Thread: Infected with Bagel Virus, Trojan Downloader, etc
View Single Post
Old 11-07-2008, 07:54 AM   #1 (permalink)
mokkori
Registered User
 
Join Date: Nov 2008
Posts: 12
OS: xp


Infected with Bagel Virus, Trojan Downloader, etc
All antivirus and malware removal tools are disabled on my computer, they wont execute. I cannot startup in safemode at all. My computer seems to be running very hot as if something is running in the background, and issues occur like losing my computers sound, random shutdowns, disabled messenger, etc.

Panda Online Scan found several issues such as Bagle Win32 Worm, Trojan Downloader, Trojan Sniper, etc. No removals or scans work and Im out of options.

Ive followed all of the advise, I think, and here are my logs:

Logfile of random's system information tool 1.04 (written by random/random)
Run by billy crystal at 2007-03-11 01:56:20
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 17 GB (25%) free of 66 GB
Total RAM: 959 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:56:29 AM, on 3/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Allume\StuffIt\MXTask.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\Allume\StuffIt\mxtask.exe
C:\WINDOWS\hostsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\NOTEPAD.EXE
C:\WINDOWS\System32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\billy crystal\Desktop\RSIT.exe
C:\Program Files\trend micro\billy crystal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cier] %WINDIR%\system32\Cier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: &Lookup in Bookshelf - res://C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\bsdef.dll/#1001
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm
O8 - Extra context menu item: Download linked FLV with GetFLV - C:\Program Files\GetFLV\iemenu\DownloadLinkFLV.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q306&bd=pavilion&pf=laptop
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StuffIt Task Manager - Allume Systems, Inc. - C:\PROGRA~1\Allume\StuffIt\MXTask.exe

--
End of file - 8548 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2007-07-29 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2007-07-29 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2007-07-29 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-01-23 692224]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-04-18 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-23 692224]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2006-01-26 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-21 7561216]
""= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-10-25 282624]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-23 131072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Cier"=C:\WINDOWS\system32\Cier.exe [2007-05-09 57344]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2007-07-29 136600]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-03-03 185872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2007-07-26 1209584]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 21755688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Pavilion Webcam Tray Icon.lnk]
C:\PROGRA~1\HEWLET~1\HPPAVI~1\tsnp2std.exe [2006-03-30 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MiniEYE-MiniREAD Launch.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickShelf.lnk]
C:\PROGRA~1\MICROS~4\MICROS~1.0\qshelf.exe [2000-12-20 36911]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^billy crystal^Start Menu^Programs^StartUp^Adobe Gamma.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3
"usnsvc"=3
"LiveUpdate"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db044ef3-c515-11dc-8ecf-e420063e8ed2}]
shell\AutoRun\command - G:\nideiect.com
shell\explore\command - G:\nideiect.com
shell\open\command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e564bc56-5682-11dc-8ebf-9800260cc1dd}]
shell\AutoRun\command - F:\nideiect.com
shell\explore\command - F:\nideiect.com
shell\open\command - F:\nideiect.com


======File associations======

.js - edit -
.js - open - "H:\Adobe Creative Suite 3 Web Premium Crack\MAGNiTUDE\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.reg - edit -
.reg - open - C:\I386\REGEDIT.EXE %1

======List of files/folders created in the last 1 months======

2007-11-02 11:29:31 ----A---- C:\WINDOWS\system32\zlib.dll
2007-11-02 11:29:17 ----HD---- C:\WINDOWS\Modules
2007-11-01 21:25:42 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2007-11-01 21:11:27 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2007-11-01 21:11:27 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2007-11-01 21:01:43 ----D---- C:\Program Files\Bonjour
2007-11-01 20:54:42 ----D---- C:\Program Files\Common Files\Macrovision Shared
2007-11-01 01:13:13 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-10-02 16:51:26 ----D---- C:\Documents and Settings\billy crystal\Application Data\DivX
2007-09-30 03:19:49 ----A---- C:\WINDOWS\system32\pxafs.dll
2007-09-30 03:19:10 ----D---- C:\Program Files\DivX
2007-09-21 13:55:22 ----A---- C:\WINDOWS\Neuro.ini
2007-09-21 13:55:19 ----D---- C:\Program Files\Common Files\Asymetrix
2007-09-21 13:55:01 ----A---- C:\WINDOWS\uninst.exe
2007-09-17 10:23:00 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2007-09-17 10:23:00 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2007-09-17 10:22:58 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2007-09-17 10:22:58 ----A---- C:\WINDOWS\system32\DivX.dll
2007-09-11 15:14:30 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-20 16:26:52 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest
2007-08-20 16:26:52 ----A---- C:\WINDOWS\system32\dtu100.dll
2007-08-20 16:26:52 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest
2007-08-20 16:26:52 ----A---- C:\WINDOWS\system32\dpl100.dll
2007-08-15 14:33:18 ----A---- C:\WINDOWS\system32\DivXsm.exe
2007-08-15 14:33:14 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2007-08-15 14:33:06 ----A---- C:\WINDOWS\system32\ssldivx.dll
2007-08-15 14:33:06 ----A---- C:\WINDOWS\system32\libdivx.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpv11.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpus11.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpuGUI10.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpu11.dll
2007-08-15 14:31:00 ----A---- C:\WINDOWS\system32\dpu10.dll
2007-08-15 14:30:26 ----A---- C:\WINDOWS\system32\DivXWMPExtType.dll
2007-07-30 23:12:37 ----A---- C:\fuckinB.EXE
2007-07-29 01:37:56 ----A---- C:\WINDOWS\system32\locate.com
2007-07-29 01:36:15 ----D---- C:\MGtools
2007-07-29 01:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-07-29 01:26:16 ----A---- C:\WINDOWS\system32\javaws.exe
2007-07-29 01:26:16 ----A---- C:\WINDOWS\system32\javaw.exe
2007-07-29 01:26:16 ----A---- C:\WINDOWS\system32\java.exe
2007-07-29 01:26:16 ----A---- C:\WINDOWS\system32\deploytk.dll
2007-07-29 01:20:04 ----A---- C:\MGtools.exe
2007-07-28 04:27:57 ----D---- C:\Program Files\Bazooka Scanner
2007-07-28 04:22:32 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2007-07-27 00:01:04 ----D---- C:\Documents and Settings\billy crystal\Application Data\Malwarebytes
2007-07-27 00:00:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2007-07-27 00:00:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2007-07-27 00:00:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-07-27 00:00:22 ----D---- C:\Program Files\SUPERAntiSpyware
2007-07-27 00:00:22 ----D---- C:\Documents and Settings\billy crystal\Application Data\SUPERAntiSpyware.com
2007-07-26 23:59:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-26 09:31:49 ----D---- C:\Documents and Settings\billy crystal\Application Data\Uniblue
2007-07-26 09:31:13 ----D---- C:\Program Files\Uniblue
2007-07-26 09:19:23 ----D---- C:\Program Files\Spybot - Search & Destroy
2007-07-26 09:19:09 ----D---- C:\Program Files\AVG
2007-07-26 09:19:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2007-07-25 00:49:36 ----D---- C:\Documents and Settings\billy crystal\Application Data\Netscape
2007-07-11 02:01:24 ----D---- C:\Program Files\NJStar Japanese WP
2007-07-08 02:01:03 ----D---- C:\Program Files\NJStar Chinese WP
2007-07-05 15:44:52 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-07-05 15:44:49 ----D---- C:\Program Files\DVD Shrink
2007-07-05 14:40:54 ----D---- C:\Program Files\DVD Decrypter
2007-05-09 01:50:07 ----A---- C:\WINDOWS\system32\Cier.exe
2007-05-04 01:15:01 ----A---- C:\WINDOWS\GetFLV.ini
2007-04-26 10:57:26 ----D---- C:\Documents and Settings\billy crystal\Application Data\RealWorld
2007-04-26 10:57:02 ----D---- C:\Program Files\RealWorld Icon Editor
2007-04-21 13:55:32 ----A---- C:\WINDOWS\system32\ltmm15.dll
2007-04-21 13:55:31 ----A---- C:\WINDOWS\system32\DSKernel2.dll
2007-04-21 05:08:17 ----A---- C:\WINDOWS\AviSplitter.INI
2007-04-11 01:43:31 ----A---- C:\Documents and Settings\billy crystal\Application Data\inst.exe
2007-04-11 01:43:30 ----D---- C:\Documents and Settings\billy crystal\Application Data\Vso
2007-04-11 01:43:22 ----D---- C:\Program Files\VSO
2007-03-26 17:39:14 ----A---- C:\WINDOWS\system32\ac3config.exe
2007-03-21 20:54:16 ----A---- C:\WINDOWS\system32\TWUNK_32.EXE
2007-03-21 20:54:16 ----A---- C:\WINDOWS\system32\TWUNK_16.EXE
2007-03-21 20:54:16 ----A---- C:\WINDOWS\system32\TWAIN_32.DLL
2007-03-16 01:32:13 ----A---- C:\WINDOWS\DUMP97db.tmp
2007-03-15 03:49:58 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2007-03-15 03:49:54 ----A---- C:\WINDOWS\system32\EBPMON24.DLL
2007-03-15 03:49:54 ----A---- C:\WINDOWS\system32\E_SAGSET.DLL
2007-03-15 03:46:40 ----D---- C:\Program Files\CCleaner
2007-03-12 14:02:26 ----A---- C:\WINDOWS\system32\msjava.dll
2007-03-11 01:56:21 ----D---- C:\Program Files\trend micro
2007-03-11 01:56:20 ----D---- C:\rsit
2007-03-11 01:34:41 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2007-03-11 01:34:38 ----A---- C:\WINDOWS\gmer.exe
2007-03-10 23:40:06 ----D---- C:\Program Files\Exterminate It!
2007-03-10 23:18:06 ----D---- C:\Documents and Settings\billy crystal\Application Data\skypePM
2007-03-10 17:45:30 ----D---- C:\Program Files\Panda Security
2007-03-10 17:39:07 ----D---- C:\Program Files\BullGuard Ltd
2007-03-10 05:27:12 ----A---- C:\ComboFix.txt
2007-03-10 05:14:19 ----D---- C:\Program Files\Microsoft Reference
2007-03-08 23:12:32 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2007-03-08 16:52:22 ----D---- C:\Documents and Settings\billy crystal\Application Data\Skype
2007-03-08 16:51:45 ----D---- C:\Program Files\Skype
2007-03-08 16:51:43 ----D---- C:\Program Files\Common Files\Skype
2007-03-08 16:51:17 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2007-03-06 01:14:48 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2007-03-06 01:14:48 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2007-03-04 08:51:12 ----D---- C:\Documents and Settings\billy crystal\Application Data\Help
2007-03-04 03:55:40 ----A---- C:\WINDOWS\system32\devil.dll
2007-03-04 03:55:31 ----A---- C:\WINDOWS\system32\avisynth.dll
2007-03-03 05:02:10 ----D---- C:\Program Files\Common Files\xing shared
2007-02-25 11:27:23 ----D---- C:\Program Files\XP Codec Pack
2007-02-15 17:03:14 ----A---- C:\WINDOWS\PROTOCOL.INI
2007-02-15 17:03:08 ----D---- C:\Program Files\GetFLV
2007-02-15 03:10:49 ----D---- C:\WINDOWS\nview
2007-02-15 03:10:49 ----A---- C:\WINDOWS\system32\nvudisp.exe
2007-02-14 03:53:13 ----A---- C:\WINDOWS\system32\nvunrm.exe
2007-02-14 00:36:03 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead

======List of files/folders modified in the last 1 months======

2008-08-26 13:28:14 ----A---- C:\WINDOWS\system32\MRT.exe
2007-11-20 12:14:59 ----D---- C:\Program Files\Adobe
2007-11-08 02:22:35 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2007-11-02 12:52:29 ----D---- C:\Program Files\Common Files\Adobe
2007-11-01 21:12:42 ----RSD---- C:\WINDOWS\Fonts
2007-11-01 21:08:14 ----D---- C:\WINDOWS\WinSxS
2007-11-01 19:29:40 ----D---- C:\Program Files\Macromedia
2007-11-01 19:27:48 ----D---- C:\Documents and Settings\All Users\Application Data\Macromedia
2007-11-01 19:25:39 ----D---- C:\WINDOWS\Downloaded Installations
2007-09-30 03:09:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2007-09-21 14:10:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2007-09-21 1430 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2007-08-29 18:19:46 ----D---- C:\Program Files\Replay Converter
2007-08-15 14:33:12 ----A---- C:\WINDOWS\system32\PxWave.dll
2007-08-15 14:33:12 ----A---- C:\WINDOWS\system32\PxMas.dll
2007-08-15 14:33:12 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\VXBLOCK.dll
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\PxSFS.DLL
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\pxinsi64.exe
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\pxinsa64.exe
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\pxdrv.dll
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\pxcpyi64.exe
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\pxcpya64.exe
2007-08-15 14:33:10 ----A---- C:\WINDOWS\system32\Px.dll
2007-07-29 01:24:55 ----D---- C:\Program Files\Java
2007-07-29 00:48:42 ----A---- C:\WINDOWS\win.ini
2007-07-29 00:48:42 ----A---- C:\WINDOWS\system.ini
2007-07-29 00:48:42 ----A---- C:\boot.ini
2007-07-26 21:03:03 ----D---- C:\WINDOWS\system32\config
2007-07-26 20:54:34 ----SD---- C:\Documents and Settings\billy crystal\Application Data\Microsoft
2007-07-22 05:30:29 ----AC---- C:\WINDOWS\SoftWriting.ini
2007-07-21 21:40:45 ----RD---- C:\Program Files\NewSoft
2007-07-11 02:01:35 ----D---- C:\Documents and Settings\billy crystal\Application Data\NJStar
2007-07-09 05:56:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2007-07-09 05:56:03 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-04-30 13:55:27 ----D---- C:\WINDOWS\pss
2007-04-21 13:55:02 ----AC---- C:\WINDOWS\iun6002.exe
2007-03-21 14:36:45 ----AC---- C:\WINDOWS\viewer.ini
2007-03-11 01:56:25 ----D---- C:\WINDOWS\Prefetch
2007-03-11 01:56:21 ----D---- C:\Program Files
2007-03-11 01:38:04 ----D---- C:\WINDOWS\Temp
2007-03-11 01:34:42 ----HD---- C:\WINDOWS\system32\drivers
2007-03-11 01:34:41 ----D---- C:\WINDOWS
2007-03-11 01:18:03 ----D---- C:\WINDOWS\system32
2007-03-11 01:17:58 ----HD---- C:\WINDOWS\inf
2007-03-11 01:04:14 ----A---- C:\WINDOWS\cdplayer.ini
2007-03-10 22:38:54 ----A---- C:\WINDOWS\NeroDigital.ini
2007-03-10 17:45:46 ----D---- C:\WINDOWS\LastGood
2007-03-10 05:10:53 ----D---- C:\Program Files\Mozilla Firefox
2007-03-09 04:45:58 ----D---- C:\Documents and Settings\billy crystal\Application Data\Adobe
2007-03-08 16:52:12 ----SHD---- C:\WINDOWS\Installer
2007-03-08 16:51:43 ----D---- C:\Program Files\Common Files
2007-03-07 22:23:43 ----AC---- C:\WINDOWS\pccrcmd.ini
2007-03-05 18:34:55 ----D---- C:\Program Files\eMule
2007-03-03 0547 ----D---- C:\WINDOWS\system32\CatRoot2
2007-03-03 05:01:31 ----D---- C:\Program Files\Common Files\Real
2007-03-03 05:01:14 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2007-03-03 05:00:06 ----A---- C:\WINDOWS\system32\pndx5032.dll
2007-03-03 05:00:06 ----A---- C:\WINDOWS\system32\pndx5016.dll
2007-03-03 04:59:54 ----A---- C:\WINDOWS\system32\msvcr71.dll
2007-03-03 04:59:53 ----A---- C:\WINDOWS\system32\msvcp71.dll
2007-03-03 04:59:52 ----A---- C:\WINDOWS\system32\pncrt.dll
2007-03-03 04:26:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2007-03-03 04:20:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2007-02-15 03:13:22 ----D---- C:\WINDOWS\Help
2007-02-14 02:32:39 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 36864]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-01-19 424320]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-04-18 569856]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-03-09 995712]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-03-09 206976]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-21 3659872]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-06 11136]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
R3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192736]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-03-09 726400]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-04-11 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20061025.029\symidsco.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S4 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S4 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2007-07-29 147456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-21 143427]
R2 StuffIt Task Manager;StuffIt Task Manager; C:\PROGRA~1\Allume\StuffIt\MXTask.exe [2005-06-13 155648]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe /service []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-01 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-04-16 91184]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe []
S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe /service []
S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe /service []
S4 bdss;BitDefender Scan Server; C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe /service []
S4 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe /service []
S4 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe /service []

-----------------EOF-----------------
Attached Files
File Type: txt info.txt (14.5 KB, 1 views)
File Type: txt gmer.txt (741.5 KB, 3 views)
mokkori is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here