Созданные ответы форума
-
Сообщения
-
Valeri, доброго времени суток, заранее извиняюсб за некропостинг, но новую тему не хочу создавать. Хотелось бы удалить комбофикс с компа, чтобы не заражать его в случае чего. Комп работает намного лучше, и отдельно встречающиеся глюки можно наверное списать на ОС. Хотя.. всё может быть 😀
Сделал как вы сказали. Не знаю прошло или нет, но лог прилагаю. Кстати, КомбоФикс почему то говорит каждый раз про запущенный антивирус Avira, хотя я его удалил когда ставил Каспера… Непонятно. В любом случае, жду дальнейших указаний.
День добрый. Скачал, запустил, проверил. Ничего не понял, но IE почему-то теперь не дефолтный браузер. Почему? Прилагаю лог. Кстати, какие еще изменения призошли? Простите, что много спрашиваю, просто уж очень интересно стало. Заранее спасибо.
Доброго времени суток. Сделал всё как вы сказали. Честно говоря — был немного шокирован тем, откуда столько дряни могло взяться, ведь я постоянно сидел со включенной защитой антивируса. Но тем не менее — 23 объекта каким то образом проникли. Кароче говоря — удалил всё и выкладываю 2 лога. Жду дальнейших указаний.
Valeri, доброго времени суток.
Поставил касперского, и теперь даже не знаю, помогло мне это или же наоборот. Дело в том, что проблема с отключением компа исчезла, но появились новые, а именно: комп начал то и дело глючить. Проявляется это в том, что IE и Mozillа (хотя чаще ИЕ все-таки) переодически зависают, медленно работают и переодически закрываются сами. Постоянно вылетают сообщения о каких-либо ошибках, содержащих в себе названия файлов типа 4.tmp, 13.tmp, 22.tmp и так далее. Хотя RSIT работает, чем я не замедлил воспользоваться.
Если в целом — прилагаю 2 лога и надеюсь получить совет о том, что мне делать. Также хотелось бы знать, из-за чего такие непонятные метаморфозы с компом. Я конечно слышал, что Касперский ооочень тормозит систему, но что б на столько… Хотя, быть может это и не из-за него. Стал подумывать о переустановке ОС. Что скажете?
Valrei, большое вам спасибо, вроде всё работает нормально. Касперский нашел правда еще что-то, но думается мне — это не серьёзно. По крайней не так как было. Тем не менее, прилагаю еще 2 лога. Как прикрепить лог Касперского в html я не разобрался, поэтому скопировал его в txt файл
Valeri, очень приятно находиться на этом форуме. Чувствую себя в руках профи. С временем ответа конечно долговато, но судя по всему — это ваш Фан проект, поэтому всё понимаю. Сделал в точности всё как вы сказали, прилагаю 2 лога. Хотелось бы знать, можно ли заходить в Интернет банки, системы наподобие Webmoney и Moneybookers, да и вообще, вводить где-либо конфеденциальную информацию? Дело в том, что моя работа завязана напрямую с этими сервисами, и без них мне никак. Но и потерять всё из-за спешки — это тоже не вариант. Вобщем жду не только инструкций, но и советов. Со мной впервые такое, так как к безопасности компа подхожу довольно щепетильно.
Заранее спасибо.
OTM log
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========ServiceDriver acpi32 deleted successfully.
ServiceDriver amd64si deleted successfully.
ServiceDriver ati64si deleted successfully.
ServiceDriver fips32cup deleted successfully.
ServiceDriver i386si deleted successfully.
ServiceDriver ksi32sk deleted successfully.
ServiceDriver netsik deleted successfully.
ServiceDriver nicsk32 deleted successfully.
ServiceDriver port135sik deleted successfully.
ServiceDriver securentm deleted successfully.
ServiceDriver systemntmi deleted successfully.
ServiceDriver ws2_32sik deleted successfully.
ServiceDriver jnv4_mib deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregUser deleted successfully.
Registry key HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^User^Start Menu^Programs^Startup^rncsys32.exe deleted successfully.
========== FILES ==========
C:Documents and SettingsUserUser.exe moved successfully.
C:Documents and SettingsUserStart MenuProgramsStartuprncsys32.exe moved successfully.
========== COMMANDS ==========[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytesUser: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytesUser: LocalService
->Temp folder emptied: 136628 bytes
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 35488 bytesUser: NetworkService
->Temp folder emptied: 170785 bytes
->Temporary Internet Files folder emptied: 33237 bytesUser: postgres
->Temp folder emptied: 307413 bytes
File delete failed. C:Documents and SettingspostgresLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33174 bytesUser: Seeker
User: User
->Temp folder emptied: 1124348820 bytes
->Temporary Internet Files folder emptied: 92313350 bytes
->Java cache emptied: 13791950 bytes
->FireFox cache emptied: 46897012 bytes
->Opera cache emptied: 40022425 bytes%systemdrive% .tmp files removed: 0 bytes
C:WINDOWSmsdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%System32 .tmp files removed: 150999869 bytes
Windows Temp folder emptied: 3798960 bytes
RecycleBin emptied: 0 bytesTotal Files Cleaned = 1406.78 mb
OTM by OldTimer — Version 3.0.0.5 log created on 07152009_023905
Files moved on Reboot…
Registry entries deleted on Reboot…
RTSI log.txt
Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-07-15 03:00:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (3%) free of 114 GB
Total RAM: 1023 MB (43% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:00:40, on 15/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesLavasoftAd-Awareaawservice.exe
C:WINDOWSnotepad.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe
C:Program FilesAntiVir PersonalEdition Classicavgnt.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesICQ6.5ICQ.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAntiVir PersonalEdition Classicsched.exe
C:Program FilesAntiVir PersonalEdition Classicavguard.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesPrevxprevx.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesPostgreSQL8.2binpg_ctl.exe
C:Program FilesPrevxprevx.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSSystem32alg.exe
C:Program FilesiTunesiTunes.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsUserDesktopRSIT.exe
C:Program Filestrend microUser.exe
C:Program FilesInternet Exploreriexplore.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.com/search/search_frame.php
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 62.23.83.110:80
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: IeCatch5 Class — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 — HKLM..Run: [NVMixerTray] «C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe»
O4 — HKLM..Run: [avgnt] «C:Program FilesAntiVir PersonalEdition Classicavgnt.exe» /min
O4 — HKLM..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [Regedit32] C:WINDOWSsystem32regedit.exe
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [LocalService] C:Documents and SettingsLocalServiceLocalService.exe /i (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-21-789336058-1844823847-725345543-1004..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘postgres’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:PROGRA~1FlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:PROGRA~1FlashGetjc_link.htm
O9 — Extra button: PartyGammon.com — {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} — C:Program FilesPartyGamingPartyGammonRunBackGammon.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyGammon.com — {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} — C:Program FilesPartyGamingPartyGammonRunBackGammon.exe (filemissing)
O9 — Extra button: ICQ Pro — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra button: (no name) — {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} — (no file)
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:Program FilesPartyGamingPartyPokerRunApp.exe
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:Program FilesPartyGamingPartyPokerRunApp.exe
O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O16 — DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) — http://212.42.54.135:8008/activex/AMC.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Lavasoft Ad-Aware Service (aawservice) — Lavasoft — C:Program FilesLavasoftAd-Awareaawservice.exe
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) — Avira GmbH — C:Program FilesAntiVir PersonalEdition Classicsched.exe
O23 — Service: AntiVir PersonalEdition Classic Guard (AntiVirService) — Avira GmbH — C:Program FilesAntiVir PersonalEdition Classicavguard.exe
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: CSIScanner — Prevx — C:Program FilesPrevxprevx.exe
O23 — Service: iPod Service — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: PostgreSQL Database Server 8.2 (pgsql-8.2) — PostgreSQL Global Development Group — C:Program FilesPostgreSQL8.2binpg_ctl.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe—
End of file — 9279 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2006-01-12 63128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class — C:PROGRA~1FlashGetjccatch.dll [2006-05-16 81920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-07-10 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-07-10 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet Bar — C:PROGRA~1FlashGetfgiebar.dll [2005-06-07 86016]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2005-08-04 343112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NVMixerTray»=C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe [2004-06-03 131072]
«avgnt»=C:Program FilesAntiVir PersonalEdition Classicavgnt.exe [2008-07-18 266497]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-04-02 342312]
«Regedit32″=C:WINDOWSsystem32regedit.exe []
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-03-09 7561216]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Photo Downloader]
C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdVantage]
C:Program FilesAdVantageAdVantage.exe [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregISTray]
C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLogitech Utility]
C:WINDOWSLogi_MwX.Exe [2003-12-11 20992][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN MessengerMsnMsgr.Exe /background [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2006-03-09 7561216][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2006-03-09 86016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOctoshape Streaming Services]
C:Program FilesOctoshape Streaming ServicesUserOctoshapeClient.exe [2006-02-13 214648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPCSuiteTrayApplication]
C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE [2006-04-26 237568][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPcSync]
C:Program FilesNokiaNokia PC Suite 6PcSync2.exe [2006-04-11 1409024][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2009-01-05 413696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2007-03-30 25263144][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSteam]
[][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]
C:Program FilesJavajre6binjusched.exe [2009-07-10 148888][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed
Launch.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-23 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^User^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:PROGRA~1COMMON~1AdobeCALIBR~1ADOBEG~1.EXE [2005-03-16 113664][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{16664848-0E00-11D2-8059-000000000000}»= [][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FileseMuleeMule.exe»=»C:Program FileseMuleeMule.exe:*:Enabled:eMule Plus»
«C:Program FilesICQLiteICQLite.exe»=»C:Program FilesICQLiteICQLite.exe:*:Enabled:ICQ Lite»
«C:GamesWorld of WarcraftWoW-1.11.1.5462-to-1.11.2.5464-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-1.11.1.5462-to-1.11.2.5464-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesSteamSteamAppsfreewayseekercounter-strikehl.exe»=»C:ProgramFilesSteamSteamAppsfreewayseekercounter-strikehl.exe:*:Enabled:Half-Life Launcher»
«C:Program FilesICQIcq.exe»=»C:Program FilesICQIcq.exe:*:Enabled:ICQ»
«C:Program FilesOcean TechnologyGG E-Sports PlatformGGclient.exe»=»C:Program FilesOcean TechnologyGG E-Sports PlatformGGclient.exe:*:Enabled:GGE-Sports Platform Client»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«C:blitzkrieg2_demo_mp_ruMPDemobinGame.exe»=»C:blitzkrieg2_demo_mp_ruMPDemobinGame.exe:*:Enabled:Game»
«C:GamesSerious SamBinSeriousSam.exe»=»C:GamesSerious SamBinSeriousSam.exe:*:Enabled:SeriousSam»
«C:GamesWorld of WarcraftWoW-1.11.2.5464-to-1.12.0.5595-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-1.11.2.5464-to-1.12.0.5595-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Documents and SettingsUserDesktopEPL_Trailer_EG.avi-downloader.exe»=»C:Documents andSettingsUserDesktopEPL_Trailer_EG.avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftBackgroundDownloader.exe»=»C:GamesWorld of WarcraftBackgroundDownloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe»=»C:GamesWorld ofWarcraftWoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe»=»C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe:*:Enabled:MediaPlayer Classic»
«C:GamesStarcraftStarCraft.exe»=»C:GamesStarcraftStarCraft.exe:*:Enabled:Starcraft»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Gamesq2q2ace.exe»=»C:Gamesq2q2ace.exe:*:Enabled:q2ace»
«C:Program Filestotalcmdtotalcmd.exe»=»C:Program Filestotalcmdtotalcmd.exe:*:Enabled:Total Commander 32 bit international version, file managerreplacement for Windows»
«C:GamesHOMM3Heroes3.exe»=»C:GamesHOMM3Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:WINDOWSsystem32dplaysvr.exe»=»C:WINDOWSsystem32dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper»
«C:GamesHOMM3Heroes3Loader.exe»=»C:GamesHOMM3Heroes3Loader.exe:*:Enabled:Heroes of Might and Magic® III»
«C:GamesWorld of WarcraftWoW-2.0.3-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.3-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Documents and SettingsUserDesktopHellfire-Citadel_Final_EN_avi-downloader.exe»=»C:Documents andSettingsUserDesktopHellfire-Citadel_Final_EN_avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe»=»C:GamesWorld ofWarcraftWoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesRFOnlineRF.exe»=»C:GamesRFOnlineRF.exe:*:Enabled:RFLauncher»
«C:GamesRising_Force_OnlineRF.exe»=»C:GamesRising_Force_OnlineRF.exe:*:Enabled:RFLauncher»
«C:Documents and SettingsUserDesktopCrisisatdaportal_EG.avi-downloader.exe»=»C:Documents andSettingsUserDesktopCrisisatdaportal_EG.avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesICQLite6ICQ.exe»=»C:Program FilesICQLite6ICQ.exe:*:Enabled:ICQ6»
«C:Documents and SettingsUserDesktopwtvClient.exe»=»C:Documents and SettingsUserDesktopwtvClient.exe:*:Enabled:wtvClient»
«C:Program FilesOctoshape Streaming ServicesUserOctoshapeClient.exe»=»C:Program FilesOctoshape StreamingServicesUserOctoshapeClient.exe:*:Enabled:OctoshapeClient»
«C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100h3wog.exe»=»C:Documents and SettingsUserDesktopHeroes 3.5 on172.16.22.99 on 192.168.1.100h3wog.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100Heroes3.exe»=»C:Documents and SettingsUserDesktopHeroes 3.5 on172.16.22.99 on 192.168.1.100Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Documents and SettingsUserDesktopStarCraft on 172.16.22.99 on 192.168.1.100STARCRAFT.EXE»=»C:Documents and SettingsUserDesktopStarCraft on172.16.22.99 on 192.168.1.100STARCRAFT.EXE:*:Enabled:Starcraft»
«C:Program FilesInternet ExplorerIEXPLORE.EXE»=»C:Program FilesInternet ExplorerIEXPLORE.EXE:*:Enabled:Internet Explorer»
«C:Program FilesPPLivePPLive.exe»=»C:Program FilesPPLivePPLive.exe:*:Enabled:PPLive»
«C:GamesNFSspeed.exe»=»C:GamesNFSspeed.exe:*:Enabled:speed»
«C:downloadWorms World PartyWWPwwp.exe»=»C:downloadWorms World PartyWWPwwp.exe:*:Enabled:Worms World Party»
«C:GamesTzar — BoCTzar.exe»=»C:GamesTzar — BoCTzar.exe:*:Enabled:Tzar»
«C:Documents and SettingsUserDesktopStarCraftstarcraft.exe»=»C:Documents and SettingsUserDesktopStarCraftstarcraft.exe:*:Enabled:Starcraft»
«C:Documents and SettingsUserDesktopGTA2gta2.exe»=»C:Documents and SettingsUserDesktopGTA2gta2.exe:*:Enabled:GTA2 main executable»
«C:Documents and SettingsUserDesktopq2q2ace.exe»=»C:Documents and SettingsUserDesktopq2q2ace.exe:*:Enabled:q2ace»
«C:GamesRed Oodyssey.exe»=»C:GamesRed Oodyssey.exe:*:Enabled:odyssey»
«C:GamesBattle Zonebzone.exe»=»C:GamesBattle Zonebzone.exe:*:Enabled:bzone»
«C:GamesWorld of WarcraftWoW-2.3.0-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.3.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQLICQ6ICQ.exe»=»C:Program FilesICQLICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Documents and SettingsUserDesktopWotLK-FF-enGB-downloader.exe»=»C:Documents and SettingsUserDesktopWotLK-FF-enGB-downloader.exe:*:Enabled:BlizzardDownloader»
«C:Program FilesTeamViewer3TeamViewer.exe»=»C:Program FilesTeamViewer3TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application»
«C:Allods 2allods2.exe»=»C:Allods 2allods2.exe:*:Enabled:allods2»
«C:Gamesq2quake2.exe»=»C:Gamesq2quake2.exe:*:Enabled:quake2»
«C:Downloadswotlk-intro_en_us-downloader.exe»=»C:Downloadswotlk-intro_en_us-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Gamesw3xpwtvClient.exe»=»C:Gamesw3xpwtvClient.exe:*:Enabled:wtvClient»
«C:GamesNeed for Speed Most Wantedspeed.exe»=»C:GamesNeed for Speed Most Wantedspeed.exe:*:Enabled:speed»
«C:Program FilesVentriloVentrilo.exe»=»C:Program FilesVentriloVentrilo.exe:*:Enabled:Ventrilo.exe»
«C:Gamesw3xpWarcraft III.exe»=»C:Gamesw3xpWarcraft III.exe:*:Enabled:Warcraft III»
«C:Documents and SettingsUserLocal SettingsTempBlizzard Launcher Temporary — 20b17220Launcher.exe»=»C:Documents and SettingsUserLocalSettingsTempBlizzard Launcher Temporary — 20b17220Launcher.exe:*:Enabled:Blizzard Launcher»
«C:Gamesw3xpWarcraft IIIWarcraft III.exe»=»C:Gamesw3xpWarcraft IIIWarcraft III.exe:*:Enabled:Warcraft III»
«C:Program FilesB2BPOKERPointPokerjrebinjavaw.exe»=»C:Program FilesB2BPOKERPointPokerjrebinjavaw.exe:*:Enabled:Java(TM) 2 Platform StandardEdition binary»
«C:Program FilesTVAntsTvants.exe»=»C:Program FilesTVAntsTvants.exe:*:Enabled:TVAnts»
«C:Documents and SettingsUserDesktopStarCraft2CinematicTrailer_EnglishUS-avi-downloader.exe»=»C:Documents andSettingsUserDesktopStarCraft2CinematicTrailer_EnglishUS-avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesGarenaGarena.exe»=»C:Program FilesGarenaGarena.exe:*:Enabled:Garena»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:GamesWorld of WarcraftLauncher.exe»=»C:GamesWorld of WarcraftLauncher.exe:*:Enabled:Blizzard Launcher»
«C:Documents and SettingsUserDesktopSC2-battlereport-2_ESRB-downloader.exe»=»C:Documents andSettingsUserDesktopSC2-battlereport-2_ESRB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWarcraft II BNEWarcraft II BNE.exe»=»C:GamesWarcraft II BNEWarcraft II BNE.exe:*:Enabled:Warcraft II Battle.net Edition»
«C:GamesH3Heroes3.exe»=»C:GamesH3Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-07-15 02:39:05 —-D—- C:_OTM
2009-07-14 04:07:12 —-D—- C:Program FilesMozilla Firefox
2009-07-11 17:08:18 —-D—- C:Program Filestrend micro
2009-07-11 17:08:17 —-D—- C:rsit
2009-07-11 16:38:00 —-D—- C:Program FilesPrevx
2009-07-11 16:37:56 —-D—- C:Documents and SettingsAll UsersApplication DataPrevxCSI
2009-07-11 16:37:56 —-A—- C:WINDOWSwininit.ini
2009-07-10 22:57:12 —-D—- C:WINDOWSSun
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32javaws.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32javaw.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32java.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32deploytk.dll
2009-07-10 22:55:10 —-D—- C:Program FilesJava
2009-07-10 22:54:45 —-D—- C:Documents and SettingsUserApplication DataSun
2009-07-07 15:33:38 —-A—- C:WINDOWSsystem32ieencode.dll======List of files/folders modified in the last 1 months======
2009-07-15 03:00:32 —-D—- C:WINDOWSPrefetch
2009-07-15 03:00:29 —-D—- C:WINDOWSsystem32CatRoot2
2009-07-15 03:00:11 —-D—- C:WINDOWSTemp
2009-07-15 02:58:49 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-07-15 02:58:28 —-D—- C:WINDOWSsystem32drivers
2009-07-15 02:56:59 —-A—- C:WINDOWSSchedLgU.Txt
2009-07-15 02:44:53 —-D—- C:WINDOWSsystem32
2009-07-15 02:44:52 —-D—- C:WINDOWS
2009-07-15 02:38:19 —-D—- C:Program FilesFlashGet
2009-07-14 19:54:36 —-A—- C:WINDOWSWINCMD.INI
2009-07-14 15:07:23 —-D—- C:Program FilesSpyware Doctor
2009-07-14 04:07:41 —-D—- C:Documents and SettingsUserApplication DataMozilla
2009-07-14 04:07:12 —-RD—- C:Program Files
2009-07-14 03:28:59 —-D—- C:Program FilesAntiVir PersonalEdition Classic
2009-07-14 03:19:51 —-D—- C:Documents and SettingsAll UsersApplication DataAntiVir PersonalEdition Classic
2009-07-13 23:31:12 —-D—- C:Downloads
2009-07-13 04:03:20 —-D—- C:WoW
2009-07-11 16:49:35 —-SH—- C:boot.ini
2009-07-11 16:49:35 —-A—- C:WINDOWSwin.ini
2009-07-11 16:49:35 —-A—- C:WINDOWSsystem.ini
2009-07-11 16:49:13 —-D—- C:WINDOWSpss
2009-07-11 16:40:17 —-D—- C:WINDOWSpchealth
2009-07-11 05:41:33 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-07-10 22:55:47 —-SHD—- C:WINDOWSInstaller
2009-07-10 20:33:30 —-D—- C:Program FilesTowerGaming
2009-07-09 18:14:48 —-D—- C:Program FilesPartyGaming
2009-07-07 16:24:07 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-07-07 16:24:07 —-D—- C:WINDOWSsystem32en-US
2009-07-07 16:24:07 —-D—- C:WINDOWSMedia
2009-07-07 16:24:06 —-HD—- C:WINDOWSinf
2009-07-07 16:24:06 —-D—- C:WINDOWSHelp
2009-07-07 16:24:06 —-D—- C:Program FilesInternet Explorer
2009-07-05 03:43:01 —-D—- C:Program FilesmIRC
2009-07-03 22:03:50 —-D—- C:Program FilesGarena
2009-07-03 15:54:27 —-D—- C:Program FileseMule
2009-06-17 23:35:22 —-D—- C:Program FilesFraps======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:WINDOWSsystem32DRIVERSamdk7.sys [2008-04-13 37760]
R1 avgio;avgio; ??C:Program FilesAntiVir PersonalEdition Classicavgio.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:WINDOWSSystem32driversws2ifsl.sys [2003-10-13 12032]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:WINDOWSsystem32DRIVERSnwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:WINDOWSsystem32DRIVERSnwlnknb.sys [2003-10-13 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:WINDOWSsystem32DRIVERSnwlnkspx.sys [2003-10-13 55936]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; ??C:Program FilesAntiVir PersonalEdition Classicavgntflt.sys []
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2006-07-19 223128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-03-19 23400]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLHidFlt2.Sys [2003-12-11 25630]
R3 LHidUsb;Logitech USB Receiver device driver; C:WINDOWSSystem32DriversLHidUsb.Sys [2003-12-11 37916]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:WINDOWSsystem32DRIVERSLMouFlt2.Sys [2003-12-11 70894]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-03-09 3650368]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:WINDOWSsystem32driversnvax.sys [2004-05-25 48640]
R3 NVENET;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENET.sys [2004-01-29 93764]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:WINDOWSsystem32driversnvapu.sys [2004-05-25 396032]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-12-18 10368]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 CCRFG;CCRFG; ??C:WINDOWSsystem32CCRFG.SYS []
S3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:WINDOWSsystem32DRIVERSL8042pr2.Sys [2003-12-11 51582]
S3 Nokia USB Generic;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2006-03-24 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2006-03-24 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2006-03-24 127488]
S3 Nokia USB Port;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2006-03-24 13312]
S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:WINDOWSsystem32DRIVERSrtl8185.sys [2007-07-18 306688]
S3 sermouse;Serial Mouse Driver; C:WINDOWSsystem32DRIVERSsermouse.sys [2003-10-13 17664]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSss_bus.sys [2005-01-24 52384]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:WINDOWSsystem32DRIVERSss_mdfl.sys [2005-01-24 6064]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:WINDOWSsystem32DRIVERSss_mdm.sys [2005-01-24 84512]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:WINDOWSSystem32Driverswpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:Program FilesLavasoftAd-Awareaawservice.exe [2008-07-07 611664]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:Program FilesAntiVir PersonalEdition Classicsched.exe [2008-10-29 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:Program FilesAntiVir PersonalEdition Classicavguard.exe [2008-10-29 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-26 132424]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 CSIScanner;CSIScanner; C:Program FilesPrevxprevx.exe [2009-07-11 4368952]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-07-10 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-03-09 143436]
R2 pgsql-8.2;PostgreSQL Database Server 8.2; C:Program FilesPostgreSQL8.2binpg_ctl.exe [2008-01-04 79948]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:Program FilesiPodbiniPodService.exe [2009-04-02 656168]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2006-08-18 72704]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-04-1368952]
S3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-04-12 176640]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-10-18 913408]
EOF
log.txt
Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-07-11 17:08:17
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (2%) free of 114 GB
Total RAM: 1023 MB (53% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:08:26, on 11/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLavasoftAd-Awareaawservice.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe
C:Program FilesAntiVir PersonalEdition Classicavgnt.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesICQ6.5ICQ.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAntiVir PersonalEdition Classicsched.exe
C:Program FilesAntiVir PersonalEdition Classicavguard.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesPrevxprevx.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesPostgreSQL8.2binpg_ctl.exe
C:Program FilesPrevxprevx.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:Program FilesPostgreSQL8.2binpostgres.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:PROGRA~1FlashGetflashget.exe
C:Documents and SettingsUserDesktopRSIT.exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program Filestrend microUser.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.com/search/search_frame.php
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 62.23.83.110:80
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O1 — Hosts: ::1 localhost
O1 — Hosts: 94.232.248.66 browser-security.microsoft.com
O1 — Hosts: 94.232.248.66 antivguardian.com
O1 — Hosts: 94.232.248.66 http://www.antivguardian.com
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: IeCatch5 Class — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 — HKLM..Run: [NVMixerTray] «C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe»
O4 — HKLM..Run: [avgnt] «C:Program FilesAntiVir PersonalEdition Classicavgnt.exe» /min
O4 — HKLM..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [Regedit32] C:WINDOWSsystem32regedit.exe
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [LocalService] C:Documents and SettingsLocalServiceLocalService.exe /i (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-21-789336058-1844823847-725345543-1004..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘postgres’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: rncsys32.exe
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:PROGRA~1FlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:PROGRA~1FlashGetjc_link.htm
O9 — Extra button: PartyGammon.com — {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} — C:Program FilesPartyGamingPartyGammonRunBackGammon.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyGammon.com — {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} — C:Program FilesPartyGamingPartyGammonRunBackGammon.exe (file missing)
O9 — Extra button: ICQ Pro — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra button: (no name) — {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} — (no file)
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:Program FilesPartyGamingPartyPokerRunApp.exe
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:Program FilesPartyGamingPartyPokerRunApp.exe
O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O16 — DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) — http://212.42.54.135:8008/activex/AMC.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Lavasoft Ad-Aware Service (aawservice) — Lavasoft — C:Program FilesLavasoftAd-Awareaawservice.exe
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) — Avira GmbH — C:Program FilesAntiVir PersonalEdition Classicsched.exe
O23 — Service: AntiVir PersonalEdition Classic Guard (AntiVirService) — Avira GmbH — C:Program FilesAntiVir PersonalEdition Classicavguard.exe
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: CSIScanner — Prevx — C:Program FilesPrevxprevx.exe
O23 — Service: iPod Service — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: PostgreSQL Database Server 8.2 (pgsql-8.2) — PostgreSQL Global Development Group — C:Program FilesPostgreSQL8.2binpg_ctl.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe—
End of file — 9510 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2006-01-12 63128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class — C:PROGRA~1FlashGetjccatch.dll [2006-05-16 81920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-07-10 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-07-10 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet Bar — C:PROGRA~1FlashGetfgiebar.dll [2005-06-07 86016]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2005-08-04 343112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NVMixerTray»=C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe [2004-06-03 131072]
«avgnt»=C:Program FilesAntiVir PersonalEdition Classicavgnt.exe [2008-07-18 266497]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-04-02 342312]
«Regedit32″=C:WINDOWSsystem32regedit.exe []
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-03-09 7561216]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Photo Downloader]
C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdVantage]
C:Program FilesAdVantageAdVantage.exe [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregISTray]
C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLogitech Utility]
C:WINDOWSLogi_MwX.Exe [2003-12-11 20992][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN MessengerMsnMsgr.Exe /background [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2006-03-09 7561216][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2006-03-09 86016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOctoshape Streaming Services]
C:Program FilesOctoshape Streaming ServicesUserOctoshapeClient.exe [2006-02-13 214648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPCSuiteTrayApplication]
C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE [2006-04-26 237568][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPcSync]
C:Program FilesNokiaNokia PC Suite 6PcSync2.exe [2006-04-11 1409024][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2009-01-05 413696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2007-03-30 25263144][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSteam]
[][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]
C:Program FilesJavajre6binjusched.exe [2009-07-10 148888][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregUser]
C:Documents and SettingsUserUser.exe [2009-07-10 40448][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-23 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^User^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:PROGRA~1COMMON~1AdobeCALIBR~1ADOBEG~1.EXE [2005-03-16 113664][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^User^Start Menu^Programs^Startup^rncsys32.exe]
C:Documents and SettingsUserStart MenuProgramsStartuprncsys32.exe [2008-04-14 20992]C:Documents and SettingsUserStart MenuProgramsStartup
rncsys32.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{16664848-0E00-11D2-8059-000000000000}»= [][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FileseMuleeMule.exe»=»C:Program FileseMuleeMule.exe:*:Enabled:eMule Plus»
«C:Program FilesICQLiteICQLite.exe»=»C:Program FilesICQLiteICQLite.exe:*:Enabled:ICQ Lite»
«C:GamesWorld of WarcraftWoW-1.11.1.5462-to-1.11.2.5464-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-1.11.1.5462-to-1.11.2.5464-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesSteamSteamAppsfreewayseekercounter-strikehl.exe»=»C:Program FilesSteamSteamAppsfreewayseekercounter-strikehl.exe:*:Enabled:Half-Life Launcher»
«C:Program FilesICQIcq.exe»=»C:Program FilesICQIcq.exe:*:Enabled:ICQ»
«C:Program FilesOcean TechnologyGG E-Sports PlatformGGclient.exe»=»C:Program FilesOcean TechnologyGG E-Sports PlatformGGclient.exe:*:Enabled:GG E-Sports Platform Client»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«C:blitzkrieg2_demo_mp_ruMPDemobinGame.exe»=»C:blitzkrieg2_demo_mp_ruMPDemobinGame.exe:*:Enabled:Game»
«C:GamesSerious SamBinSeriousSam.exe»=»C:GamesSerious SamBinSeriousSam.exe:*:Enabled:SeriousSam»
«C:GamesWorld of WarcraftWoW-1.11.2.5464-to-1.12.0.5595-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-1.11.2.5464-to-1.12.0.5595-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Documents and SettingsUserDesktopEPL_Trailer_EG.avi-downloader.exe»=»C:Documents and SettingsUserDesktopEPL_Trailer_EG.avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftBackgroundDownloader.exe»=»C:GamesWorld of WarcraftBackgroundDownloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe»=»C:GamesWorld of WarcraftWoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe»=»C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe:*:Enabled:Media Player Classic»
«C:GamesStarcraftStarCraft.exe»=»C:GamesStarcraftStarCraft.exe:*:Enabled:Starcraft»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Gamesq2q2ace.exe»=»C:Gamesq2q2ace.exe:*:Enabled:q2ace»
«C:Program Filestotalcmdtotalcmd.exe»=»C:Program Filestotalcmdtotalcmd.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows»
«C:GamesHOMM3Heroes3.exe»=»C:GamesHOMM3Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:WINDOWSsystem32dplaysvr.exe»=»C:WINDOWSsystem32dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper»
«C:GamesHOMM3Heroes3Loader.exe»=»C:GamesHOMM3Heroes3Loader.exe:*:Enabled:Heroes of Might and Magic® III»
«C:GamesWorld of WarcraftWoW-2.0.3-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.3-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Documents and SettingsUserDesktopHellfire-Citadel_Final_EN_avi-downloader.exe»=»C:Documents and SettingsUserDesktopHellfire-Citadel_Final_EN_avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWorld of WarcraftWoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesRFOnlineRF.exe»=»C:GamesRFOnlineRF.exe:*:Enabled:RFLauncher»
«C:GamesRising_Force_OnlineRF.exe»=»C:GamesRising_Force_OnlineRF.exe:*:Enabled:RFLauncher»
«C:Documents and SettingsUserDesktopCrisisatdaportal_EG.avi-downloader.exe»=»C:Documents and SettingsUserDesktopCrisisatdaportal_EG.avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesICQLite6ICQ.exe»=»C:Program FilesICQLite6ICQ.exe:*:Enabled:ICQ6»
«C:Documents and SettingsUserDesktopwtvClient.exe»=»C:Documents and SettingsUserDesktopwtvClient.exe:*:Enabled:wtvClient»
«C:Program FilesOctoshape Streaming ServicesUserOctoshapeClient.exe»=»C:Program FilesOctoshape Streaming ServicesUserOctoshapeClient.exe:*:Enabled:OctoshapeClient»
«C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100h3wog.exe»=»C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100h3wog.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100Heroes3.exe»=»C:Documents and SettingsUserDesktopHeroes 3.5 on 172.16.22.99 on 192.168.1.100Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Documents and SettingsUserDesktopStarCraft on 172.16.22.99 on 192.168.1.100STARCRAFT.EXE»=»C:Documents and SettingsUserDesktopStarCraft on 172.16.22.99 on 192.168.1.100STARCRAFT.EXE:*:Enabled:Starcraft»
«C:Program FilesInternet ExplorerIEXPLORE.EXE»=»C:Program FilesInternet ExplorerIEXPLORE.EXE:*:Enabled:Internet Explorer»
«C:Program FilesPPLivePPLive.exe»=»C:Program FilesPPLivePPLive.exe:*:Enabled:PPLive»
«C:GamesNFSspeed.exe»=»C:GamesNFSspeed.exe:*:Enabled:speed»
«C:downloadWorms World PartyWWPwwp.exe»=»C:downloadWorms World PartyWWPwwp.exe:*:Enabled:Worms World Party»
«C:GamesTzar — BoCTzar.exe»=»C:GamesTzar — BoCTzar.exe:*:Enabled:Tzar»
«C:Documents and SettingsUserDesktopStarCraftstarcraft.exe»=»C:Documents and SettingsUserDesktopStarCraftstarcraft.exe:*:Enabled:Starcraft»
«C:Documents and SettingsUserDesktopGTA2gta2.exe»=»C:Documents and SettingsUserDesktopGTA2gta2.exe:*:Enabled:GTA2 main executable»
«C:Documents and SettingsUserDesktopq2q2ace.exe»=»C:Documents and SettingsUserDesktopq2q2ace.exe:*:Enabled:q2ace»
«C:GamesRed Oodyssey.exe»=»C:GamesRed Oodyssey.exe:*:Enabled:odyssey»
«C:GamesBattle Zonebzone.exe»=»C:GamesBattle Zonebzone.exe:*:Enabled:bzone»
«C:GamesWorld of WarcraftWoW-2.3.0-enGB-downloader.exe»=»C:GamesWorld of WarcraftWoW-2.3.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQLICQ6ICQ.exe»=»C:Program FilesICQLICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Documents and SettingsUserDesktopWotLK-FF-enGB-downloader.exe»=»C:Documents and SettingsUserDesktopWotLK-FF-enGB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesTeamViewer3TeamViewer.exe»=»C:Program FilesTeamViewer3TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application»
«C:Allods 2allods2.exe»=»C:Allods 2allods2.exe:*:Enabled:allods2»
«C:Gamesq2quake2.exe»=»C:Gamesq2quake2.exe:*:Enabled:quake2»
«C:Downloadswotlk-intro_en_us-downloader.exe»=»C:Downloadswotlk-intro_en_us-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Gamesw3xpwtvClient.exe»=»C:Gamesw3xpwtvClient.exe:*:Enabled:wtvClient»
«C:GamesNeed for Speed Most Wantedspeed.exe»=»C:GamesNeed for Speed Most Wantedspeed.exe:*:Enabled:speed»
«C:Program FilesVentriloVentrilo.exe»=»C:Program FilesVentriloVentrilo.exe:*:Enabled:Ventrilo.exe»
«C:Gamesw3xpWarcraft III.exe»=»C:Gamesw3xpWarcraft III.exe:*:Enabled:Warcraft III»
«C:Documents and SettingsUserLocal SettingsTempBlizzard Launcher Temporary — 20b17220Launcher.exe»=»C:Documents and SettingsUserLocal SettingsTempBlizzard Launcher Temporary — 20b17220Launcher.exe:*:Enabled:Blizzard Launcher»
«C:Gamesw3xpWarcraft IIIWarcraft III.exe»=»C:Gamesw3xpWarcraft IIIWarcraft III.exe:*:Enabled:Warcraft III»
«C:Program FilesB2BPOKERPointPokerjrebinjavaw.exe»=»C:Program FilesB2BPOKERPointPokerjrebinjavaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary»
«C:Program FilesTVAntsTvants.exe»=»C:Program FilesTVAntsTvants.exe:*:Enabled:TVAnts»
«C:Documents and SettingsUserDesktopStarCraft2CinematicTrailer_EnglishUS-avi-downloader.exe»=»C:Documents and SettingsUserDesktopStarCraft2CinematicTrailer_EnglishUS-avi-downloader.exe:*:Enabled:Blizzard Downloader»
«C:Program FilesGarenaGarena.exe»=»C:Program FilesGarenaGarena.exe:*:Enabled:Garena»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:GamesWorld of WarcraftLauncher.exe»=»C:GamesWorld of WarcraftLauncher.exe:*:Enabled:Blizzard Launcher»
«C:Documents and SettingsUserDesktopSC2-battlereport-2_ESRB-downloader.exe»=»C:Documents and SettingsUserDesktopSC2-battlereport-2_ESRB-downloader.exe:*:Enabled:Blizzard Downloader»
«C:GamesWarcraft II BNEWarcraft II BNE.exe»=»C:GamesWarcraft II BNEWarcraft II BNE.exe:*:Enabled:Warcraft II Battle.net Edition»
«C:GamesH3Heroes3.exe»=»C:GamesH3Heroes3.exe:*:Enabled:Heroes of Might and Magic® III»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-07-11 17:08:18 —-D—- C:Program Filestrend micro
2009-07-11 17:08:17 —-D—- C:rsit
2009-07-11 16:38:00 —-D—- C:Program FilesPrevx
2009-07-11 16:37:56 —-D—- C:Documents and SettingsAll UsersApplication DataPrevxCSI
2009-07-11 16:37:56 —-A—- C:WINDOWSwininit.ini
2009-07-10 22:57:12 —-D—- C:WINDOWSSun
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32javaws.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32javaw.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32java.exe
2009-07-10 22:55:37 —-A—- C:WINDOWSsystem32deploytk.dll
2009-07-10 22:55:10 —-D—- C:Program FilesJava
2009-07-10 22:54:45 —-D—- C:Documents and SettingsUserApplication DataSun
2009-07-07 15:33:38 —-A—- C:WINDOWSsystem32ieencode.dll
2009-06-13 14:24:12 —-HDC—- C:WINDOWS$NtUninstallKB961501$
2009-06-13 14:23:57 —-HDC—- C:WINDOWS$NtUninstallKB969898$======List of files/folders modified in the last 1 months======
2009-07-11 17:08:18 —-RD—- C:Program Files
2009-07-11 17:07:24 —-D—- C:Program FilesFlashGet
2009-07-11 16:57:31 —-D—- C:WINDOWSTemp
2009-07-11 16:57:28 —-D—- C:WINDOWSsystem32drivers
2009-07-11 16:57:23 —-D—- C:WINDOWSsystem32CatRoot2
2009-07-11 16:52:00 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-07-11 16:49:35 —-SH—- C:boot.ini
2009-07-11 16:49:35 —-A—- C:WINDOWSwin.ini
2009-07-11 16:49:35 —-A—- C:WINDOWSsystem.ini
2009-07-11 16:49:13 —-D—- C:WINDOWSpss
2009-07-11 16:40:17 —-D—- C:WINDOWSpchealth
2009-07-11 16:37:56 —-D—- C:WINDOWS
2009-07-11 16:29:10 —-D—- C:WINDOWSPrefetch
2009-07-11 06:08:07 —-A—- C:WINDOWSSchedLgU.Txt
2009-07-11 06:06:55 —-A—- C:WINDOWSWINCMD.INI
2009-07-11 05:41:33 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-07-11 03:41:12 —-D—- C:Program FilesAntiVir PersonalEdition Classic
2009-07-11 03:28:20 —-D—- C:Documents and SettingsAll UsersApplication DataAntiVir PersonalEdition Classic
2009-07-10 22:55:47 —-SHD—- C:WINDOWSInstaller
2009-07-10 22:55:37 —-D—- C:WINDOWSsystem32
2009-07-10 20:33:30 —-D—- C:Program FilesTowerGaming
2009-07-09 18:14:48 —-D—- C:Program FilesPartyGaming
2009-07-07 16:24:07 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-07-07 16:24:07 —-D—- C:WINDOWSsystem32en-US
2009-07-07 16:24:07 —-D—- C:WINDOWSMedia
2009-07-07 16:24:06 —-HD—- C:WINDOWSinf
2009-07-07 16:24:06 —-D—- C:WINDOWSHelp
2009-07-07 16:24:06 —-D—- C:Program FilesInternet Explorer
2009-07-05 03:43:01 —-D—- C:Program FilesmIRC
2009-07-03 22:03:50 —-D—- C:Program FilesGarena
2009-07-03 15:54:27 —-D—- C:Program FileseMule
2009-07-03 15:54:27 —-D—- C:Downloads
2009-06-17 23:35:22 —-D—- C:Program FilesFraps
2009-06-13 14:24:07 —-A—- C:WINDOWSimsins.BAK
2009-06-13 14:23:40 —-HD—- C:WINDOWS$hf_mig$======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:WINDOWSsystem32DRIVERSamdk7.sys [2008-04-13 37760]
R1 avgio;avgio; ??C:Program FilesAntiVir PersonalEdition Classicavgio.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:WINDOWSSystem32driversws2ifsl.sys [2003-10-13 12032]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:WINDOWSsystem32DRIVERSnwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:WINDOWSsystem32DRIVERSnwlnknb.sys [2003-10-13 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:WINDOWSsystem32DRIVERSnwlnkspx.sys [2003-10-13 55936]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; ??C:Program FilesAntiVir PersonalEdition Classicavgntflt.sys []
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2006-07-19 223128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-03-19 23400]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLHidFlt2.Sys [2003-12-11 25630]
R3 LHidUsb;Logitech USB Receiver device driver; C:WINDOWSSystem32DriversLHidUsb.Sys [2003-12-11 37916]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:WINDOWSsystem32DRIVERSLMouFlt2.Sys [2003-12-11 70894]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-03-09 3650368]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:WINDOWSsystem32driversnvax.sys [2004-05-25 48640]
R3 NVENET;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENET.sys [2004-01-29 93764]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:WINDOWSsystem32driversnvapu.sys [2004-05-25 396032]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-12-18 10368]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
S2 acpi32;acpi32; ??C:WINDOWSsystem32driversacpi32.sys []
S2 amd64si;amd64si; ??C:WINDOWSsystem32driversamd64si.sys []
S2 ati64si;ati64si; ??C:WINDOWSsystem32driversati64si.sys []
S2 fips32cup;fips32cup; ??C:WINDOWSsystem32driversfips32cup.sys []
S2 i386si;i386si; ??C:WINDOWSsystem32driversi386si.sys []
S2 ksi32sk;ksi32sk; ??C:WINDOWSsystem32driversksi32sk.sys []
S2 netsik;netsik; ??C:WINDOWSsystem32driversnetsik.sys []
S2 nicsk32;nicsk32; ??C:WINDOWSsystem32driversnicsk32.sys []
S2 port135sik;port135sik; ??C:WINDOWSsystem32driversport135sik.sys []
S2 securentm;securentm; ??C:WINDOWSsystem32driverssecurentm.sys []
S2 systemntmi;systemntmi; ??C:WINDOWSsystem32driverssystemntmi.sys []
S2 ws2_32sik;ws2_32sik; ??C:WINDOWSsystem32driversws2_32sik.sys []
S3 CCRFG;CCRFG; ??C:WINDOWSsystem32CCRFG.SYS []
S3 jnv4_mib;jnv4_mib; ??C:DOCUME~1UserLOCALS~1Tempjnv4_mib.sys []
S3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:WINDOWSsystem32DRIVERSL8042pr2.Sys [2003-12-11 51582]
S3 Nokia USB Generic;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2006-03-24 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2006-03-24 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2006-03-24 127488]
S3 Nokia USB Port;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2006-03-24 13312]
S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:WINDOWSsystem32DRIVERSrtl8185.sys [2007-07-18 306688]
S3 sermouse;Serial Mouse Driver; C:WINDOWSsystem32DRIVERSsermouse.sys [2003-10-13 17664]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSss_bus.sys [2005-01-24 52384]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:WINDOWSsystem32DRIVERSss_mdfl.sys [2005-01-24 6064]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:WINDOWSsystem32DRIVERSss_mdm.sys [2005-01-24 84512]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:WINDOWSSystem32Driverswpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:Program FilesLavasoftAd-Awareaawservice.exe [2008-07-07 611664]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:Program FilesAntiVir PersonalEdition Classicsched.exe [2008-10-29 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:Program FilesAntiVir PersonalEdition Classicavguard.exe [2008-10-29 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-26 132424]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 CSIScanner;CSIScanner; C:Program FilesPrevxprevx.exe [2009-07-11 4368952]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-07-10 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-03-09 143436]
R2 pgsql-8.2;PostgreSQL Database Server 8.2; C:Program FilesPostgreSQL8.2binpg_ctl.exe [2008-01-04 79948]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:Program FilesiPodbiniPodService.exe [2009-04-02 656168]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2006-08-18 72704]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-04-13 68952]
S3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-04-12 176640]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-10-18 913408]
EOF
