Thread: I think I got "juduvokawi" resolved
View Single Post
Old 12-01-2008, 02:16 PM   #1 (permalink)
ramseyjack
Registered User
 
Join Date: Dec 2008
Posts: 5
OS: xp


I think I got "juduvokawi" resolved
Inadvertently ran combofix while reading the instructions for adding the console to it and problem MAY be resolved. The "juduvokawi" entries are gone from the registry. Then ran the rest of the instructions.

Previous complaining text below:

Super anti spyware, Malwarebytes, Adaware, Hijackthis, spybot, tried them all, safe mode, renaming the infected dll's. Keeps adding the Juduvokawi to the HKLM\software\microsoft\windows\currentversion\run with the following variables. Got the MS updates working and has quit disabling it, but just plain not sure why or how the registry keeps adding the below entries.

juduvokawi
Rundll32.exe "C:\WINDOWS\system32\nayitazi.dll",s
rundll32.exe "C:\WINDOWS\system32\nuvutoki.dll",b
Rundll32.exe "c:\windows\system32\ganizoni.dll",a

redirects to the sites below also.
pro-scanner-online
precata.com
registrydefender.com

End of previous text:


DDS (Version 1.0) - NTFSx86
Run by jack at 12:59:06.54 on 2008-12-01
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2014.1297 [GMT -8:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\McShield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\jack\Desktop\dds.com

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: {8704e416-1511-46f3-9c95-96eb732f922f} - c:\windows\system32\soyeviwa.dll
BHO: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Nero PhotoShow Media Manager] c:\progra~1\nero\photos~1\data\xtras\mssysmgr.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nTrayFw] c:\program files\nvidia corporation\networkaccessmanager\bin\nTrayFw.exe
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [dvd43] c:\program files\dvd43\dvd43_tray.exe
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [USRpdA]
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [TomcatStartup 2.5] c:\program files\hewlett-packard\toolbox\hpbpsttp.exe
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Open using &Advanced JPEG Compressor - c:\program files\advanced jpeg compressor\ajcieex.htm
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 ACPI;Microsoft ACPI Driver;c:\windows\system32\drivers\ACPI.sys [2004-8-3 187776]
R0 atapi;Standard IDE/ESDI Hard Disk Controller;c:\windows\system32\drivers\atapi.sys [2004-8-3 96512]
R0 Disk;Disk Driver;c:\windows\system32\drivers\disk.sys [2004-8-3 36352]
R0 dmio;Logical Disk Manager Driver;c:\windows\system32\drivers\dmio.sys [2004-8-3 153344]
R0 dmload;dmload;c:\windows\system32\drivers\dmload.sys [2001-8-23 5888]
R0 FltMgr;FltMgr;c:\windows\system32\drivers\fltmgr.sys [2007-5-6 129792]
R0 Ftdisk;Volume Manager Driver;c:\windows\system32\drivers\ftdisk.sys [2001-8-23 125056]
R0 isapnp;PnP ISA/EISA Bus Driver;c:\windows\system32\drivers\isapnp.sys [2001-8-23 37248]
R0 KSecDD;KSecDD;c:\windows\system32\drivers\KSecDD.sys [2004-8-3 92288]
R0 MountMgr;Mount Point Manager;c:\windows\system32\drivers\MountMgr.sys [2004-8-3 42368]
R0 Mup;Mup;c:\windows\system32\drivers\Mup.sys [2004-8-3 105344]
R0 NDIS;NDIS System Driver;c:\windows\system32\drivers\NDIS.sys [2004-8-3 182656]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller;c:\windows\system32\drivers\ohci1394.sys [2004-8-3 61696]
R0 PartMgr;Partition Manager;c:\windows\system32\drivers\PartMgr.sys [2001-8-23 19712]
R0 PCI;PCI Bus Driver;c:\windows\system32\drivers\pci.sys [2004-8-3 68224]
R0 PCIIde;PCIIde;c:\windows\system32\drivers\pciide.sys [2001-8-23 3328]
R0 sr;System Restore Filter Driver;c:\windows\system32\drivers\sr.sys [2007-5-6 73472]
R0 VolSnap;VolSnap;c:\windows\system32\drivers\VolSnap.sys [2004-8-3 52352]
R1 AFD;AFD;c:\windows\system32\drivers\afd.sys [2004-8-3 138496]
R1 AmdPPM;AMD HwPState Processor Driver;c:\windows\system32\drivers\AmdPPM.sys [2007-4-16 33792]
R1 Beep;Beep;c:\windows\system32\drivers\Beep.sys [2001-8-23 4224]
R1 Cdrom;CD-ROM Driver;c:\windows\system32\drivers\cdrom.sys [2004-8-3 62976]
R1 Fips;Fips;c:\windows\system32\drivers\Fips.sys [2001-8-23 44544]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;c:\windows\system32\drivers\i8042prt.sys [2004-8-3 52480]
R1 Imapi;CD-Burning Filter Driver;c:\windows\system32\drivers\imapi.sys [2004-8-3 42112]
R1 IPSec;IPSEC driver;c:\windows\system32\drivers\ipsec.sys [2004-8-3 75264]
R1 Kbdclass;Keyboard Class Driver;c:\windows\system32\drivers\kbdclass.sys [2004-8-3 24576]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-6-27 207656]
R1 mnmdd;mnmdd;c:\windows\system32\drivers\mnmdd.sys [2001-8-23 4224]
R1 Mouclass;Mouse Class Driver;c:\windows\system32\drivers\mouclass.sys [2004-8-3 23040]
R1 MPFP;MPFP;c:\windows\system32\drivers\Mpfp.sys [2008-11-29 120136]
R1 MRxSmb;MRXSMB;c:\windows\system32\drivers\mrxsmb.sys [2004-8-3 455296]
R1 Msfs;Msfs;c:\windows\system32\drivers\Msfs.sys [2004-8-3 19072]
R1 NetBIOS;NetBIOS Interface;c:\windows\system32\drivers\netbios.sys [2004-8-3 34688]
R1 NetBT;NetBios over Tcpip;c:\windows\system32\drivers\netbt.sys [2004-8-3 162816]
R1 Npfs;Npfs;c:\windows\system32\drivers\Npfs.sys [2004-8-3 30848]
R1 Null;Null;c:\windows\system32\drivers\Null.sys [2001-8-23 2944]
R1 RasAcd;Remote Access Auto Connection Driver;c:\windows\system32\drivers\rasacd.sys [2001-8-23 8832]
R1 Rdbss;Rdbss;c:\windows\system32\drivers\rdbss.sys [2004-8-3 175744]
R1 RDPCDD;RDPCDD;c:\windows\system32\drivers\RDPCDD.sys [2001-8-23 4224]
R1 redbook;Digital CD Audio Playback Filter Driver;c:\windows\system32\drivers\redbook.sys [2007-5-6 57600]
R1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\SASKUTIL.sys [2008-11-17 55024]
R1 Serial;Serial port driver;c:\windows\system32\drivers\serial.sys [2004-8-3 64512]
R1 Tcpip;TCP/IP Protocol Driver;c:\windows\system32\drivers\tcpip.sys [2004-8-3 361600]
R1 TermDD;Terminal Device Driver;c:\windows\system32\drivers\termdd.sys [2007-5-6 40840]
R1 VgaSave;VGA Display Controller.;c:\windows\system32\drivers\vga.sys [2004-8-3 20992]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment;c:\windows\system32\drivers\ws2ifsl.sys [2001-8-23 12032]
R2 AudioSrv;Windows Audio;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 BITS;Background Intelligent Transfer Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 Browser;Computer Browser;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 CryptSvc;Cryptographic Services;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 DcomLaunch;DCOM Server Process Launcher;c:\windows\system32\svchost -k DcomLaunch []
R2 Dhcp;DHCP Client;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 dmserver;Logical Disk Manager;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 Dnscache;DNS Client;c:\windows\system32\svchost.exe -k NetworkService [2004-8-3 14336]
R2 ERSvc;Error Reporting Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 Eventlog;Event Log;c:\windows\system32\services.exe [2004-8-3 108544]
R2 gusvc;Google Updater Service;"c:\program files\google\common\google updater\GoogleUpdaterService.exe" [2008-4-19 168432]
R2 helpsvc;Help and Support;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 HidServ;HID Input Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 lanmanserver;Server;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 lanmanworkstation;Workstation;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 LmHosts;TCP/IP NetBIOS Helper;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\mcafee\siteadvisor\McSACore.exe" [2008-11-29 203280]
R2 mcmscsvc;McAfee Services;c:\progra~1\mcafee\msc\mcmscsvc.exe [2008-11-29 792696]
R2 McNASvc;McAfee Network Agent;"c:\progra~1\common~1\mcafee\mna\mcnasvc.exe" [2008-11-29 2482848]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-11-29 358736]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\McShield.exe [2008-11-29 144704]
R2 MDM;Machine Debug Manager;"c:\program files\common files\microsoft shared\vs7debug\MDM.EXE" [2003-6-19 322120]
R2 MpfService;McAfee Personal Firewall Service;"c:\program files\mcafee\mpf\MPFSrv.exe" [2008-11-29 884360]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;c:\program files\nero\nero8\nero backitup\NBService.exe [2007-9-20 853288]
R2 ParVdm;ParVdm;c:\windows\system32\drivers\ParVdm.sys [2001-8-23 6784]
R2 PlugPlay;Plug and Play;c:\windows\system32\services.exe [2004-8-3 108544]
R2 Pml Driver HPZ12;Pml Driver HPZ12;c:\windows\system32\HPZipm12.exe [2007-11-19 73728]
R2 PolicyAgent;IPSEC Services;c:\windows\system32\lsass.exe [2004-8-3 13312]
R2 ProtectedStorage;Protected Storage;c:\windows\system32\lsass.exe [2004-8-3 13312]
R2 RemoteRegistry;Remote Registry;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
R2 RpcSs;Remote Procedure Call (RPC);c:\windows\system32\svchost -k rpcss []
R2 SamSs;Security Accounts Manager;c:\windows\system32\lsass.exe [2004-8-3 13312]
R2 Schedule;Task Scheduler;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 seclogon;Secondary Logon;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 SENS;System Event Notification;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 SharedAccess;Windows Firewall/Internet Connection Sharing (ICS);c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 ShellHWDetection;Shell Hardware Detection;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 Spooler;Print Spooler;c:\windows\system32\spoolsv.exe [2004-8-3 57856]
R2 srservice;System Restore Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 stisvc;Windows Image Acquisition (WIA);c:\windows\system32\svchost.exe -k imgsvc [2004-8-3 14336]
R2 Themes;Themes;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 TrkWks;Distributed Link Tracking Client;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 W32Time;Windows Time;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 WebClient;WebClient;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
R2 winmgmt;Windows Management Instrumentation;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 wscsvc;Security Center;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 wuauserv;Automatic Updates;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R2 WZCSVC;Wireless Zero Configuration;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 ALG;Application Layer Gateway Service;c:\windows\system32\alg.exe [2004-8-3 44544]
R3 Arp1394;1394 ARP Client Protocol;c:\windows\system32\drivers\arp1394.sys [2004-8-3 60800]
R3 audstub;Audio Stub Driver;c:\windows\system32\drivers\audstub.sys [2007-5-6 3072]
R3 EventSystem;COM+ Event System;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 Fdc;Floppy Disk Controller Driver;c:\windows\system32\drivers\fdc.sys [2004-8-3 27392]
R3 Flpydisk;Floppy Disk Driver;c:\windows\system32\drivers\flpydisk.sys [2004-8-3 20480]
R3 gameenum;Game Port Enumerator;c:\windows\system32\drivers\gameenum.sys [2007-5-6 10624]
R3 Gpc;Generic Packet Classifier;c:\windows\system32\drivers\msgpc.sys [2004-8-3 35072]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;c:\windows\system32\drivers\HDAudBus.sys [2004-10-27 144384]
R3 HidUsb;Microsoft HID Class Driver;c:\windows\system32\drivers\hidusb.sys [2007-11-24 10368]
R3 HTTP;HTTP;c:\windows\system32\drivers\HTTP.sys [2004-8-3 264832]
R3 IpFilterDriver;IP Traffic Filter Driver;c:\windows\system32\drivers\ipfltdrv.sys [2001-8-23 32896]
R3 IpNat;IP Network Address Translator;c:\windows\system32\drivers\ipnat.sys [2004-8-3 152832]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-11-29 605512]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-11-29 79240]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-11-29 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-11-29 40488]
R3 Modem;Modem;c:\windows\system32\drivers\Modem.sys [2004-8-3 30080]
R3 mouhid;Mouse HID Driver;c:\windows\system32\drivers\mouhid.sys [2008-7-20 12160]
R3 MRxDAV;WebDav Client Redirector;c:\windows\system32\drivers\mrxdav.sys [2004-8-3 180608]
R3 mssmbios;Microsoft System Management BIOS Driver;c:\windows\system32\drivers\mssmbios.sys [2004-8-3 15488]
R3 NdisTapi;Remote Access NDIS TAPI Driver;c:\windows\system32\drivers\ndistapi.sys [2001-8-23 10112]
R3 Ndisuio;NDIS Usermode I/O Protocol;c:\windows\system32\drivers\ndisuio.sys [2004-8-3 14592]
R3 NdisWan;Remote Access NDIS WAN Driver;c:\windows\system32\drivers\ndiswan.sys [2004-8-3 91520]
R3 NDProxy;NDIS Proxy;c:\windows\system32\drivers\NDProxy.sys [2001-8-23 40576]
R3 Netman;Network Connections;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 NIC1394;1394 Net Driver;c:\windows\system32\drivers\nic1394.sys [2004-8-3 61824]
R3 Nla;Network Location Awareness (NLA);c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 nv;nv;c:\windows\system32\drivers\nv4_mini.sys [2006-1-24 3535520]
R3 nvnetbus;NVIDIA Network Bus Enumerator;c:\windows\system32\drivers\nvnetbus.sys [2007-5-6 13056]
R3 Parport;Parallel port driver;c:\windows\system32\drivers\parport.sys [2004-8-3 80128]
R3 PptpMiniport;WAN Miniport (PPTP);c:\windows\system32\drivers\raspptp.sys [2004-8-3 48384]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2004-8-3 69120]
R3 Ptilink;Direct Parallel Link Driver;c:\windows\system32\drivers\ptilink.sys [2001-8-23 17792]
R3 Rasl2tp;WAN Miniport (L2TP);c:\windows\system32\drivers\rasl2tp.sys [2004-8-3 51328]
R3 RasMan;Remote Access Connection Manager;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 RasPppoe;Remote Access PPPOE Driver;c:\windows\system32\drivers\raspppoe.sys [2004-8-3 41472]
R3 Raspti;Direct Parallel;c:\windows\system32\drivers\raspti.sys [2001-8-23 16512]
R3 rdpdr;Terminal Server Device Redirector Driver;c:\windows\system32\drivers\rdpdr.sys [2007-5-6 196224]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\RTL8139.SYS [2007-5-6 20992]
R3 SASENUM;SASENUM;\??\c:\program files\superantispyware\SASENUM.SYS [2008-11-17 7408]
R3 serenum;Serenum Filter Driver;c:\windows\system32\drivers\serenum.sys [2004-8-3 15744]
R3 Srv;Srv;c:\windows\system32\drivers\srv.sys [2004-8-3 333824]
R3 SSDPSRV;SSDP Discovery Service;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
R3 swenum;Software Bus Driver;c:\windows\system32\drivers\swenum.sys [2004-8-3 4352]
R3 sysaudio;Microsoft Kernel System Audio Device;c:\windows\system32\drivers\sysaudio.sys [2007-5-6 60800]
R3 TapiSrv;Telephony;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
R3 TermService;Terminal Services;c:\windows\system32\svchost -k DComLaunch []
R3 Update;Microcode Update Driver;c:\windows\system32\drivers\update.sys [2004-8-3 384768]
R3 usbccgp;Microsoft USB Generic Parent Driver;c:\windows\system32\drivers\usbccgp.sys [2007-7-21 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;c:\windows\system32\drivers\usbehci.sys [2004-8-3 30208]
R3 usbhub;Microsoft USB Standard Hub Driver;c:\windows\system32\drivers\usbhub.sys [2004-8-3 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver;c:\windows\system32\drivers\usbohci.sys [2004-8-3 17152]
R3 USBSTOR;USB Mass Storage Driver;c:\windows\system32\drivers\USBSTOR.SYS [2007-5-15 26368]
R3 Wanarp;Remote Access IP ARP Driver;c:\windows\system32\drivers\wanarp.sys [2004-8-3 34560]
R3 wdmaud;Microsoft WINMM WDM Audio Compatibility Driver;c:\windows\system32\drivers\wdmaud.sys [2007-5-6 83072]
R3 xpvcom;XPVCOM Port;c:\windows\system32\drivers\XPVCOM.sys [2007-3-23 30032]
R4 Cdfs;Cdfs;c:\windows\system32\drivers\Cdfs.sys [2004-8-3 63744]
R4 Ntfs;Ntfs;c:\windows\system32\drivers\Ntfs.sys [2004-8-3 574976]
S1 Cdaudio;Cdaudio;c:\windows\system32\drivers\Cdaudio.sys [2001-8-17 18688]
S1 Changer;Changer; []
S1 i2omgmt;i2omgmt; []
S1 kbdhid;Keyboard HID Driver;c:\windows\system32\drivers\kbdhid.sys [2007-11-24 14592]
S1 lbrtfdc;lbrtfdc; []
S1 PCIDump;PCIDump; []
S1 Processor;Processor Driver;c:\windows\system32\drivers\processr.sys [2004-8-3 35840]
S1 Sfloppy;Sfloppy;c:\windows\system32\drivers\Sfloppy.sys [2004-8-3 11392]
S2 0086891228138165mcinstcleanup;McAfee Application Installer Cleanup (0086891228138165);c:\windows\temp\008689~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service []
S2 McAfeeFramework;McAfee Framework Service;"c:\program files\network associates\common framework\FrameworkService.exe" /ServiceStart [2007-5-6 104000]
S3 aec;Microsoft Kernel Acoustic Echo Canceller;c:\windows\system32\drivers\aec.sys [2007-5-6 142592]
S3 AppMgmt;Application Management;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 aspnet_state;ASP.NET State Service;c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 AsyncMac;RAS Asynchronous Media Driver;c:\windows\system32\drivers\asyncmac.sys [2004-8-3 14336]
S3 Atmarpc;ATM ARP Client Protocol;c:\windows\system32\drivers\atmarpc.sys [2004-8-3 59904]
S3 catchme;catchme;\??\c:\combofix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder;c:\windows\system32\drivers\CCDECODE.sys [2007-7-21 17024]
S3 CiSvc;Indexing Service;c:\windows\system32\cisvc.exe [2004-8-3 5632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 COMSysApp;COM+ System Application;c:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [2004-8-3 5120]
S3 dmadmin;Logical Disk Manager Administrative Service;c:\windows\system32\dmadmin.exe /com [2004-8-3 224768]
S3 DMusic;Microsoft Kernel DLS Syntheiszer;c:\windows\system32\drivers\DMusic.sys [2007-5-6 52864]
S3 Dot3svc;Wired AutoConfig;c:\windows\system32\svchost.exe -k dot3svc [2004-8-3 14336]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler;c:\windows\system32\drivers\drmkaud.sys [2007-5-6 2944]
S3 EapHost;Extensible Authentication Protocol Service;c:\windows\system32\svchost.exe -k eapsvcs [2004-8-3 14336]
S3 FastUserSwitchingCompatibility;Fast User Switching Compatibility;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;c:\windows\microsoft.net\framework\v3.0\wpf\PresentationFontCache.exe [2007-10-9 36864]
S3 hkmsvc;Health Key and Certificate Management Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 HTTPFilter;HTTP SSL;c:\windows\system32\svchost.exe -k HTTPFilter [2004-8-3 14336]
S3 idsvc;Windows CardSpace;"c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe" [2007-10-11 864256]
S3 ImapiService;IMAPI CD-Burning COM Service;c:\windows\system32\imapi.exe [2004-8-3 150528]
S3 Ip6Fw;IPv6 Windows Firewall Driver;c:\windows\system32\drivers\ip6fw.sys [2004-8-3 36608]
S3 IpInIp;IP in IP Tunnel Driver;c:\windows\system32\drivers\ipinip.sys [2004-8-3 20864]
S3 IRENUM;IR Enumerator Service;c:\windows\system32\drivers\irenum.sys [2007-5-6 11264]
S3 kmixer;Microsoft Kernel Wave Audio Mixer;c:\windows\system32\drivers\kmixer.sys [2007-5-6 172416]
S3 McODS;McAfee Scanner;c:\progra~1\mcafee\viruss~1\mcods.exe [2008-11-29 361800]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-11-29 34152]
S3 mnmsrvc;NetMeeting Remote Desktop Sharing;c:\windows\system32\mnmsrvc.exe [2007-5-6 32768]
S3 MSDTC;Distributed Transaction Coordinator;c:\windows\system32\msdtc.exe [2007-5-6 6144]
S3 MSIServer;Windows Installer;c:\windows\system32\msiexec.exe /V [2004-8-3 78848]
S3 MSKSSRV;Microsoft Streaming Service Proxy;c:\windows\system32\drivers\MSKSSRV.sys [2007-5-6 7552]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;c:\windows\system32\drivers\MSPCLOCK.sys [2007-5-6 5376]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;c:\windows\system32\drivers\MSPQM.sys [2007-5-6 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;c:\windows\system32\drivers\MSTEE.sys [2007-7-21 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec;c:\windows\system32\drivers\NABTSFEC.sys [2007-7-21 85248]
S3 napagent;Network Access Protection Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 Netlogon;Net Logon;c:\windows\system32\lsass.exe [2004-8-3 13312]
S3 NtLmSsp;NT LM Security Support Provider;c:\windows\system32\lsass.exe [2004-8-3 13312]
S3 NtmsSvc;Removable Storage;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver;c:\windows\system32\drivers\NVENETFD.sys [2007-5-6 34176]
S3 NwlnkFlt;IPX Traffic Filter Driver;c:\windows\system32\drivers\nwlnkflt.sys [2001-8-23 12416]
S3 NwlnkFwd;IPX Traffic Forwarder Driver;c:\windows\system32\drivers\nwlnkfwd.sys [2001-8-23 32512]
S3 ose;Office Source Engine;"c:\program files\common files\microsoft shared\source engine\OSE.EXE" [2006-10-26 145184]
S3 PDCOMP;PDCOMP; []
S3 PDFRAME;PDFRAME; []
S3 PDRELI;PDRELI; []
S3 PDRFRAME;PDRFRAME; []
S3 RasAuto;Remote Access Auto Connection Manager;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 RDPWD;RDPWD;c:\windows\system32\drivers\RDPWD.sys [2007-5-6 139656]
S3 RDSessMgr;Remote Desktop Help Session Manager;c:\windows\system32\sessmgr.exe [2007-5-6 141312]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;c:\windows\system32\locator.exe [2004-8-3 75264]
S3 RSVP;QoS RSVP;c:\windows\system32\rsvp.exe [2001-8-23 132608]
S3 SCardSvr;Smart Card;c:\windows\system32\SCardSvr.exe [2004-8-3 95744]
S3 Secdrv;Secdrv;c:\windows\system32\drivers\secdrv.sys [2004-7-17 20480]
S3 splitter;Microsoft Kernel Audio Splitter;c:\windows\system32\drivers\splitter.sys [2007-5-6 6272]
S3 streamip;BDA IPSink;c:\windows\system32\drivers\StreamIP.sys [2007-7-21 15232]
S3 swmidi;Microsoft Kernel GS Wavetable Synthesizer;c:\windows\system32\drivers\swmidi.sys [2007-5-6 56576]
S3 SwPrv;MS Software Shadow Copy Provider;c:\windows\system32\dllhost.exe /Processid:{EF69095C-3E80-4B5E-86CF-EA6FD7C399FF} [2004-8-3 5120]
S3 SysmonLog;Performance Logs and Alerts;c:\windows\system32\smlogsvc.exe [2004-8-3 89600]
S3 TDPIPE;TDPIPE;c:\windows\system32\drivers\TDPIPE.sys [2007-5-6 12040]
S3 TDTCP;TDTCP;c:\windows\system32\drivers\TDTCP.sys [2007-5-6 21896]
S3 upnphost;Universal Plug and Play Device Host;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
S3 UPS;Uninterruptible Power Supply;c:\windows\system32\ups.exe [2004-8-3 18432]
S3 usbscan;USB Scanner Driver;c:\windows\system32\drivers\usbscan.sys [2007-7-21 15104]
S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys [2005-1-26 280344]
S3 VSS;Volume Shadow Copy;c:\windows\system32\vssvc.exe [2004-8-3 289792]
S3 WDICA;WDICA; []
S3 WmdmPmSN;Portable Media Serial Number Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 Wmi;Windows Management Instrumentation Driver Extensions;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 WmiApSrv;WMI Performance Adapter;c:\windows\system32\wbem\wmiapsrv.exe [2007-5-6 126464]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service;"c:\program files\windows media player\WMPNetwk.exe" [2006-10-18 913408]
S3 WSTCODEC;World Standard Teletext Codec;c:\windows\system32\drivers\WSTCODEC.SYS [2007-7-21 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver;c:\windows\system32\drivers\WudfPf.sys [2006-9-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector;c:\windows\system32\drivers\wudfrd.sys [2006-9-28 82944]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework;c:\windows\system32\svchost.exe -k WudfServiceGroup [2004-8-3 14336]
S3 xmlprov;Network Provisioning Service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S4 Abiosdsk;Abiosdsk; []
S4 abp480n5;abp480n5; []
S4 ACPIEC;ACPIEC;c:\windows\system32\drivers\ACPIEC.sys [2001-8-23 11648]
S4 adpu160m;adpu160m; []
S4 Aha154x;Aha154x; []
S4 aic78u2;aic78u2; []
S4 aic78xx;aic78xx; []
S4 Alerter;Alerter;c:\windows\system32\svchost.exe -k LocalService [2004-8-3 14336]
S4 AliIde;AliIde; []
S4 amsint;amsint; []
S4 asc;asc; []
S4 asc3350p;asc3350p; []
S4 asc3550;asc3550; []
S4 Atdisk;Atdisk; []
S4 cbidf2k;cbidf2k;c:\windows\system32\drivers\cbidf2k.sys [2001-8-23 13952]
S4 cd20xrnt;cd20xrnt; []
S4 ClipSrv;ClipBook;c:\windows\system32\clipsrv.exe [2004-8-3 33280]
S4 CmdIde;CmdIde; []
S4 Cpqarray;Cpqarray; []
S4 dac960nt;dac960nt; []
S4 dmboot;dmboot;c:\windows\system32\drivers\dmboot.sys [2004-8-3 799744]
S4 dpti2o;dpti2o; []
S4 Fastfat;Fastfat;c:\windows\system32\drivers\Fastfat.sys [2004-8-3 143744]
S4 hpn;hpn; []
S4 i2omp;i2omp; []
S4 ini910u;ini910u; []
S4 IntelIde;IntelIde; []
S4 Messenger;Messenger;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S4 mraid35x;mraid35x; []
S4 NetDDE;Network DDE;c:\windows\system32\netdde.exe [2004-8-3 111104]
S4 NetDDEdsdm;Network DDE DSDM;c:\windows\system32\netdde.exe [2004-8-3 111104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"c:\windows\microsoft.net\framework\v3.0\windows communication foundation\SMSvcHost.exe" [2007-10-11 122880]
S4 Pcmcia;Pcmcia;c:\windows\system32\drivers\Pcmcia.sys [2004-8-3 120192]
S4 perc2;perc2; []
S4 perc2hib;perc2hib; []
S4 ql1080;ql1080; []
S4 Ql10wnt;Ql10wnt; []
S4 ql12160;ql12160; []
S4 ql1240;ql1240; []
S4 ql1280;ql1280; []
S4 RemoteAccess;Routing and Remote Access;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S4 Simbad;Simbad; []
S4 Sparrow;Sparrow; []
S4 sym_hi;sym_hi; []
S4 sym_u3;sym_u3; []
S4 symc810;symc810; []
S4 symc8xx;symc8xx; []
S4 TlntSvr;Telnet;c:\windows\system32\tlntsvr.exe [2004-8-3 73216]
S4 TosIde;TosIde; []
S4 Udfs;Udfs;c:\windows\system32\drivers\Udfs.sys [2004-8-3 66048]
S4 ultra;ultra; []
S4 ViaIde;ViaIde; []

=============== Created Last 30 ================

2008-12-01 12:31 250 a------- c:\windows\gmer.ini
2008-12-01 12:03 <DIR> a-dshr-- C:\cmdcons
2008-12-01 05:51 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-11-30 12:36 <DIR> --d----- c:\docume~1\jack\applic~1\Malwarebytes
2008-11-30 12:36 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-11-30 12:36 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-30 12:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-11-30 12:36 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-11-30 07:46 <DIR> --d----- c:\docume~1\jack\applic~1\McAfee
2008-11-29 22:39 9,977 a------- c:\windows\system32\Config.MPF
2008-11-29 22:35 40,488 a------- c:\windows\system32\drivers\mfesmfk.sys
2008-11-29 22:35 35,240 a------- c:\windows\system32\drivers\mfebopk.sys
2008-11-29 22:35 79,240 a------- c:\windows\system32\drivers\mfeavfk.sys
2008-11-29 22:35 120,136 a------- c:\windows\system32\drivers\Mpfp.sys
2008-11-29 22:34 <DIR> --d----- c:\program files\common files\McAfee
2008-11-29 22:34 <DIR> --d----- c:\program files\McAfee.com
2008-11-29 22:34 <DIR> --d----- c:\program files\McAfee
2008-11-29 22:29 34,152 a------- c:\windows\system32\drivers\mferkdk.sys
2008-11-29 10:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-11-29 10:34 <DIR> --d----- c:\program files\SUPERAntiSpyware
2008-11-29 10:34 <DIR> --d----- c:\docume~1\jack\applic~1\SUPERAntiSpyware.com
2008-11-29 08:29 <DIR> --d----- c:\windows\pss
2008-11-28 09:30 326 a------- c:\windows\wininit.ini
2008-11-16 16:34 <DIR> --d----- C:\pemicro
2008-11-13 18:24 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-11-13 18:23 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-11-11 05:31 0 a------- C:\LOG22.tmp
2008-11-05 06:56 0 a------- C:\LOG4A.tmp
2008-11-04 20:13 0 a------- C:\LOG6E.tmp
2008-11-03 09:28 21,504 ac------ c:\windows\system32\dllcache\hidserv.dll
2008-11-03 09:28 21,504 a------- c:\windows\system32\hidserv.dll

==================== Find3M ====================

2008-12-01 12:01 389,120 a------- c:\windows\system32\CF20064.exe
2008-11-30 11:07 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-11-30 11:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-11-29 09:14 <DIR> --d----- c:\program files\Lavasoft
2008-11-29 08:57 44,544 a------- c:\windows\system32\alg.exe
2008-11-10 10:10 <DIR> --d----- c:\program files\MSECACHE
2008-10-27 16:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SQL Anywhere 10
2008-10-27 12:12 <DIR> --d----- c:\program files\common files\Intuit
2008-10-27 12:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Intuit
2008-10-27 11:40 <DIR> --d----- c:\docume~1\jack\applic~1\Download Manager
2008-10-27 09:31 <DIR> --d----- c:\program files\common files\AnswerWorks 5.0
2008-10-27 09:31 <DIR> --d----- c:\program files\Quicken
2008-10-27 08:54 <DIR> --d----- c:\program files\common files\Palo Alto Software
2008-10-24 13:57 <DIR> --d----- c:\program files\Trend Micro
2008-10-23 17:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Lavasoft
2008-10-19 13:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\YesVideo
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-10 16:16 <DIR> --d----- c:\program files\Windows Installer Clean Up
2008-10-05 13:54 <DIR> --d----- c:\program files\Akamai
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 04:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-09 17:14 1,307,648 a------- c:\windows\system32\msxml6.dll
2008-09-04 09:15 1,106,944 a------- c:\windows\system32\msxml3.dll
2008-07-13 16:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero
2008-07-13 16:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Simple Star
2008-07-13 16:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Simple Star Shared
2008-07-13 16:13 <DIR> --d----- c:\docume~1\jack\applic~1\Simple Star
2008-04-22 07:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Diskeeper Corporation
2008-04-13 09:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ipswitch
2008-04-13 09:29 <DIR> --d----- c:\docume~1\jack\applic~1\AceBIT
2008-04-13 09:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AceBIT
2008-02-20 09:28 <DIR> --d----- c:\docume~1\jack\applic~1\webex
2007-12-12 18:44 <DIR> --d----- c:\docume~1\jack\applic~1\Stamps.com Internet Postage
2007-12-12 18:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{D9AA4D17-9292-410D-9AA5-84526D062900}
2007-12-12 18:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{B0AFCE64-DF3F-4824-8985-B21DB0EEE07B}
2007-12-12 18:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8737778F-82C6-4680-A660-E8B2B8C8C22B}
2007-12-12 18:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{876C6265-922D-4EF3-A784-71D72FF033C0}
2007-10-28 05:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\1Click DVD Copy Pro
2007-10-26 20:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\vsosdk
2007-10-26 20:22 <DIR> --d----- c:\docume~1\jack\applic~1\Vso
2007-10-21 10:41 <DIR> --d----- c:\docume~1\jack\applic~1\Intuit
2007-10-01 17:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\COMMON FILES
2007-08-22 19:40 <DIR> --d----- c:\docume~1\jack\applic~1\Solmetric
2007-08-14 19:38 <DIR> --d----- c:\docume~1\jack\applic~1\Netscape
2007-07-26 15:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WinZipSE
2007-07-21 17:11 <DIR> --d----- c:\docume~1\jack\applic~1\Windows Desktop Search
2007-05-06 19:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Network Associates
2008-08-31 15:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008083120080901\index.dat

============= FINISH: 12:59:25.35 ===============
Attached Files
File Type: txt gmer.txt (61.5 KB, 4 views)
File Type: txt Attach.txt (12.4 KB, 0 views)
ramseyjack is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here