-
Linabbs's blog- ZA采用升級安裝或者導入舊版ZA的配置文件到新版導致程序列表假死的Bug。
- 裝了ZA,如何使你的開機速度快點
- 如何設置查看局域網內被設入internet區機器的共享資源
- ZA也可以做到低資源占用!
- 關于za for vista(在VISTA下用ZA的人過來看看)
- CheckPoint Integrity Desktop v6.5.063.207 KeyGen
- 戰術攻防之近距離搏擊篇(ARP)攻擊
- 還在使用老版ZA的朋友們注意:ZoneAlarm防火墻產品有多個本地權限提升存在漏洞
- Knowledge Base / KB Extended (KE) 內容列表及說明
- 關于《利用ZA專家規則,允許/禁止端口》的一點補充和說明
Jan
4
[Active] GF’s laptop occur some unknown error/malware.
Filed Under Virus |
This is m3ow again, this time my gf’s laptop occur some virus that keep forcing her laptop to restart.
This is the HJT log, replies will be much appreciated. 
PS- will be seperated into 2 post.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by - r e i- at 2008-12-23 01:33:48
Microsoft?Windows Vista™ Home Basic Service Pack 1
System drive C: has 19 GB (30%) free of 63 GB
Total RAM: 2037 MB (39% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:42:54 AM, on 23/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: NormalRunning processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Yahoo!\Assistant\ylive.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Live100Percent\live100percent.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\- r e i-\Desktop\RSIT.exe
C:\Program Files\trend micro\- r e i-.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ???? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ???? - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RavenhearstSetup.exe] C:\Users\-REI-~1\Desktop\RAVENH~1.EXE /r
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Live100Percent.lnk = C:\Program Files\Live100Percent\live100percent.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: ???? - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/start.htm?sou…btn=yassistnew (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: dlcx_device - - C:\Windows\system32\dlcxcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
–End of file - 10841 bytes
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-05 320920][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-08-22 2403392][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-05 34816][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-22 2403392]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} - ???? - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll [2007-12-29 380336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-05-21 159744]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-07-02 138008]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-07-02 154392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-07-02 133912]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-04-16 184320]
"dscactivate"=c:\dell\dsca.exe [2007-07-31 16384]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"dlcxmon.exe"=C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe [2007-01-13 292336]
"MemoryCardManager"=C:\Program Files\Dell Photo AIO Printer 926\memcard.exe [2006-11-04 304008]
"FaxCenterServer"=C:\Program Files\Dell PC Fax\fm3032.exe [2006-11-04 312200]
"DLCXCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-06-25 405504]
"YLive.exe"=C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe [2007-12-29 89520]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-05 136600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"RavenhearstSetup.exe"=C:\Users\-REI-~1\Desktop\RAVENH~1.EXE /r []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-18 486856]C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
Live100Percent.lnk - C:\Program Files\Live100Percent\live100percent.exe
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-07-02 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscs vc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscs vc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfSer vice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\F]
shell\AutoRun\command - F:\automenu.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{0afcb47a-6462-11dd-b0d2-001c26f30afe}]
shell\AutoRun\command - G:\qxbx9blb.com
shell\explore\command - G:\qxbx9blb.com
shell\open\command - G:\qxbx9blb.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{14bfdda0-b51d-11dc-94be-001c26f30afe}]
shell\Auto\command - infrom.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{2e52a729-819c-11dd-a6ac-c441f48d27b6}]
shell\Auto\command - autoregistry.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autoregistry.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{e8f37e6d-147d-11dd-9f4d-001c26f30afe}]
shell\AutoRun\command - F:\automenu.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{e9d2c294-f0bc-11dc-bc00-001c26f30afe}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe AngAntiVirus.vbs
======List of files/folders created in the last 3 months======
2008-12-23 01:33:49 —-D—- C:\Program Files\trend micro
2008-12-23 01:33:48 —-D—- C:\rsit
2008-12-19 16:40:12 —-A—- C:\Windows\system32\mshtml.dll
2008-12-16 19:29:58 —-D—- C:\Users\- r e i-\AppData\Roaming\Ludia
2008-12-16 19:29:58 —-D—- C:\ProgramData\Ludia
2008-12-15 03:06:06 —-SHD—- C:\Config.Msi
2008-12-14 14:13:48 —-A—- C:\Windows\system32\tzres.dll
2008-12-14 14:09:52 —-A—- C:\Windows\system32\Apphlpdm.dll
2008-12-14 14:09:41 —-A—- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-14 14:09:11 —-A—- C:\Windows\system32\shell32.dll
2008-12-14 14:07:57 —-A—- C:\Windows\system32\urlmon.dll
2008-12-14 14:07:55 —-A—- C:\Windows\system32\ieframe.dll
2008-12-14 14:07:52 —-A—- C:\Windows\system32\wininet.dll
2008-12-14 14:07:52 —-A—- C:\Windows\system32\mstime.dll
2008-12-14 14:07:48 —-A—- C:\Windows\system32\iertutil.dll
2008-12-14 14:07:45 —-A—- C:\Windows\system32\jsproxy.dll
2008-12-14 02:16:00 —-A—- C:\Windows\system32\gdi32.dll
2008-12-14 02:10:25 —-A—- C:\Windows\system32\mf.dll
2008-12-14 02:10:24 —-A—- C:\Windows\system32\WMVCORE.DLL
2008-12-14 02:10:22 —-A—- C:\Windows\system32\WMNetMgr.dll
2008-12-14 02:10:22 —-A—- C:\Windows\system32\logagent.exe
2008-12-13 21:02:24 —-A—- C:\Windows\explorer.exe
2008-12-05 13:08:52 —-A—- C:\Windows\system32\javaws.exe
2008-12-05 13:08:52 —-A—- C:\Windows\system32\javaw.exe
2008-12-05 13:08:52 —-A—- C:\Windows\system32\deploytk.dll
2008-12-05 13:08:51 —-A—- C:\Windows\system32\java.exe
2008-11-26 20:10:36 —-A—- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 20:10:28 —-A—- C:\Windows\system32\connect.dll
2008-11-26 20:10:11 —-A—- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 20:10:11 —-A—- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 20:10:10 —-A—- C:\Windows\system32\WindowsCodecs.dll
2008-11-14 21:16:56 —-A—- C:\Windows\system32\msxml6.dll
2008-11-14 03:32:35 —-A—- C:\Windows\system32\wups2.dll
2008-11-14 03:32:35 —-A—- C:\Windows\system32\wucltux.dll
2008-11-14 03:32:35 —-A—- C:\Windows\system32\wuauclt.exe
2008-11-14 03:32:34 —-A—- C:\Windows\system32\wuaueng.dll
2008-11-14 03:31:31 —-A—- C:\Windows\system32\wups.dll
2008-11-14 03:31:31 —-A—- C:\Windows\system32\wudriver.dll
2008-11-14 03:31:31 —-A—- C:\Windows\system32\wuapi.dll
2008-11-14 03:31:09 —-A—- C:\Windows\system32\wuwebv.dll
2008-11-14 03:31:08 —-A—- C:\Windows\system32\wuapp.exe
2008-11-08 02:48:25 —-D—- C:\Program Files\Yahoo!
2008-11-08 02:47:50 —-D—- C:\Program Files\7788xyx
2008-11-02 04:06:36 —-A—- C:\Windows\system32\wersvc.dll
2008-11-02 04:06:36 —-A—- C:\Windows\system32\Faultrep.dll
2008-10-25 18:35:24 —-A—- C:\Windows\system32\netapi32.dll
2008-10-16 19:10:38 —-A—- C:\Windows\system32\msshooks.dll
2008-10-16 19:10:37 —-A—- C:\Windows\system32\msscb.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\SearchFilterHost.exe
2008-10-16 19:10:34 —-A—- C:\Windows\system32\propsys.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\propdefs.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\msstrc.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\mssprxy.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\mssitlb.dll
2008-10-16 19:10:34 —-A—- C:\Windows\system32\msshsq.dll
2008-10-16 19:10:33 —-A—- C:\Windows\system32\thawbrkr.dll
2008-10-16 19:10:33 —-A—- C:\Windows\system32\srchadmin.dll
2008-10-16 19:10:33 —-A—- C:\Windows\system32\korwbrkr.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\xmlfilter.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\wsepno.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\rtffilt.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\offfilt.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\nlhtml.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\msscntrs.dll
2008-10-16 19:10:32 —-A—- C:\Windows\system32\mimefilt.dll
2008-10-16 19:10:31 —-A—- C:\Windows\system32\tquery.dll
2008-10-16 19:10:31 —-A—- C:\Windows\system32\SearchProtocolHost.exe
2008-10-16 19:10:31 —-A—- C:\Windows\system32\SearchIndexer.exe
2008-10-16 19:10:31 —-A—- C:\Windows\system32\mssrch.dll
2008-10-16 19:10:31 —-A—- C:\Windows\system32\chtbrkr.dll
2008-10-16 19:10:31 —-A—- C:\Windows\system32\chsbrkr.dll
2008-10-16 19:10:30 —-A—- C:\Windows\system32\mssvp.dll
2008-10-16 19:10:30 —-A—- C:\Windows\system32\mssphtb.dll
2008-10-16 19:10:30 —-A—- C:\Windows\system32\mssph.dll
2008-10-16 17:49:53 —-A—- C:\Windows\system32\rpcrt4.dll
2008-10-16 17:49:51 —-A—- C:\Windows\system32\pacerprf.dll
2008-10-16 17:46:32 —-A—- C:\Windows\system32\emdmgmt.dll
2008-10-16 17:46:31 —-A—- C:\Windows\system32\dataclen.dll
2008-10-16 17:46:31 —-A—- C:\Windows\system32\cdd.dll
2008-10-16 17:46:26 —-A—- C:\Windows\system32\vbscript.dll
2008-10-16 17:46:25 —-A—- C:\Windows\system32\wshext.dll
2008-10-16 17:46:25 —-A—- C:\Windows\system32\wscript.exe
2008-10-16 17:46:25 —-A—- C:\Windows\system32\jscript.dll
2008-10-16 17:46:25 —-A—- C:\Windows\system32\cscript.exe
2008-10-16 17:46:22 —-A—- C:\Windows\system32\scrrun.dll
2008-10-16 17:46:22 —-A—- C:\Windows\system32\scrobj.dll
2008-10-16 17:46:17 —-A—- C:\Windows\system32\ntoskrnl.exe
2008-10-16 17:46:17 —-A—- C:\Windows\system32\ntkrnlpa.exe
2008-10-13 02:59:10 —-D—- C:\PerfLogs
2008-09-30 16:43:34 —-A—- C:\Windows\system32\msxml4.dll
======List of files/folders modified in the last 3 months======
2008-12-23 01:42:24 —-D—- C:\Windows\Temp
2008-12-23 01:36:24 —-D—- C:\Windows\Prefetch
2008-12-23 01:33:49 —-RD—- C:\Program Files
2008-12-23 01:00:06 —-D—- C:\Windows\System32
2008-12-23 01:00:06 —-D—- C:\Windows\inf
2008-12-23 01:00:06 —-A—- C:\Windows\system32\PerfStringBackup.INI
2008-12-23 00:47:23 —-D—- C:\Program Files\McAfee
2008-12-19 16:40:45 —-D—- C:\Windows\winsxs
2008-12-19 16:40:33 —-D—- C:\Windows\system32\catroot
2008-12-19 16:40:01 —-SHD—- C:\System Volume Information
2008-12-16 19:29:58 —-HD—- C:\ProgramData
2008-12-15 03:14:08 —-D—- C:\Windows\AppPatch
2008-12-15 03:14:08 —-D—- C:\Program Files\Windows Mail
2008-12-15 03:08:39 —-SHD—- C:\Windows\Installer
2008-12-15 03:08:31 —-D—- C:\ProgramData\Microsoft Help
2008-12-14 14:41:59 —-D—- C:\Windows\rescache
2008-12-14 14:23:28 —-D—- C:\Windows\system32\en-US
2008-12-14 14:23:28 —-D—- C:\Windows
2008-12-14 14:14:44 —-D—- C:\Windows\system32\catroot2
2008-12-13 21:10:04 —-D—- C:\Program Files\Dl_cats
2008-12-10 07:24:37 —-A—- C:\Windows\system32\mrt.exe
2008-12-05 13:12:07 —-D—- C:\Program Files\Java
2008-12-05 13:04:59 —-SD—- C:\Windows\Downloaded Program Files
2008-11-15 03:53:58 —-D—- C:\Windows\Logs
2008-11-15 03:15:05 —-D—- C:\Windows\system32\drivers
2008-11-02 15:21:18 —-D—- C:\ProgramData\Roxio
2008-10-21 01:05:58 —-D—- C:\Windows\system32\WDI
2008-10-16 23:34:50 —-D—- C:\Windows\PolicyDefinitions
2008-10-16 23:34:44 —-D—- C:\Windows\system32\migration
2008-10-13 03:28:22 —-D—- C:\Windows\Microsoft.NET
2008-10-13 03:28:15 —-RSD—- C:\Windows\assembly
2008-10-13 03:18:19 —-SHD—- C:\Boot
2008-10-13 03:18:00 —-ASH—- C:\Program Files\desktop.ini
2008-10-13 03:13:47 —-D—- C:\Windows\system32\wbem
2008-10-13 03:04:20 —-D—- C:\Program Files\Windows Calendar
2008-10-13 03:04:19 —-D—- C:\Program Files\Windows Sidebar
2008-10-13 03:04:18 —-D—- C:\Program Files\Movie Maker
2008-10-13 03:04:17 —-D—- C:\Program Files\Windows Media Player
2008-10-13 03:04:17 —-D—- C:\Program Files\Internet Explorer
2008-10-13 03:04:16 —-D—- C:\Program Files\Windows Collaboration
2008-10-13 03:04:15 —-D—- C:\Program Files\Windows Photo Gallery
2008-10-13 03:04:07 —-D—- C:\Program Files\Windows Defender
2008-10-13 03:04:07 —-D—- C:\Program Files\Common Files\System
2008-10-13 03:04:05 —-D—- C:\Windows\servicing
2008-10-13 03:03:45 —-D—- C:\Windows\MSAgent
2008-10-13 03:03:41 —-D—- C:\Windows\DigitalLocker
2008-10-13 03:03:40 —-D—- C:\Windows\L2Schemas
2008-10-13 03:03:40 —-D—- C:\Windows\IME
2008-10-13 03:03:37 —-D—- C:\Windows\system32\XPSViewer
2008-10-13 03:03:37 —-D—- C:\Windows\system32\ko-KR
2008-10-13 03:03:37 —-D—- C:\Windows\system32\da-DK
2008-10-13 03:03:37 —-D—- C:\Windows\system32\com
2008-10-13 03:03:17 —-D—- C:\Windows\system32\de-DE
2008-10-13 03:03:16 —-D—- C:\Windows\system32\it-IT
2008-10-13 03:03:16 —-D—- C:\Windows\system32\el-GR
2008-10-13 03:03:15 —-D—- C:\Windows\system32\oobe
2008-10-13 03:03:14 —-D—- C:\Windows\system32\sysprep
2008-10-13 03:03:01 —-D—- C:\Windows\system32\AdvancedInstallers
2008-10-13 03:03:00 —-D—- C:\Windows\system32\ru-RU
2008-10-13 03:02:59 —-D—- C:\Windows\system32\sv-SE
2008-10-13 03:02:59 —-D—- C:\Windows\system32\setup
2008-10-13 03:02:59 —-D—- C:\Windows\system32\ias
2008-10-13 03:02:59 —-D—- C:\Windows\system32\he-IL
2008-10-13 03:02:59 —-D—- C:\Windows\system32\fr-FR
2008-10-13 03:02:58 —-D—- C:\Windows\system32\SLUI
2008-10-13 03:02:58 —-D—- C:\Windows\system32\pt-PT
2008-10-13 03:02:58 —-D—- C:\Windows\system32\hu-HU
2008-10-13 03:02:58 —-D—- C:\Windows\system32\fi-FI
2008-10-13 03:02:58 —-D—- C:\Windows\system32\cs-CZ
2008-10-13 03:02:52 —-D—- C:\Windows\system32\zh-CN
2008-10-13 03:02:52 —-D—- C:\Windows\system32\en
2008-10-13 03:02:51 —-D—- C:\Windows\system32\zh-TW
2008-10-13 03:02:51 —-D—- C:\Windows\system32\pl-PL
2008-10-13 03:02:51 —-D—- C:\Windows\system32\manifeststore
2008-10-13 03:02:51 —-D—- C:\Windows\system32\es-ES
2008-10-13 03:02:50 —-D—- C:\Windows\system32\ro-RO
2008-10-13 03:02:50 —-D—- C:\Windows\system32\ja-JP
2008-10-13 03:02:42 —-D—- C:\Windows\system32\tr-TR
2008-10-13 03:02:34 —-D—- C:\Windows\system32\nb-NO
2008-10-13 03:02:33 —-D—- C:\Windows\system32\nl-NL
2008-10-13 03:02:33 —-D—- C:\Windows\system32\ar-SA
2008-10-13 03:02:25 —-D—- C:\Windows\system32\migwiz
2008-10-13 03:02:24 —-D—- C:\Windows\system32\pt-BR
2008-10-13 02:59:26 —-D—- C:\Windows\Boot
2008-10-13 02:59:17 —-D—- C:\Windows\system32\Boot
2008-10-13 02:31:49 —-D—- C:\Windows\ModemLogs
2008-10-12 15:08:36 —-A—- C:\Windows\system32\ifxcardm.dll
2008-10-12 15:08:33 —-A—- C:\Windows\system32\axaltocm.dll
2008-09-27 02:31:37 —-D—- C:\Users\- r e i-\AppData\Roaming\dvdcss
2008-09-25 18:54:54 —-D—- C:\Program Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 dsunidrv;DellSupport UniDriver; C:\Windows\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-27 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-27 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-27 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-05-21 157184]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-05-21 179712]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-19 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 78128]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 80176]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 16560]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [2006-10-05 4736]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-07-02 1675776]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-08-13 2226688]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-06-25 326656]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 aqitlasg;aqitlasg; C:\Windows\system32\drivers\aqitlasg.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 dlcx_device;dlcx_device; C:\Windows\system32\dlcxcoms.exe [2006-11-04 537480]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-06-25 94208]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-22 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
—————–EOF—————–
Related Posts:
Comments
Leave a Reply
You must be logged in to post a comment.