Class]
{2917297F-F02B-4B9D-81DF-494B6333150B} <C:\WINDOWS\Downloaded Program Files\minesweeper.dll, Microsoft Corporation>
[YInstStarter Class]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} <C:\Program Files\Yahoo!\Common\yinsthelper.dll, Yahoo! Inc.>
[WebGameLoader Class]
{3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} <C:\WINDOWS\Downloaded Program Files\ReflexiveWebGameLoader.dll, >
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[MessengerStatsClient Class]
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} <C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll, Microsoft Corporation>
[MessengerStatsClient Class]
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} <C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_05]
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Minesweeper Flags Class]
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MineSweeper.dll, Microsoft Corporation>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[BasicInfo Control]
{01949E45-A9F8-4655-8708-282F3D23485B} <C:\PROGRA~1\TOSHIBA\PCDiag\BASICI~1.OCX, Toshiba Corporation>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\WINDOWS\system32\QTPlugin.ocx, Apple Computer, Inc.>
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[NowStarter Control]
{072039AB-2117-4ED5-A85F-9B9EB903E021} <C:\WINDOWS\system32\NOWSTA~1.OCX, © NOWCOM>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CLDown Object]
{0BECAB3A-E1F8-45E6-8332-38DD750EBA01} <C:\Program Files\Tuotu\TuoTuHelper.dll, N/A>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Flashget Catch Url Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, BitComet>
[WebGameLoader Class]
{3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} <C:\WINDOWS\Downloaded Program Files\ReflexiveWebGameLoader.dll, >
[Microsoft Office Control]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
[CKAVReportCtrl Object]
{6117669B-8C2D-41FA-A6D9-9E484B999CF0} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[实用搜索]
{6CFD436C-7AAD-4E50-992F-C0C87A94CAD2} <C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Windows Media Services DRM Storage object]
{760C4B83-E211-11D2-BF3E-00805FBE84A6} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Advance Helper]
{8E25AC4A-B129-451B-BEE2-3B510BB751DA} <C:\WINDOWS\system32\NTDLL32.dll, N/A>
[IETimeBehaviorFactory Class]
{A4639D29-774E-11D3-A490-00C04F6843FB} <C:\PROGRA~1\COMMON~1\MICROS~1\MSORUN\MSORUN.DLL, Microsoft Corporation>
[IEAnimBehaviorFactory Class]
{A4639D2F-774E-11D3-A490-00C04F6843FB} <C:\PROGRA~1\COMMON~1\MICROS~1\MSORUN\MSORUN.DLL, Microsoft Corporation>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\Jccatch.dll, www.flashget.com>
[PCDiag Control]
{A8427A28-3400-4F98-BA90-39E78FF07537} <C:\PROGRA~1\TOSHIBA\PCDiag\PCDiag.ocx, Toshiba Corporation>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar4.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[OWSClientMiscApis Class]
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[Adobe Acrobat Control for ActiveX]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IE Browser Helper]
{D0903A3B-F0EA-434A-9742-98C5335C7946} <C:\WINDOWS\system32\IEHelper.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, Microsoft Corporation>
[GetInfo Class]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\PROGRA~1\Yahoo!\Common\yverinfo.dll, Yahoo! Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, TODO: <Company name>>
[快车(FlashGet)]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[SVG Document]
{EBF9B040-94C9-11D4-9064-00C04F78ACF9} <C:\WINDOWS\System32\Adobe\SVG Viewer\SVGControl.dll, Adobe Systems Incorporated>
[]
{F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <"C:\PROGRA~1\MSNMES~1\msgsc.dll", N/A>
[gFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[&Download All with FlashGet]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[&Download with FlashGet]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[Download all links using BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[Download all videos using BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[Download link using &BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[使用脱兔下载]
<C:\Program Files\Tuotu\TT_one.htm, N/A>
[使用脱兔下载全部链接]
<C:\Program Files\Tuotu\TT_all.htm, N/A>

==================================
Running Processes
[PID: 1968][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ixsyo.dll] [N/A, N/A]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\Program Files\SmartFTP Client 2.0\smarthook.dll] [SmartFTP, 1.0.2.1]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\WINDOWS\Downloaded Program Files\817695\NTDLL32.dll] [N/A, N/A]
[C:\WINDOWS\system32\webpageparser.dll] [N/A, N/A]
[C:\WINDOWS\system32\Charset.dll] [N/A, N/A]
[C:\WINDOWS\system32\CreateDomTree.dll] [N/A, N/A]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\WINDOWS\system32\TPwrCfg.DLL] [TOSHIBA Corporation, 1, 0, 8, 1]
[C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0]
[C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0]
[C:\Program Files\Tuotu\TuoTuHelper.dll] [N/A, 2.0.0.6]
[C:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 0, 1003]
[C:\Program Files\BitComet\tools\BitCometBHO.dll] [BitComet, 20061116]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\AOL\Active Virus Shield\shellex.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Folder Guard XP\FGUARD32.DLL] [WinAbility? Software Corporation, 7.91]
[PID: 2044][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 5, 0, 2, 1]
[C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Devices, Inc., 5, 0, 2, 008]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 184][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 192][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 204][C:\WINDOWS\AGRSMMSG.exe] [Agere Systems, 2.1.47.6 2.1.47.6 10/28/2004 13:37:38]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 212][C:\Program Files\Toshiba\Tvs\TvsTray.exe] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\WINDOWS\system32\TvsCtrl.dll] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\Program Files\Toshiba\Tvs\TvsRes.dll] [TOSHIBA Corporation, 1, 0, 0, 4]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 220][C:\WINDOWS\system32\dla\tfswctrl.exe] [Sonic Solutions, 1.04.08a]
[C:\WINDOWS\system32\tfswapi.dll] [Sonic Solutions, 1.04.08a]
[C:\WINDOWS\system32\dla\tfswcres.dll] [Sonic Solutions, 1.04.08a]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 224][C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe] [TOSHIBA Corporation, 2, 0, 0, 18]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 236][C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe] [TOSHIBA, 1, 2, 7, 0]
[C:\Program Files\TOSHIBA\Touch and Launch\PadHook.dll] [ , 1, 2, 2, 0]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[PID: 232][C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe] [TOSHIBA, 1.00.0014]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\TCMSVR.dll] [TOSHIBA Corp., 1, 0, 0, 13M]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 248][C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe] [TOSHIBA Corporation, 3.14.00]
[C:\WINDOWS\system32\TCtrlCommon.dll] [TOSHIBA Corporation, 3.13.00]
[C:\Program Files\TOSHIBA\TOSHIBA Controls\TBtnCommon.dll] [TOSHIBA Corporation, 3.12.00]
[C:\WINDOWS\system32\TCtrlIO.DLL] [, 1, 0, 1, 7]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 244][C:\WINDOWS\system32\TPSMain.exe] [TOSHIBA Corporation, 1, 0, 14, 1]
[C:\WINDOWS\system32\TPSMainCtl.dll] [TOSHIBA Corporation, 1, 0, 4, 0]
[C:\WINDOWS\system32\CpuPerf.dll] [TOSHIBA Corporation, 1, 0, 1, 0]
[C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0]
[C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0]
[C:\WINDOWS\system32\TPeculiarity.dll] [TOSHIBA Corporation, 1, 0, 2, 4]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 332][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 384][C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.50.5]
[PID: 404][C:\Program Files\V-Gear LiveShow\LiveShow.exe] [Asiamajor Inc., 2, 0, 0, 0]
[C:\WINDOWS\system32\QUARTZ.dll] [N/A, N/A]
[C:\WINDOWS\system32\qcap.dll] [N/A, N/A]
[C:\WINDOWS\system32\devenum.dll] [N/A, N/A]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[PID: 412][C:\WINDOWS\vsnppro.exe] [Sonix, 1, 0, 1, 8]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 420][C:\Program Files\Common Files\System\Updaterun.exe] [N/A, N/A]
[PID: 428][C:\Program Files\Folder Guard XP\FGKey.exe] [WinAbility? Software Corporation, 7.91]
[C:\Program Files\Folder Guard XP\FGuard32.dll] [WinAbility? Software Corporation, 7.91]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 556][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 760][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_en.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 932][C:\WINDOWS\system32\TPSBattM.exe] [TOSHIBA Corporation, 1, 0, 2, 0]
[C:\WINDOWS\system32\TPwrCfg.DLL] [TOSHIBA Corporation, 1, 0, 8, 1]
[C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0]
[C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 1008][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe] [TOSHIBA CORPORATION., 3.03.4y10.US]
[C:\WINDOWS\system32\TosBtSDDB.dll] [TOSHIBA CORPORATION., 3.03.4y10.0]
[C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 3, 03, 0, 0]
[C:\WINDOWS\system32\TosCommAPI.dll] [N/A, N/A]
[C:\WINDOWS\system32\TosLaneAPI.dll] [TOSHIBA CORPORATION., 1, 0, 3, 0]
[C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 3.03.4y10.0]
[C:\WINDOWS\system32\LCWizard.dll] [TOSHIBA CORPORATION, 3, 01, 4325, US]
[C:\WINDOWS\system32\TosHidAPI.dll] [N/A, N/A]
[C:\WINDOWS\system32\TosGnsAPI.dll] [TOSHIBA CORPORATION., 1, 0, 0, 2]
[C:\WINDOWS\system32\TosAcpiAPI.dll] [TOSHIBA CORPORATION., 1, 0, 3, 0]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll] [N/A, N/A]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 1272][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe] [TOSHIBA CORPORATION., 3.01.4x19.US]
[C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 3.03.4y10.0]
[C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 3, 03, 0, 0]
[C:\WINDOWS\system32\TosAvdtAPI.dll] [TOSHIBA CORPORATION., 3.01.4x19.0]
[C:\WINDOWS\system32\TosSndAPI.dll] [TOSHIBA CORPORATION., 3.00.3707.0]
[C:\WINDOWS\system32\TosSndPlug.dll] [TOSHIBA CORPORATION., 3.01.4914.US]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 1648][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe] [TOSHIBA CORPORATION., 3.01.4x19.US]
[C:\WINDOWS\system32\TosAvctAPI.dll] [TOSHIBA CORPORATION., 3.01.4x19.0]
[C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 3.03.4y10.0]
[C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 3, 03, 0, 0]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 1872][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe] [TOSHIBA CORPORATION., 2.03.3603.0]
[C:\WINDOWS\system32\LCWizard.dll] [TOSHIBA CORPORATION, 3, 01, 4325, US]
[C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 3.03.4y10.0]
[C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 3, 03, 0, 0]
[C:\WINDOWS\system32\TosSndAPI.dll] [TOSHIBA CORPORATION., 3.00.3707.0]
[C:\WINDOWS\system32\TosSndPlug.dll] [TOSHIBA CORPORATION., 3.01.4914.US]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[PID: 3348][c:\PROGRA~1\iesnap\navplay.exe] [, 1, 0, 1, 1]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 3524][C:\Documents and Settings\Chow Chee Ping\Desktop\Spyware Removal\KillBox.exe] [Option^Explicit Software vbtechcd@gmail.com, 2.00.0175]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 3032][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[c:\program files\google\googletoolbar4.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[C:\Program Files\Tuotu\TuoTuHelper.dll] [N/A, 2.0.0.6]
[C:\Program Files\FlashGet\jccatch.dll] [www.flashget.com, 1, 8, 0, 1003]
[C:\Program Files\BitComet\tools\BitCometBHO.dll] [BitComet, 20061116]
[C:\Program Files\FlashGet\getflash.dll] [, 1, 0, 0, 1]
[c:\PROGRA~1\iesnap\navpref.dll] [, 1, 0, 1, 1]
[c:\PROGRA~1\iesnap\navseg.dll] [, 1, 0, 1, 1]
[c:\PROGRA~1\iesnap\navneg.dll] [, 1, 0, 1, 1]
[PID: 2648][C:\Program Files\FlashGet\flashget.exe] [FlashGet.com, 1, 8, 0, 1002]
[C:\Program Files\FlashGet\FGBTCORE.dll] [N/A, 1, 0, 0, 25]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 3060][C:\Downloads\KillBox.exe] [Option^Explicit Software vbtechcd@gmail.com, 2.00.0881]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 3732][C:\Documents and Settings\Chow Chee Ping\Desktop\Spyware Removal\hijackthis\HijackThis.exe] [Soeperman Enterprises Ltd., 1.99.0001]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]
[PID: 868][C:\Documents and Settings\Chow Chee Ping\Desktop\Spyware Removal\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 0, 1001]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.4 14Oct04]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 1]
[C:\Program Files\Folder Guard XP\FGH32.dll] [WinAbility? Software Corporation, 7.91]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScript]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================

#3 gibby_G

gibby_G
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:25 AM

Posted 03 April 2007 - 12:21 AM

Hello...? Could someone pls help as i know the malware infection will getting worse if we don't solve immediately... :thumbsup:

Edited by gibby_G, 03 April 2007 - 12:22 AM.


#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:06:25 PM

Posted 03 April 2007 - 04:58 AM

Welcome to the BleepingComputer HijackThis forum gibby_G :thumbsup:

Please download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.

You should copy/print the following because you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Scan with DrWeb-CureIt as follows:
* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis"
* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.
* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.
* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
* After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
*Also post a new Hijackthis log please.
Posted Image
Posted Image

#5 gibby_G

gibby_G
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:25 AM

Posted 03 April 2007 - 11:47 PM

Hi thanks Richie.
The thing is i cannot stay a little longer with the Windows.
So once i start the computer, it will go "blue screen" very fast and saying dumping memory...
What to do?

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:06:25 PM

Posted 04 April 2007 - 05:43 AM

If you're able to start up in Safe Mode,lets try the following.

You might want to print/copy the following.

Reboot your computer into SAFE MODE using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Click on Start>Run and type Services.msc then hit Ok.
Scroll down and find the service's [if listed] called:
Internet Connection Manager
WebPrint

In the next window that opens, click their 'Stop' buttons.
Then change their 'Startup Types' to 'Disabled'.
Now press Apply and then Ok and close any open windows.

************************

Please make sure all hidden files are showing:

* Click 'Start'.
* Open 'My Computer'.
* Select the 'Tools' menu and click 'Folder Options'.
* Select the 'View' tab.
* Under the 'Hidden files and folders' heading select 'Show hidden files and folders'.
* Uncheck the 'Hide file extensions for known types' option.
* Uncheck the 'Hide protected operating system files (recommended)' option.
* Click Yes to confirm.
* Click OK.

************************

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O2 - BHO: Advance Helper - {8E25AC4A-B129-451B-BEE2-3B510BB751DA} - C:\WINDOWS\system32\NTDLL32.dll
O2 - BHO: IE Browser Helper - {D0903A3B-F0EA-434a-9742-98C5335C7946} - C:\WINDOWS\system32\IEHelper.dll
O4 - HKLM\..\Run: [System] C:\Program Files\Common Files\System\Updaterun.exe
O4 - HKLM\..\Run: [Desktop] "C:\WINDOWS\system32\internet.exe"
O4 - HKLM\..\Run: [Internet] "C:\WINDOWS\system32\internet.exe"
O20 - AppInit_DLLs: C:\WINDOWS\system32\NTDLL32.dll
O21 - SSODL: lebm - {8E4EBCBE-45E7-4F21-9FBB-8F91BBFABF3A} - C:\PROGRA~1\kdal\lebm.dll (file missing)
O23 - Service: Internet Connection Manager - Unknown owner - C:\WINDOWS\system32\internet.exe
O23 - Service: WebPrint - Unknown owner - c:\windows\system32\webprint.exe

Exit Hijackthis.

Find and delete if present:
C:\PROGRAM FILES\kdal
C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE
c:\windows\system32\webprint.exe
C:\WINDOWS\system32\NTDLL32.dll
C:\WINDOWS\system32\IEHelper.dll
C:\WINDOWS\system32\internet.exe
C:\Program Files\Common Files\System\Updaterun.exe

Now restart your pc,let me know what happens.
Posted Image
Posted Image

#7 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:06:25 PM

Posted 21 April 2007 - 08:45 AM

Due to the lack of feedback this topic will now be closed.
If you need this topic reopened, please email the moderating team - be sure to include the address of the thread and the name you posted under.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users