|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
09-22-2009, 09:11 PM
|
#1 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 4
OS: xp
|
Suspected Trojans
So it seems like I have a hidden background process which is taking over my computer. My CPU usage is commonly 70%+ when I am not doing anything. This is very inconsistent with my computer's fast performance.
Additionally, but my Ethernet card is not working anymore. This happened just as my computer slowdowns began. I've spent a lot of time and headache trying to fix my problems, but eventually had to resort to the masters at TechSupportForum. So thank you so much for any help you have to offer!!! DDS (Ver_09-07-30.01) - NTFSx86 Run at 23:00:46.18 on Tue 09/22/2009 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2487 [GMT -4:00] AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\dlcdcoms.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Linc\iPod\bin\iPodSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Games\nVidia\nTune\nTuneService.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\WINDOWS\system32\ctfmon.exe C:\Games\nVidia\System Update\UpdateCenterService.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Lincoln Bartlett\Desktop\TechSupport Forum\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = hxxp://www.alienware.com/Mothership?Comp=AWC&SysCode=PC-AREA51-5500-R1&ai=636E3D33313933343526706F3D504F2D33333634343241 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.accoona.com/search?q=%s BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto mRun: [DLCDCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCDtime.dll,_RunDLLEntry@16 IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\games\partygaming\partypoker\RunApp.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1217647541078 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Notify: WB - c:\program files\alienguise\fastload.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\lincol~1\applic~1\mozilla\firefox\profiles\fvr9e4wo.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\documents and settings\lincoln bartlett\application data\mozilla\firefox\profiles\fvr9e4wo.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll FF - plugin: c:\games\geforce 8800gt\divx\divx content uploader\npUpload.dll FF - plugin: c:\games\geforce 8800gt\divx\divx player\npDivxPlayerPlugin.dll FF - plugin: c:\games\geforce 8800gt\divx\divx web player\npdivx32.dll FF - plugin: c:\linc\programs\fileplanet\download manager\npfpdlm.dll FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-8-14 108392] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-8-14 108392] R2 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?] R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2008-12-8 2440120] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-27 102448] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090922.032\NAVENG.SYS [2009-9-22 84912] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090922.032\NAVEX15.SYS [2009-9-22 1323568] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-11-18 23888] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-4-27 33176] =============== Created Last 30 ================ 2009-09-22 22:12 <DIR> --d----- c:\windows\OPTIONS 2009-09-10 22:02 <DIR> --d----- C:\ProgramData 2009-09-10 22:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Electronic Arts 2009-09-10 21:44 447,752 a----r-- c:\windows\system32\vp6vfw.dll 2009-09-10 21:44 <DIR> --d----- c:\program files\Microsoft WSE 2009-09-08 18:25 153,088 -c------ c:\windows\system32\dllcache\triedit.dll 2009-09-05 01:54 94,208 a------- c:\windows\system32\QuickTimeVR.qtx 2009-09-05 01:54 69,632 a------- c:\windows\system32\QuickTime.qts ==================== Find3M ==================== 2009-08-17 22:42 138,064 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-17 22:42 189,184 a------- c:\windows\system32\PnkBstrB.exe 2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-31 08:49 157,529 a------- c:\windows\hpoins28.dat 2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-14 14:54 10,457,088 a------- c:\windows\system32\nvoglnt.dll 2009-07-14 14:54 5,842,816 a------- c:\windows\system32\nv4_disp.dll 2009-07-14 14:54 2,189,856 a------- c:\windows\system32\nvcuvid.dll 2009-07-14 14:54 2,002,944 a------- c:\windows\system32\nvcuda.dll 2009-07-14 14:54 1,706,528 a------- c:\windows\system32\nvcuvenc.dll 2009-07-14 14:54 1,597,690 a------- c:\windows\system32\nvdata.bin 2009-07-14 14:54 868,352 a------- c:\windows\system32\nvapi.dll 2009-07-14 14:54 485,920 a------- c:\windows\system32\nvudisp.exe 2009-07-14 14:54 151,552 a------- c:\windows\system32\nvcodins.dll 2009-07-14 14:54 151,552 a------- c:\windows\system32\nvcod.dll 2009-07-14 13:34 13,877,248 a------- c:\windows\system32\nvcpl.dll 2009-07-14 13:34 8,085,504 a------- c:\windows\system32\nvdispsr.dll 2009-07-14 13:34 4,923,392 a------- c:\windows\system32\nvdisps.dll 2009-07-14 13:34 4,640,768 a------- c:\windows\system32\nvgamesr.dll 2009-07-14 13:34 3,547,136 a------- c:\windows\system32\nvgames.dll 2009-07-14 13:34 2,854,912 a------- c:\windows\system32\nvmoblsr.dll 2009-07-14 13:34 1,286,144 a------- c:\windows\system32\nvmobls.dll 2009-07-14 13:34 458,752 a------- c:\windows\system32\nvmccssr.dll 2009-07-14 13:34 188,416 a------- c:\windows\system32\nvmccss.dll 2009-07-14 13:34 168,004 a------- c:\windows\system32\nvsvc32.exe 2009-07-14 13:34 143,360 a------- c:\windows\system32\nvcolor.exe 2009-07-14 13:34 86,016 a------- c:\windows\system32\nvmctray.dll 2009-07-14 13:34 229,376 a------- c:\windows\system32\nvmccs.dll 2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll 2009-07-10 15:11 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-07-10 07:01 485,920 a------- c:\windows\system32\NVUNINST.EXE 2009-06-26 12:50 666,624 a------- c:\windows\system32\wininet.dll 2009-06-26 12:50 81,920 a------- c:\windows\system32\ieencode.dll 2009-06-08 11:04 31,528 ac------ c:\docume~1\lincol~1\applic~1\GDIPFONTCACHEV1.DAT 2008-11-11 18:02 22,328 ac------ c:\docume~1\lincol~1\applic~1\PnkBstrK.sys 2008-05-25 20:06 47,360 ac------ c:\docume~1\lincol~1\applic~1\pcouffin.sys 2008-04-07 00:01 0 ac------ c:\program files\temp01 2008-04-04 18:24 774,144 a------- c:\program files\RngInterstitial.dll 2005-07-28 00:38 513,648 a------- c:\program files\msgr6suite.exe ============= FINISH: 23:01:18.20 =============== |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
09-26-2009, 10:16 PM
|
#4 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,996
OS: WinXP and Vista
|
Re: Suspected Trojans
Hello lbartlett01,
Nothing is jumping out at me here. Download rsit.exe and save it to your desktop.
|
|
|
|
|
09-27-2009, 08:59 AM
|
#5 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 4
OS: xp
|
Re: Suspected Trojans
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lincoln Bartlett at 2009-09-27 10:56:48 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 31 GB (19%) free of 157 GB Total RAM: 3071 MB (76% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:56:51 AM, on 9/27/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\dlcdcoms.exe C:\WINDOWS\system32\svchost.exe C:\Linc\iPod\bin\iPodSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Games\nVidia\nTune\nTuneService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\Games\nVidia\System Update\UpdateCenterService.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Lincoln Bartlett\Desktop\TechSupport Forum\RSIT.exe C:\Program Files\AVG\Hijack this Scan\Lincoln Bartlett.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alienware.com/Mothership?...33333634343241 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 82.98.231.89 url.adtrgt.com O1 - Hosts: 82.98.231.89 googleads2.gdoubleclick.net O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto O4 - HKLM\..\Run: [DLCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files\EVGA Precision\EVGAPrecision.exe" /s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Games\nVidia\nTune\nTuneCmd.exe" resetprofile O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: UltimateBet - {3EB3B7E8-1466-405A-B5BC-44513AF85E34} - C:\Documents and Settings\All Users\Start Menu\Programs\UltimateBet\UltimateBet.lnk (HKCU) O9 - Extra 'Tools' menuitem: UltimateBet - {3EB3B7E8-1466-405A-B5BC-44513AF85E34} - C:\Documents and Settings\All Users\Start Menu\Programs\UltimateBet\UltimateBet.lnk (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1217647541078 O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: dlcd_device - - C:\WINDOWS\system32\dlcdcoms.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Linc\iPod\bin\iPodService.exe O23 - Service: iPodSrv - Unknown owner - C:\Linc\iPod\bin\iPodSrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Games\nVidia\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Games\nVidia\System Update\UpdateCenterService.exe -- End of file - 8165 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-27 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-27 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 169984] "DLCDCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16 [] "EVGAPrecision"=C:\Program Files\EVGA Precision\EVGAPrecision.exe [2008-10-27 240656] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "NVIDIA nTune"=C:\Games\nVidia\nTune\nTuneCmd.exe [2008-04-11 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-09 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] C:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection] C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-08-14 115560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [2003-06-18 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] C:\WINDOWS\system32\CTHELPER.EXE [2003-06-19 24576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe [2009-09-03 3342336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EVGAPrecision] C:\Program Files\EVGA Precision\EVGAPrecision.exe [2008-10-27 240656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe /s [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Program Files\Common Files\AOL\1125267383\ee\AOLSoftware.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe] C:\Linc\Programs\FilePlanet\Download Manager\dlm.exe [2008-08-01 1103216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe] C:\Program Files\Lexmark 3300 Series\lxccmon.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune] C:\Games\nVidia\nTune\nTuneCmd.exe [2008-04-11 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] C:\Downloads\Power Iso\PowerISO\PWRISOVM.EXE [2007-08-06 200704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [2003-06-12 135168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe [2005-07-20 1359872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-27 148888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser] C:\Downloads\SpyEraser\SpyEraser.exe [2008-01-08 1260296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2004-08-11 757760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPodService"=3 "Adobe LM Service"=3 "StarWindService"=2 "InCDsrv"=2 "SavRoam"=3 "ccPwdSvc"=3 "AOL TopSpeedMonitor"=2 "AOL ACS"=2 "lxcc_device"=3 "LexBceS"=2 "Viewpoint Manager Service"=2 "WMP54GSSVC"=2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] C:\Program Files\AlienGUIse\fastload.dll [2001-12-21 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"= "NoDrives"= "NoDriveAutoRun"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) " "C:\Games\Gears of War\New Folder\Gears of War\Binaries\WarGame-G4WLive.exe"="C:\Games\Gears of War\New Folder\Gears of War\Binaries\WarGame-G4WLive.exe:*:Disabled:Gears Of War" "C:\Games\Crysis\Bin32\Crysis.exe"="C:\Games\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32" "C:\Games\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Games\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Linc\uTorrent\uTorrent.exe"="C:\Linc\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Games\Chess Master\game.exe"="C:\Games\Chess Master\game.exe:*:Enabled:Chessmaster 10th Edition" "C:\WINDOWS\system32\dlcdcoms.exe"="C:\WINDOWS\system32\dlcdcoms.exe:*:Enabled:Dell 944 Server" "C:\Games\Mirror's Edge\Binaries\MirrorsEdge.exe"="C:\Games\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"="C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service" "C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"="C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service" "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Games\Activision\World at War\CoDWaW.exe"="C:\Games\Activision\World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) " "C:\Games\Activision\World at War\CoDWaWmp.exe"="C:\Games\Activision\World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) " "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6259276-fd5f-11dc-a578-0012179dc057}] shell\AutoRun\command - F:\LaunchU3.exe -a ======List of files/folders created in the last 2 months====== 2009-09-22 22:12:36 ----D---- C:\WINDOWS\OPTIONS 2009-09-10 22:02:22 ----D---- C:\ProgramData 2009-09-10 22:02:22 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts 2009-09-10 22:01:42 ----D---- C:\Program Files\Electronic Arts 2009-09-10 21:44:46 ----RA---- C:\WINDOWS\system32\vp6vfw.dll 2009-09-10 21:44:42 ----D---- C:\Program Files\Microsoft WSE 2009-09-08 22:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2009-09-08 22:36:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2009-09-08 22:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2009-08-25 22:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$ 2009-08-23 00:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-08-22 03:05:40 ----D---- C:\19d4e652ad40fea93691 2009-08-20 22:26:54 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\HPAppData 2009-08-17 21:57:08 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\InstallShield 2009-08-17 21:31:53 ----D---- C:\Program Files\NVIDIA Corporation 2009-08-17 21:31:49 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2009-08-11 22:36:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-08-11 22:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-08-11 22:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-08-11 22:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-08-11 22:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-08-11 22:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-08-11 22:36:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-08-11 22:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-08-11 22:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-07-31 08:49:08 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\HP 2009-07-31 08:49:05 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG 2009-07-31 08:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard 2009-07-31 08:47:35 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2009-07-31 08:47:33 ----A---- C:\WINDOWS\system32\hpz3l5mu.dll 2009-07-31 08:47:07 ----RA---- C:\WINDOWS\system32\hppldcoi.dll 2009-07-31 08:47:07 ----RA---- C:\WINDOWS\system32\hpowiax7.dll 2009-07-31 08:47:07 ----RA---- C:\WINDOWS\system32\hpovst15.dll 2009-07-31 08:47:07 ----RA---- C:\WINDOWS\system32\hpotscl6.dll 2009-07-31 08:47:07 ----RA---- C:\WINDOWS\system32\difxapi.dll 2009-07-31 08:38:27 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant 2009-07-31 08:38:27 ----D---- C:\Documents and Settings\All Users\Application Data\HP 2009-07-31 08:38:05 ----D---- C:\Program Files\Hewlett-Packard 2009-07-31 08:37:55 ----D---- C:\Program Files\Common Files\Hewlett-Packard 2009-07-31 08:37:35 ----D---- C:\Program Files\Common Files\HP 2009-07-31 08:35:59 ----D---- C:\Program Files\HP 2009-07-28 23:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$ ======List of files/folders modified in the last 2 months====== 2009-09-27 10:56:48 ----D---- C:\rsit 2009-09-27 10:56:36 ----D---- C:\WINDOWS\temp 2009-09-27 10:43:10 ----D---- C:\WINDOWS\Prefetch 2009-09-27 10:40:44 ----D---- C:\WINDOWS\system32\CatRoot2 2009-09-27 10:35:45 ----D---- C:\Program Files\Mozilla Firefox 2009-09-26 23:40:48 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-09-26 16:09:37 ----D---- C:\WINDOWS\system32 2009-09-26 16:09:37 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-09-24 17:10:14 ----D---- C:\WINDOWS 2009-09-22 22:52:09 ----SHD---- C:\WINDOWS\Installer 2009-09-22 22:52:08 ----RD---- C:\Program Files 2009-09-22 22:52:08 ----HD---- C:\Config.Msi 2009-09-22 22:50:45 ----D---- C:\WINDOWS\Debug 2009-09-22 22:50:13 ----SHD---- C:\System Volume Information 2009-09-22 22:50:13 ----D---- C:\WINDOWS\system32\Restore 2009-09-22 22:49:17 ----RASH---- C:\boot.ini 2009-09-22 22:49:17 ----A---- C:\WINDOWS\win.ini 2009-09-22 22:49:17 ----A---- C:\WINDOWS\system.ini 2009-09-22 22:36:05 ----D---- C:\WINDOWS\pss 2009-09-22 22:12:49 ----HD---- C:\WINDOWS\inf 2009-09-22 22:12:49 ----D---- C:\WINDOWS\system32\drivers 2009-09-22 22:12:47 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-09-22 22:12:36 ----HD---- C:\Program Files\InstallShield Installation Information 2009-09-21 21:59:44 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\uTorrent 2009-09-21 20:10:26 ----D---- C:\Downloads 2009-09-21 17:15:25 ----D---- C:\WINDOWS\Minidump 2009-09-15 22:24:44 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\vlc 2009-09-11 23:36:24 ----HD---- C:\WINDOWS\$hf_mig$ 2009-09-11 21:56:20 ----D---- C:\Program Files\QuickTime 2009-09-11 21:54:39 ----D---- C:\Program Files\Common Files\Apple 2009-09-11 21:52:11 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-09-11 19:27:36 ----D---- C:\Program Files\EVGA Precision 2009-09-10 21:44:42 ----RSD---- C:\WINDOWS\assembly 2009-09-10 20:57:05 ----D---- C:\Games 2009-09-10 18:12:15 ----D---- C:\Program Files\Microsoft Silverlight 2009-09-08 22:36:12 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-09-08 22:36:09 ----A---- C:\WINDOWS\imsins.BAK 2009-09-07 18:59:27 ----D---- C:\Program Files\dl_Cats 2009-09-02 17:40:55 ----D---- C:\WINDOWS\Microsoft.NET 2009-08-28 17:38:20 ----A---- C:\WINDOWS\system32\MRT.exe 2009-08-23 00:11:40 ----D---- C:\WINDOWS\system32\CatRoot 2009-08-22 14:50:59 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\Vso 2009-08-22 10:31:18 ----D---- C:\Documents and Settings\Lincoln Bartlett\Application Data\Azureus 2009-08-22 03:11:29 ----D---- C:\WINDOWS\WinSxS 2009-08-22 03  50 ----D---- C:\WINDOWS\system32\XPSViewer2009-08-22 03 47 ----D---- C:\WINDOWS\system32\en-us2009-08-22 03 41 ----RSD---- C:\WINDOWS\Fonts2009-08-22 03 12 ----D---- C:\WINDOWS\system32\spool2009-08-22 03:02:03 ----D---- C:\Program Files\Internet Explorer 2009-08-18 19:41:31 ----D---- C:\Program Files\UltimateBet 2009-08-17 22:42:32 ----A---- C:\WINDOWS\system32\PnkBstrB.exe 2009-08-17 22:35:26 ----D---- C:\Program Files\Absolute Poker 2009-08-17 22:35:03 ----D---- C:\Program Files\Panda Security 2009-08-17 21:38:45 ----D---- C:\WINDOWS\Help 2009-08-17 21:34:09 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-08-17 21:30:42 ----D---- C:\NVIDIA 2009-08-13 11:16:05 ----A---- C:\WINDOWS\system32\jscript.dll 2009-08-11 22:36:08 ----D---- C:\Program Files\Outlook Express 2009-08-05 05:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2009-07-31 08:47:14 ----D---- C:\WINDOWS\twain_32 2009-07-31 08:37:55 ----D---- C:\Program Files\Common Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-01-04 9336] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-01-04 9464] R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 SbcpHid;SbcpHid; \??\C:\WINDOWS\system32\Drivers\SbcpHid.sys [] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-06 33052] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [] R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-10-13 279600] R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-10-13 43824] R1 StyleXPHelper;StyleXPHelper; \??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe [] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-08-21 191536] R1 WPS;WPS; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys [] R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\WINDOWS\nvflash.sys [] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-08-29 501760] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-08-29 438784] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-08-29 7168] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-08-29 142336] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-08-29 77824] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2005-08-29 752128] R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2005-08-29 153088] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090926.019\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090926.019\NAVEX15.SYS [] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664] R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys [] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-08-29 114688] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-05-25 47360] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys [2008-10-14 49536] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 WpsHelper;WpsHelper; \??\C:\WINDOWS\system32\drivers\WpsHelper.sys [] S3 aa77r9eh;aa77r9eh; C:\WINDOWS\system32\drivers\aa77r9eh.sys [] S3 BCM42RLY;BCM42RLY; \??\C:\WINDOWS\System32\BCM42RLY.SYS [] S3 BCM43XX;Linksys Wireless-G PCI Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024] S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys [] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-08-18 340768] S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2005-08-29 179200] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664] S3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248] S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-10-13 319664] S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-08-21 27696] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S4 SysPlant;SysPlant for NT; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [2008-12-08 92488] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-09-09 102400] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-08-14 108392] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-08-14 108392] R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032] R2 dlcd_device;dlcd_device; C:\WINDOWS\system32\dlcdcoms.exe [2007-01-17 538096] R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 iPodSrv;iPodSrv; C:\Linc\iPod\bin\iPodSrv.exe [2003-03-14 90112] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-27 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-03-19 335872] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 nTuneService;Performance Service; C:\Games\nVidia\nTune\nTuneService.exe [2008-04-11 155648] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-10 75064] R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-08-17 189184] R2 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2008-12-08 1795400] R2 StyleXPService;StyleXPService; C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe [2005-07-06 344064] R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2008-12-08 2440120] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R2 UpdateCenterService;Update Center Service; C:\Games\nVidia\System Update\UpdateCenterService.exe [2008-03-13 114688] R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-01-23 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;iPod Service; C:\Linc\iPod\bin\iPodService.exe [2009-04-02 656168] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2008-06-30 3093872] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2008-12-08 320840] S3 WMConnectCDS;Windows Media Connect Service; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 855552] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- |
|
|
|
|
| Thread Tools | |
|
|
