Hey there , greetings all :)
I have a couple of probs really, unsure if they are linked.
I randomly get IE7 locking up , freezing (spinning blue circle icon) when I click on links in IE7. Can only close window with ctrl/alt/delete.
But my main problem seems to be that I have on my system the following...
c:\windows\temp\9d5.tmp - a variant of Win32/TrojanDownloader.Zlob.BXN trojan
c:\users\*MY USER ACCOUNT*\AppData\Local\Temp\tmp5AFB.tmp a variant of Win32/AutoRun.ABH worm
I may also have other infections that I am not aware of (unsure really). I have done the following ...
Quote:
1. Double-click gmer.exe. The program will begin to run.
If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked.
Click the Scan button and let the program do its work. GMER will produce a log.......
|
gmer.exe starts scanning but when it gets to \Cdfs I get black screen on my laptop , then a BSOD, memory dump then shutdown.
Quote:
2. Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt. You will be attaching the info.txt.
|
I have both those files.
Contents of log.txt ....
Logfile of random's system information tool 1.04 (written by random/random)
Run by kracken at 2008-11-08 12:35:32
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 104 GB (57%) free of 180 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:36, on 08/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\crypserv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Nuance\PDF Professional 5\PdfPro5Hook.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Users\kracken\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\kracken.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?
LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows
Live\Messenger\wlchtc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft
Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
(file missing)
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF
Professional 5\bin\ZeonIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart
Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Professional 5\RegistryController.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -
Embedding -boot
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Nuance PDF Professional 5-reminder] "C:\Program Files\Nuance\PDF Professional 5\Ereg\Ereg.exe"
-r "C:\ProgramData\Nuance\PDF Professional 5\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common
Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Privacy Suite RiskMonitor] C:\Program Files\CyberScrub Privacy Suite\CSRiskMon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [PhoneDaemon] C:\Users\kracken\Downloads\iphone\iPhone PC Suite\PhoneDaemon.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK
SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program
Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program
Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF
Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF
Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Nuance PDF Converter 5.0 - res://C:\Program Files\Nuance\PDF Professional
5\cnvres_eng.dll /100
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth
Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth
Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1
\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12
\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2
\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth
Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital
Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {22055A00-27C0-438B-BF53-44E973A4C48A} (VPlayer Control) -
http://video.vividas.com/CDN1/5403_s...vivid_ocx.jpeg
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) -
http://83.104.226.142/kxhcm10.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) -
http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.hotmail.com/mail/w3/pr01...PUplden-gb.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.com/content/Driver...sysreqlab2.cab
O16 - DPF: {8ACDC08B-DC64-4613-97F2-299B65F66E1D} (DigiMeldOcx Control) -
http://www.digimeld.com/download/digimeldOcx.CAB
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.181.20.126/activex/AxisCamControl.cab
O16 - DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} (WLCTSCControl Class) -
https://www.mesh.com/Install/win32/TSWeb.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{178F0DCD-9624-4319-AF9D-F2DD0CC4F31F}: NameServer =
85.255.112.143;85.255.112.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{C63BC921-57D1-437B-855F-BA788028AF6A}: NameServer =
85.255.112.143;85.255.112.94
O17 - HKLM\System\CS1\Services\Tcpip\..\{178F0DCD-9624-4319-AF9D-F2DD0CC4F31F}: NameServer =
85.255.112.143;85.255.112.94
O17 - HKLM\System\CS2\Services\Tcpip\..\{178F0DCD-9624-4319-AF9D-F2DD0CC4F31F}: NameServer =
85.255.112.143;85.255.112.94
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft
Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision
Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common
Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 5
\PDFProFiltSrv.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program Files\KALiNKOsoft\Pinnacle
Game Profiler\pinnacle_updater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation -
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation -
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation -
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program
Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program
Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdeaj.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 19912 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb
-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283
-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11
75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4
-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 75272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22
-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24
2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C
-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF
-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[2008-02-22 401968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f
-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
[2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E
-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2
-84FE-BFA1549BEBF9}]
ZeonIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll [2008-02-20 299008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053
-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B
-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-06-27 505136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{E3286BF1-E654-42FF-B4A6-5E111731DF6B} - Nuance PDF - C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll [2008-02-20 299008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-06-12 317560]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-01-24 949376]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-11-29 55824]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-07 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-07 8534560]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-07 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-
03 111936]
"PDFHook"=C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe [2008-02-27 795936]
"PDF5 Registry Controller"=C:\Program Files\Nuance\PDF Professional 5\RegistryController.exe [2008-02-27 58656]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2007-03-26 210472]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"Nuance PDF Professional 5-reminder"=C:\Program Files\Nuance\PDF Professional 5\Ereg\Ereg.exe [2007-08-31 328992]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Evidence Eliminator"=C:\Program Files\Evidence Eliminator\ee.exe /m []
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[2007-12-13 1688872]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Privacy Suite RiskMonitor"=C:\Program Files\CyberScrub Privacy Suite\CSRiskMon.exe [2007-11-22 1777296]
"igndlm.exe"=C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-07-18 4608]
"PhoneDaemon"=C:\Users\kracken\Downloads\iphone\iPhone PC Suite\PhoneDaemon.exe []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="acaptuser32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-07-12 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
[2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\autho
rizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authori
zedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver2.exe","%1"
======List of files/folders created in the last 1 months======
2008-11-08 12:35:32 ----D---- C:\rsit
2008-11-08 11:58:52 ----A---- C:\Windows\gmer.ini
2008-11-08 11:58:50 ----A---- C:\Windows\gmer_uninstall.cmd
2008-11-08 11:58:50 ----A---- C:\Windows\gmer.exe
2008-11-08 11:58:50 ----A---- C:\Windows\gmer.dll
2008-11-08 10:59:48 ----D---- C:\Program Files\Trend Micro
2008-11-08 10:10:11 ----D---- C:\Program Files\Common Files\INCA Shared
2008-11-08 10:07:40 ----D---- C:\Program Files\G4box
2008-11-06 18:17:27 ----RSHD---- C:\resycled
2008-10-30 19:00:29 ----A---- C:\Windows\system32\wersvc.dll
2008-10-30 19:00:29 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-30 19:00:23 ----A---- C:\Windows\system32\win32spl.dll
2008-10-28 20:57:29 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-10-28 20:57:29 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-10-28 20:57:27 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-10-28 20:57:26 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-10-28 20:57:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-10-28 20:57:26 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-10-28 20:57:25 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-10-28 20:57:25 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-10-28 20:57:22 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-10-28 20:57:21 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-10-28 20:57:21 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-10-28 20:57:21 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-10-28 20:57:21 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-10-28 20:57:20 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-10-28 20:57:20 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-10-28 20:57:19 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-10-28 20:57:19 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-10-28 20:57:19 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-10-28 20:57:19 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-10-28 20:57:18 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-10-28 20:57:18 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-10-28 20:57:17 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-10-28 20:57:17 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-10-28 20:56:16 ----HD---- C:\Windows\msdownld.tmp
2008-10-28 20:56:13 ----D---- C:\Windows\system32\directx
2008-10-26 21:23:56 ----A---- C:\Windows\system32\EncDec.dll
2008-10-26 21:23:55 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-26 21:23:51 ----A---- C:\Windows\system32\netapi32.dll
2008-10-26 21:23:49 ----A---- C:\Windows\system32\mshtml.dll
2008-10-26 21:23:48 ----A---- C:\Windows\system32\wininet.dll
2008-10-26 21:23:48 ----A---- C:\Windows\system32\urlmon.dll
2008-10-26 21:23:48 ----A---- C:\Windows\system32\ieframe.dll
2008-10-26 21:23:47 ----A---- C:\Windows\system32\mstime.dll
2008-10-26 21:23:47 ----A---- C:\Windows\system32\iertutil.dll
2008-10-26 21:23:46 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-26 21:23:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-26 21:23:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-25 11:33:17 ----D---- C:\Nexon
2008-10-25 11:33:16 ----D---- C:\ProgramData\NexonEU
2008-10-22 11:33:51 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-10-22 11:33:07 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-10-22 11:33:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-10-22 11:31:42 ----D---- C:\Program Files\Microsoft
2008-10-22 11:28:39 ----D---- C:\Program Files\Common Files\Windows Live
2008-10-20 19:57:19 ----D---- C:\Users\kracken\AppData\Roaming\Mozilla
2008-10-11 12:13:26 ----D---- C:\Program Files\Active Data Recovery Software
2008-10-11 12:09:05 ----D---- C:\Program Files\Data Doctor Recovery FAT+NTFS
2008-10-11 11:54:27 ----D---- C:\Program Files\Ontrack
======List of files/folders modified in the last 1 months======
2008-11-08 12:35:36 ----D---- C:\Windows\Prefetch
2008-11-08 12:35:35 ----D---- C:\Windows\Temp
2008-11-08 12:19:27 ----D---- C:\Windows\Minidump
2008-11-08 12:19:21 ----D---- C:\Windows
2008-11-08 11:58:50 ----D---- C:\Windows\system32\drivers
2008-11-08 10:59:48 ----RD---- C:\Program Files
2008-11-08 10:25:09 ----D---- C:\Windows\System32
2008-11-08 10:25:08 ----D---- C:\Windows\inf
2008-11-08 10:25:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-08 10:23:48 ----SHD---- C:\System Volume Information
2008-11-08 10:10:11 ----D---- C:\Program Files\Common Files
2008-11-08 09:45:30 ----A---- C:\Windows\system32\zlib.dll
2008-11-07 19:49:13 ----D---- C:\Users\kracken\AppData\Roaming\IGN_DLM
2008-11-06 18:03:59 ----D---- C:\Users\kracken\AppData\Roaming\Adobe
2008-11-03 12:38:48 ----SD---- C:\Windows\Downloaded Program Files
2008-11-03 12:38:47 ----D---- C:\Windows\system32\Macromed
2008-10-31 18:25:22 ----D---- C:\@TempNG@
2008-10-31 18:24:28 ----D---- C:\Users\kracken\AppData\Roaming\GrabIt
2008-10-31 16:08:07 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-31 16:08:04 ----SHD---- C:\Windows\Installer
2008-10-30 19:03:00 ----D---- C:\Windows\system32\catroot2
2008-10-30 19:01:02 ----D---- C:\Windows\winsxs
2008-10-30 19:00:26 ----D---- C:\Windows\system32\catroot
2008-10-28 21:07:50 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-28 20:56:13 ----D---- C:\Windows\Logs
2008-10-28 20:43:16 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-27 07:02:26 ----D---- C:\Program Files\Sony
2008-10-26 22:59:36 ----D---- C:\Windows\Microsoft.NET
2008-10-26 22:59:21 ----RSD---- C:\Windows\assembly
2008-10-26 21:38:48 ----D---- C:\Update
2008-10-26 21:32:53 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-26 21:31:45 ----D---- C:\Windows\ehome
2008-10-26 21:31:44 ----D---- C:\Program Files\Windows Mail
2008-10-26 21:31:41 ----D---- C:\Windows\system32\migration
2008-10-26 21:30:09 ----D---- C:\ProgramData\Microsoft Help
2008-10-26 15:41:48 ----D---- C:\My Music
2008-10-25 14:22:12 ----HD---- C:\ProgramData
2008-10-25 14:16:19 ----D---- C:\Program Files\Axialis
2008-10-25 09:51:39 ----D---- C:\Program Files\Download Manager
2008-10-22 11:34:09 ----D---- C:\Program Files\Windows Live
2008-10-22 11:31:27 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-22 11:26:26 ----SD---- C:\ProgramData\Microsoft
2008-10-20 20:01:45 ----RSD---- C:\Windows\Fonts
2008-10-20 19:57:01 ----D---- C:\Program Files\iTunes
2008-10-19 19:45:41 ----D---- C:\MP3 Library
2008-10-11 12:13:27 ----D---- C:\Windows\Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-06-28 10216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2004-07-30 31654]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2008-01-24 15424]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2007-11-06 131672]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2007-11-06 32080]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2008-01-24 512096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-06-05 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-05 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-05 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-05 207360]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-11-29 35088]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-11-29
36368]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32
\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-07 8231584]
R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-06-28 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-06-28 43904]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2006-11-06 27520]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-05 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys
[2007-05-19 240128]
S2 MaxImIO;MaxIm Port I/O; C:\Windows\System32\Drivers\maximio.sys []
S3 a20bz1y1;a20bz1y1; C:\Windows\system32\drivers\a20bz1y1.sys []
S3 apqktzr0;apqktzr0; C:\Windows\system32\drivers\apqktzr0.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-19 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-07-03 80936]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-03 98608]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-07-03 28464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-03 17712]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files\G4box\CrossFire\GameGuard\dump_wmimmc.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver; C:\Windows\System32\Drivers\FTD2XX.sys [2005-12-15 34639]
S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-11-08 85969]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32
\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2008-05-27 12288]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-09-10 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02
11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2005-09-09 73728]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-01-24 552064]
R2 PDFProFiltSrv;PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe [2008-02-27 144672]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-01-20 66872]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-09-13 102400]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-07-12 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VzCdb\VzCdbSvc.exe [2008-02-15 184320]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VzCdb\VzFw.exe [2008-02-15 147456]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-05 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13
447784]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VCSW\VCSW.exe [2008-02-15 274432]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h
ccCommon []
S2 PinnacleUpdateSvc;PinnacleUpdate Service; C:\Program Files\KALiNKOsoft\Pinnacle Game
Profiler\pinnacle_updater.exe [2008-10-28 262144]
S2 Windows Tribute Service;Windows Tribute Service; C:\Windows\system32\kdeaj.exe -srv []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe [2008-08-08 651720]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32
\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-01-09
121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft
Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26
145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program
Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2008-02-15 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media
Integrated Server\VMISrv.exe [2007-06-20 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media
Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media
Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\VmGateway.exe [2007-06-20 499712]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated
Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing
Manager\VcmIAlzMgr.exe [2008-03-03 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony
Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-17 87328]
-----------------EOF-----------------
Many thanks