Thread: [Resolved]Intermittent CPU spikes.
View Single Post
  #3 (permalink)  
Old 23-05-2009, 06:36 PM
mont1uk mont1uk is offline
Newbie
D-A-L Newbie
  
Join Date: May 2009
Posts: 8
mont1uk Is a beginner here at D-A-L
re: [Resolved]Intermittent CPU spikes.
Ok here goes,

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 05/22/2009 at 10:02 PM

Application Version : 4.26.1002

Core Rules Database Version : 3907
Trace Rules Database Version: 1852

Scan type : Complete Scan
Total Scan Time : 01:13:00

Memory items scanned : 654
Memory threats detected : 0
Registry items scanned : 5999
Registry threats detected : 2
File items scanned : 145751
File threats detected : 183

Adware.Tracking Cookie
(Omitted as stated)

Trojan.NewDotNet
HKU\.DEFAULT\Software\New.net
HKU\S-1-5-18\Software\New.net

Trojan.Unknown Origin
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WFWBWJWN\CBKRGJUF.EXE

Unclassified.Oreans32
C:\WINDOWS\SYSTEM32\DRIVERS\OREANS32.SYS

Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 5.1.2600 Service Pack 2

23/05/2009 16:39:00
mbam-log-2009-05-23 (16-39-00).txt

Scan type: Full Scan (C:\|)
Objects scanned: 186699
Time elapsed: 1 hour(s), 27 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.14972 - GMER - Rootkit Detector and Remover
Rootkit scan 2009-05-23 18:30:02
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xB9EC00D0]
SSDT sptd.sys ZwEnumerateKey [0xB9EC5E2C]
SSDT sptd.sys ZwEnumerateValueKey [0xB9EC61BA]
SSDT sptd.sys ZwOpenKey [0xB9EC00B0]
SSDT sptd.sys ZwQueryKey [0xB9EC6292]
SSDT sptd.sys ZwQueryValueKey [0xB9EC6112]
SSDT sptd.sys ZwSetValueKey [0xB9EC6324]

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload B90EF62C 5 Bytes JMP 8A442780
? System32\Drivers\aggp1tag.SYS The system cannot find the path specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[748] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[748] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Belkin\F5D8051v2\Belkinwcui.exe[888] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 00F57FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Belkin\F5D8051v2\Belkinwcui.exe[888] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00F57EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Motherboard Monitor 5\MBM5.EXE[1516] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 00CF7FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Motherboard Monitor 5\MBM5.EXE[1516] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00CF7EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\MultiRes\MultiRes.exe[1648] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\MultiRes\MultiRes.exe[1648] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[1748] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 03D47FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[1748] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 03D47EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\WebcamMax\wcmmon.exe[1812] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\WebcamMax\wcmmon.exe[1812] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\WINDOWS\system\CMGxMon.exe[1952] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\WINDOWS\system\CMGxMon.exe[1952] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[1984] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[1984] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Belkin\Bluetooth Software\BTTray.exe[2060] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 00E77FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Belkin\Bluetooth Software\BTTray.exe[2060] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00E77EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2068] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2068] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\SEC\Natural Color Pro\NCProTray.exe[2084] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\SEC\Natural Color Pro\NCProTray.exe[2084] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[2136] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 00FA7FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[2136] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00FA7EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\ASUS Xonar DX Audio\Customapp\Program\MXMon.exe[2236] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\ASUS Xonar DX Audio\Customapp\Program\MXMon.exe[2236] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2288] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2288] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Razer\DeathAdder\razerofa.exe[2368] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Razer\DeathAdder\razerofa.exe[2368] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE[2480] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 014E7FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE[2480] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 014E7EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2916] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2916] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Documents and Settings\Nick\Desktop\gmer.exe[3632] ole32.dll!CoCreateInstanceEx 77500526 5 Bytes JMP 10007FD0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)
.text C:\Documents and Settings\Nick\Desktop\gmer.exe[3632] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 10007EE0 C:\WINDOWS\system\CmGxSrv.DLL (CMGxSrv Dynamic Link Library/C-Media Electronics Inc.)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EC0AD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EC0C1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EC0B9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EC1748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EC161E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9ED5ACA] sptd.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A94A1E8
Device \Driver\usbuhci \Device\USBPDO-0 8A4197A0
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A8DA1E8
Device \Driver\dmio \Device\DmControl\DmConfig 8A8DA1E8
Device \Driver\dmio \Device\DmControl\DmPnP 8A8DA1E8
Device \Driver\dmio \Device\DmControl\DmInfo 8A8DA1E8
Device \Driver\usbuhci \Device\USBPDO-1 8A4197A0
Device \Driver\usbuhci \Device\USBPDO-2 8A4197A0
Device \Driver\usbehci \Device\USBPDO-3 8A3407A0
Device \Driver\usbuhci \Device\USBPDO-4 8A4197A0
Device \Driver\usbuhci \Device\USBPDO-5 8A4197A0
Device \Driver\usbuhci \Device\USBPDO-6 8A4197A0
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A94C1E8
Device \Driver\usbehci \Device\USBPDO-7 8A3407A0
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A94C1E8
Device \Driver\Cdrom \Device\CdRom0 8A51E5F8
Device \Driver\atapi \Device\Ide\IdePort0 8A94B1E8
Device \Driver\atapi \Device\Ide\IdePort1 8A94B1E8
Device \Driver\atapi \Device\Ide\IdePort2 8A94B1E8
Device \Driver\atapi \Device\Ide\IdePort3 8A94B1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-10 8A94B1E8
Device \Driver\atapi \Device\Ide\IdePort4 8A94B1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-8 8A94B1E8
Device \Driver\atapi \Device\Ide\IdePort5 8A94B1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b 8A94B1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A3EA7A0
Device \Driver\NetBT \Device\NetbiosSmb 8A3EA7A0
Device \Driver\usbuhci \Device\USBFDO-0 8A4197A0
Device \Driver\PCI_NTPNP4010 \Device\0000006c sptd.sys
Device \Driver\usbuhci \Device\USBFDO-1 8A4197A0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A38F7A0
Device \Driver\usbuhci \Device\USBFDO-2 8A4197A0
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A38F7A0
Device \Driver\usbehci \Device\USBFDO-3 8A3407A0
Device \Driver\usbuhci \Device\USBFDO-4 8A4197A0
Device \Driver\Ftdisk \Device\FtControl 8A94C1E8
Device \Driver\usbuhci \Device\USBFDO-5 8A4197A0
Device \Driver\NetBT \Device\NetBT_Tcpip_{F542B2F7-6F2D-4EEA-8AA0-FED09C149585} 8A3EA7A0
Device \Driver\usbuhci \Device\USBFDO-6 8A4197A0
Device \Driver\usbehci \Device\USBFDO-7 8A3407A0
Device \Driver\aggp1tag \Device\Scsi\aggp1tag1 8A4D77A0
Device \FileSystem\Cdfs \Cdfs 8A3E17A0

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4@khjeh 0x0E 0xDE 0x0E 0x4D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x30 0x91 0x45 0xF1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khje h 0x0D 0x3D 0x84 0xD0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khje h 0x11 0xCD 0x13 0x84 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf42
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khje h 0x77 0xD6 0x80 0x7C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf43
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19 659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khje h 0x76 0x46 0x15 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4@khjeh 0x0E 0xDE 0x0E 0x4D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001@khjeh 0x30 0x91 0x45 0xF1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0D 0x3D 0x84 0xD0 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x11 0xCD 0x13 0x84 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf42
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x77 0xD6 0x80 0x7C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf43
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\196592 39224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x76 0x46 0x15 0x00 ...

---- EOF - GMER 1.0.15 ----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31:04, on 23/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\PCI Latency Tool 3\LtcyCfgSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\WINDOWS\system\CMGxMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS Xonar DX Audio\Customapp\Program\ASUSAUDIOCENTER.EXE
C:\Program Files\Belkin\F5D8051v2\Belkinwcui.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ASUS Xonar DX Audio\Customapp\Program\MXMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [MultiRes] C:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Cmaudio8788GX] C:\WINDOWS\system\CMGxMon.exe Envoke
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\Common\eReg.exe
O4 - Global Startup: Belkin Wireless Networking Utility.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: PCI Latency Tool Service (LtcyCfgSvc) - Unknown owner - C:\Program Files\PCI Latency Tool 3\LtcyCfgSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Microsoft .NET Framework v1.1.4322 Update (NetFxUpdate_v1.1.4322) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 8276 bytes
Reply With Quote