Jump to content

Msnmgrs use so much memory


Recommended Posts

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4401

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

8/7/2010 9:41:29 AM

mbam-log-2010-08-07 (09-41-29).txt

Scan type: Quick scan

Objects scanned: 154604

Time elapsed: 28 minute(s), 32 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

I have update and scan my pc with kaspersky, it found nothing

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

How much memory is it using?

Please run the PCPitstop Full Tests here. When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post the one that is not minimized.

Link to post
Share on other sites

Msn process is using 89-100% I cant even open any messenger windows to reply.

This is happen recently. I have uninstall and install a new version this morning. same thing still happen.

I'm still trying to get the pitstop scanning. its not working with both firefox and IE.

DDS (Ver_10-03-17.01) - NTFSx86

Run by Ian Lau at 13:12:27.12 on Sun 08/08/2010

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1066 [GMT 8:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell\QuickSet\Quickset.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\I8kfanGUI\I8kfanGUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Winamp\winamp.exe

C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Ian Lau\Desktop\Downloads\flashget\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www1.ap.dell.com/content/default.aspx?c=my&l=en&s=gen

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = hxxp://www1.ap.dell.com/content/default.aspx?c=my&l=en&s=gen

uInternet Settings,ProxyServer = 203.162.183.222:80

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll

TB: FlashGet: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\program files\flashget\fgiebar.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe

uRun: [i8kfangui] c:\program files\i8kfangui\I8kfanGUI.exe /startup

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [Dell QuickSet] c:\program files\dell\quickset\Quickset.exe

mRun: [WD Drive Manager] c:\program files\western digital\wd drive manager\WDBtnMgrUI.exe

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRunOnce: [GrpConv] grpconv.exe -o

dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm

IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm

IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000

IE: Save YouTube Video as MP3

IE: Se&nd to OneNote - /105

IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab

DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://www.nanoscan.com/as/v1/cabs/asinst.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EDDA7B3F-CA25-4D98-81AC-8BA0E4AE65F6} - hxxps://ef.hasil.org.my/scrs-lhdn_malay/dcCertUtils.CAB

TCP: {4641D3A1-4468-4ACD-8425-23738B380D85} = 10.1.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: AtiExtEvent - Ati2evxx.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: c:\progra~1\kasper~1\kasper~2\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~2\kloehk.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ianlau~1\applic~1\mozilla\firefox\profiles\ok6ho7lc.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au

FF - component: c:\documents and settings\ian lau\application data\mozilla\firefox\profiles\ok6ho7lc.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll

FF - plugin: c:\documents and settings\ian lau\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\ian lau\application data\mozilla\firefox\profiles\ok6ho7lc.default\extensions\{bc0ae9e6-e549-4554-a222-ea083a894683}\plugins\npQuickUpload.dll

FF - plugin: c:\documents and settings\ian lau\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\progra~1\meadco~1\npmeadax.dll

FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

ef", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]

R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-4-15 14464]

R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-9-1 128016]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-10-26 315408]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]

R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456]

R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-29 275968]

R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\western digital\wd drive manager\WDBtnMgrSvc.exe [2008-7-24 102400]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32272]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]

R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]

S2 0275011227852929mcinstcleanup;0275011227852929mcinstcleanup; [x]

S2 PRTGService;PRTG Service;c:\program files\prtg traffic grapher\prtg traffic grapher.exe --> c:\program files\prtg traffic grapher\PRTG Traffic Grapher.exe [?]

S2 prtgwatchservice;PRTG Watchdog;c:\program files\prtg traffic grapher\watchdog\prtgwatchdog.exe --> c:\program files\prtg traffic grapher\watchdog\prtgwatchdog.exe [?]

S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-10-29 30603640]

S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-5-3 131456]

S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-5-3 79104]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-4-6 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-4-6 8320]

=============== Created Last 30 ================

2010-08-08 04:44:24 0 d-----w- c:\program files\MeadCo Neptune

2010-08-07 01:37:41 0 d-----w- c:\program files\Microsoft

2010-07-19 15:47:26 0 d-----w- c:\docume~1\ianlau~1\applic~1\OpenOffice.org

2010-07-19 15:44:00 0 d-----w- c:\program files\JRE

2010-07-19 15:43:28 0 d-----w- c:\program files\OpenOffice.org 3

2010-07-19 15:42:26 73728 ----a-w- c:\windows\system32\javacpl.cpl

2010-07-19 15:42:26 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-07-19 15:02:55 0 d-----w- c:\program files\MSECache

2010-07-17 12:26:11 0 d-----w- c:\program files\Counter-Strike 1.6

2010-07-14 09:39:07 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe

2010-07-12 13:05:29 482408 ----a-w- c:\windows\ssndii.exe

2010-07-12 13:05:26 0 d-----w- c:\program files\SamsungPrinterLiveUpdate

2010-07-12 13:05:21 0 d-----w- c:\windows\Samsung

2010-07-12 13:04:19 361 ----a-w- c:\windows\system32\ssp7ml3.smt

2010-07-12 13:04:19 26624 ----a-w- c:\windows\system32\ssp7ml3.dll

2010-07-12 13:04:00 65536 ----a-w- c:\windows\system32\ssp7mci.dll

2010-07-12 13:04:00 151552 ----a-w- c:\windows\system32\ssp7mci.exe

2010-07-12 13:03:43 49152 ----a-w- c:\windows\system32\ssusbpn.dll

2010-07-12 13:03:42 81920 ----a-w- c:\windows\system32\ssdevm.dll

2010-07-12 13:03:39 21776 ----a-w- c:\windows\system32\msxml2a.dll

2010-07-12 13:02:26 5430 ------w- c:\windows\AnyWeb Print.ico

2010-07-12 13:02:26 133757 ------w- c:\windows\SmartCMS2.ico

2010-07-12 13:02:26 11502 ------w- c:\windows\Dr. Printer Icon.ico

2010-07-12 13:02:26 0 d-----w- c:\program files\Samsung

==================== Find3M ====================

2010-08-05 07:46:39 76672 ---ha-w- c:\windows\system32\mlfcache.dat

2010-07-30 05:03:28 97549 ----a-w- c:\windows\system32\drivers\klick.dat

2010-07-30 05:03:28 113933 ----a-w- c:\windows\system32\drivers\klin.dat

2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll

2010-06-24 03:53:40 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs

2010-06-24 03:53:37 0 ----a-w- c:\windows\system32\drivers\logiflt.iad

2010-06-17 02:00:04 0 ---h--w- c:\docume~1\alluse~1\applic~1\PKP_DLbx.DAT

============= FINISH: 13:13:57.29 ===============

Link to post
Share on other sites

  • 2 weeks later...
Volume in drive C has no label.

Volume Serial Number is 183B-CAA0

Directory of C:\Documents and Settings\Ian Lau\desktop

08/22/2010 07:30 AM <DIR> .

08/22/2010 07:30 AM <DIR> ..

08/12/2010 04:38 PM 830,788 11082010997.jpg

07/18/2010 12:49 PM <DIR> Acca

02/05/2009 12:00 PM 856 Adobe Photoshop CS4.lnk

08/21/2010 11:27 AM 665,499 bayer.pdf

08/18/2010 11:58 AM 303,484 BL100_Topic7_Bentley_sem1_10_Student.pptx

08/22/2010 07:30 AM 0 check.txt

08/22/2010 07:29 AM <DIR> CIC Class Notes

07/28/2010 12:23 PM 441,092 Curtin_bus_timetable_2010.pdf

08/21/2010 10:31 AM 514,301 CU_Instructions_for_students_CIC_TRI2.docx

08/20/2010 09:34 PM <DIR> D80

08/05/2010 05:02 PM <DIR> Downloads

08/09/2010 01:35 PM 245 eco.txt

08/21/2010 11:13 AM 176,190 GreenpeaceRanksPesticideCos20081606.pdf

08/18/2010 07:09 PM 21,999 icon.JPG

08/13/2010 08:02 AM 115 jet li.txt

08/21/2010 09:18 PM 4,337,613 Joo Ji-Hoon and Yoon Eun-Hye ive Fallin For You.mp3

06/06/2010 03:22 PM <DIR> New Folder (2)

08/15/2010 09:51 AM 0 Parachute

08/18/2010 11:58 AM 30,811 Practice_test_sem2_10.docx

08/19/2010 07:57 AM 1,426,432 Revised_version_International_Trade_201002_1_.ppt

15 File(s) 8,749,425 bytes

7 Dir(s) 15,457,452,032 bytes free

done

Link to post
Share on other sites

Hi

May i know how do i reboot to recovery console?

I try using Safe mode with command prompt. Is it correct?

I login using the admin account instead of my account.

i enter the command that u give me but i get "Could Not Find C:\Documents and settings\Ian Lau\Desktop\Parachute"

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Glad we could help. :(

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.