Jan

5

[Active] Microsoft download blocked Google links hijacked.

Filed Under Virus | 

I have been trying to figure out what I need to remove to get updates from windows and get my browsers back. Must be a dns issue being rerouted causing bad links and popups and all sorts of fun stuff. I tried the post with combofix and did not get a log file and used atf and malwarebytes also the online trojan scanner on asquared web site. Ran avast antivirus and still have the microsoft download sites blocked. Any help would be great. Here is my rsit log file and could not get Kaspersky or BitDefender online to run either.

Logfile of random’s system information tool 1.04 (written by random/random)

Run by Admin at 2008-12-06 13:47:35

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 24 GB (34%) free of 71 GB

Total RAM: 1013 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:48:20 PM, on 12/6/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Vista Start Menu\VistaStartMenu.exe

C:\Program Files\CursorXP\CursorXP.exe

C:\Program Files\AIM6\aim6.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\igfxsrvc.exe

C:\Users\Admin\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\AIM6\aolsoftware.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Windows\Explorer.EXE

C:\PROGRA~1\MICROS~2\OFFICE11\OIS.EXE

C:\Program Files\Internet Explorer\ieuser.exe

C:\Users\Admin\Desktop\RSIT.exe

C:\Users\Admin\Downloads\Admin.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\real\IEeREAD.dll

O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\real\WebHook.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"

O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar…tml?p=ZRfox000

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm

O8 - Extra context menu item: Send via &Message… - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra ‘Tools’ menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso…an8/oscan8.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge…sh/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{231242A9-A7BF-464E-933B-3C11C6E808F3}: NameServer = 85.255.112.104;85.255.112.144

O17 - HKLM\System\CCS\Services\Tcpip\..\{BD90436F-AC24-4287-8CB9-B912CDAB002E}: NameServer = 85.255.112.104;85.255.112.144

O17 - HKLM\System\CCS\Services\Tcpip\..\{E8DD38FF-D46E-4F96-9CA4-0124C0584990}: NameServer = 85.255.112.104;85.255.112.144

O17 - HKLM\System\CS1\Services\Tcpip\..\{231242A9-A7BF-464E-933B-3C11C6E808F3}: NameServer = 85.255.112.104;85.255.112.144

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll

O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe

O23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exe (file missing)

O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)

O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdbqi.exe (file missing)

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

End of file - 11248 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

C:\Windows\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{24F06550-65E3-4D1C-8CFE-839C296B5530}]

AddTask Class - C:\Program Files\real\IEeREAD.dll [2007-06-28 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{6A19C29D-ED45-4483-8999-9F939C8161F2}]

AddTask Class - C:\Program Files\real\WebHook.dll [2008-02-01 57224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-01-02 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-14 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-27 618496]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-28 4317184]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-18 81000]

"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]

"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

"VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2008-10-08 2145792]

"CursorXP"=C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-10-31 50480]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]

C:\Program Files\AIM6\aim6.exe [2008-10-31 50480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]

C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-02-19 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2008-01-31 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

C:\Acer\Empowering Technology\eAPLauncher.exe [2006-11-21 528384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explo rer]

"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Windows\system32\winlogon.exe"="C:\Windows\system32\winlogon.exe:*:enab led:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{60f65fc5-1980-11dd-8682-0016d4610af5}]

shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{8ff16ec2-69d1-11dd-9d6d-000d180122b4}]

shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Info.exe protect.ed 480 480

======File associations======

.inf - open -

.inf - install -

.ini - open -

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

.txt - open - notepad.exe %1

======List of files/folders created in the last 3 months======

2008-12-06 03:31:16 —-D—- C:\Windows\BDOSCAN8

2008-12-06 02:37:50 —-D—- C:\32788R22FWJFW

2008-12-06 00:34:42 —-A—- C:\Windows\WORDPAD.INI

2008-12-06 00:34:03 —-D—- C:\rsit

2008-12-05 23:56:16 —-D—- C:\Users\Admin\AppData\Roaming\Malwarebytes

2008-12-05 23:55:58 —-D—- C:\ProgramData\Malwarebytes

2008-12-05 23:55:58 —-D—- C:\Program Files\Malwarebytes’ Anti-Malware

2008-12-05 23:02:36 —-D—- C:\Windows\Sun

2008-12-05 22:46:33 —-A—- C:\Windows\system32\javaws.exe

2008-12-05 22:46:33 —-A—- C:\Windows\system32\javaw.exe

2008-12-05 22:46:33 —-A—- C:\Windows\system32\java.exe

2008-12-05 12:33:22 —-D—- C:\Users\Admin\AppData\Roaming\TuneUp Software

2008-12-05 12:32:58 —-A—- C:\Windows\system32\authuitu.dll

2008-12-05 12:32:37 —-A—- C:\Windows\system32\uxtuneup.dll

2008-12-05 12:32:03 —-D—- C:\ProgramData\TuneUp Software

2008-12-05 12:31:36 —-D—- C:\Program Files\TuneUp Utilities 2007

2008-12-05 12:28:02 —-D—- C:\Program Files\Common Files\Wise Installation Wizard

2008-11-29 20:58:55 —-RSHD—- C:\resycled

2008-11-29 17:58:22 —-D—- C:\Program Files\AnvSoft Photo Flash Maker Professional

2008-11-28 21:07:42 —-D—- C:\Program Files\AL-Software

2008-11-28 20:51:31 —-D—- C:\Program Files\Blaze Media Pro

2008-11-28 20:48:58 —-D—- C:\ProgramData\{1A5B87F2-2D79-46CF-B9B6-209E9C84F7A4}

2008-11-26 16:58:40 —-A—- C:\Windows\system32\deploytk.dll

2008-11-25 23:08:54 —-D—- C:\Users\Admin\AppData\Roaming\MxBoost

2008-11-25 23:07:00 —-D—- C:\Users\Admin\AppData\Roaming\Maxthon2

2008-11-24 20:43:00 —-D—- C:\Program Files\Common Files\Adobe AIR

2008-11-24 20:36:27 —-D—- C:\ProgramData\NOS

2008-11-24 20:36:27 —-D—- C:\Program Files\NOS

2008-11-22 18:28:18 —-D—- C:\Program Files\DivX

2008-11-19 17:41:43 —-D—- C:\ProgramData\AOL Downloads

2008-11-10 17:25:03 —-D—- C:\Program Files\ffdshow

2008-11-10 17:24:30 —-D—- C:\Program Files\TVersity Codec Pack

2008-11-10 17:23:04 —-D—- C:\Program Files\TVersity

2008-11-09 14:15:41 —-D—- C:\Users\Admin\AppData\Roaming\PCF-VLC

2008-11-09 14:11:58 —-D—- C:\Users\Admin\AppData\Roaming\Participatory Culture Foundation

2008-11-08 21:37:24 —-D—- C:\Program Files\Participatory Culture Foundation

2008-11-08 21:37:15 —-D—- C:\OpenCandy

2008-11-08 21:29:21 —-SHD—- C:\imx

2008-11-08 21:28:17 —-D—- C:\Program Files\mytvpal-revolution-player

2008-11-02 22:49:53 —-D—- C:\ProgramData\TVU Networks

2008-11-02 21:35:26 —-D—- C:\Windows\WinRAR

2008-11-02 11:44:22 —-D—- C:\Program Files\Super Internet TV

2008-11-02 11:43:50 —-A—- C:\Windows\Super Internet TV v7.3 Setup.exe

2008-11-02 11:13:07 —-D—- C:\Program Files\TVUPlayer

2008-10-31 13:52:14 —-D—- C:\Users\Admin\AppData\Roaming\VMware

2008-10-31 00:19:34 —-D—- C:\Program Files\Lala.com

2008-10-31 00:19:15 —-D—- C:\Users\Admin\AppData\Roaming\Lala Music Mover

2008-10-30 22:58:31 —-D—- C:\ProgramData\VMware

2008-10-28 19:21:00 —-A—- C:\Windows\system32\wersvc.dll

2008-10-28 19:21:00 —-A—- C:\Windows\system32\Faultrep.dll

2008-10-28 19:20:56 —-A—- C:\Windows\system32\win32spl.dll

2008-10-27 22:28:26 —-D—- C:\Program Files\Windows Mobile Feb. 2008 DST Updates

2008-10-23 16:57:48 —-A—- C:\Windows\system32\netapi32.dll

2008-10-22 19:11:30 —-A—- C:\Lokiwiz.bat

2008-10-22 00:05:56 —-D—- C:\Utils

2008-10-21 20:26:46 —-D—- C:\Program Files\Wizard Service Tool

2008-10-17 15:28:26 —-A—- C:\Windows\system32\cddbmusicid.dll

2008-10-17 15:28:26 —-A—- C:\Windows\system32\cddblink.dll

2008-10-17 15:28:26 —-A—- C:\Windows\system32\cddbcontrol.dll

2008-10-14 23:04:50 —-D—- C:\Users\Admin\AppData\Roaming\Google

2008-10-14 23:02:07 —-D—- C:\ProgramData\Google Updater

2008-10-14 23:02:02 —-D—- C:\Program Files\Google

2008-10-14 18:33:07 —-A—- C:\Windows\system32\ntkrnlpa.exe

2008-10-14 18:33:06 —-A—- C:\Windows\system32\ntoskrnl.exe

2008-10-14 18:32:56 —-A—- C:\Windows\system32\mshtml.dll

2008-10-14 18:32:55 —-A—- C:\Windows\system32\ieframe.dll

2008-10-14 18:32:53 —-A—- C:\Windows\system32\urlmon.dll

2008-10-14 18:32:52 —-A—- C:\Windows\system32\wininet.dll

2008-10-14 18:32:51 —-A—- C:\Windows\system32\iertutil.dll

2008-10-14 18:32:49 —-A—- C:\Windows\system32\mstime.dll

2008-10-14 18:32:46 —-A—- C:\Windows\system32\jsproxy.dll

2008-10-08 00:41:51 —-D—- C:\Program Files\uTorrent

2008-10-08 00:41:32 —-D—- C:\Users\Admin\AppData\Roaming\uTorrent

2008-10-05 18:09:38 —-A—- C:\Windows\system32\SHORTCUT.INI

2008-10-05 18:09:26 —-A—- C:\Windows\system32\REMOTEDEVICE.INI

2008-10-05 15:25:59 —-D—- C:\Program Files\Avanquest update

2008-10-05 15:18:40 —-D—- C:\Program Files\Common Files\Motorola Shared

2008-10-05 15:18:04 —-D—- C:\ProgramData\BVRP Software

2008-10-05 15:18:04 —-D—- C:\Program Files\Motorola Phone Tools

2008-09-28 21:03:48 —-D—- C:\Program Files\NormSoft, Inc

2008-09-25 18:27:46 —-D—- C:\Program Files\Apache Software Foundation

2008-09-25 16:48:57 —-D—- C:\Users\Admin\AppData\Roaming\Ace

2008-09-25 16:39:13 —-A—- C:\Windows\system32\d3dx9_32.dll

2008-09-25 16:39:11 —-A—- C:\Windows\system32\d3dx9_31.dll

2008-09-25 16:35:38 —-D—- C:\Program Files\THQ

2008-09-25 16:35:11 —-D—- C:\Users\Admin\AppData\Roaming\InstallShield

2008-09-19 16:55:58 —-A—- C:\Windows\system32\ssldivx.dll

2008-09-19 16:55:58 —-A—- C:\Windows\system32\libdivx.dll

2008-09-09 15:14:33 —-A—- C:\Windows\system32\Apphlpdm.dll

2008-09-09 15:14:30 —-A—- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-09-09 15:14:24 —-A—- C:\Windows\system32\wmpeffects.dll

2008-09-09 15:14:14 —-A—- C:\Windows\system32\emdmgmt.dll

2008-09-09 15:14:13 —-A—- C:\Windows\system32\dataclen.dll

2008-09-09 15:14:13 —-A—- C:\Windows\system32\cdd.dll

======List of files/folders modified in the last 3 months======

2008-12-06 13:47:34 —-D—- C:\Windows\Temp

2008-12-06 13:28:07 —-D—- C:\Windows\system32\drivers

2008-12-06 13:25:47 —-D—- C:\Windows\Prefetch

2008-12-06 13:12:36 —-D—- C:\Windows\System32

2008-12-06 13:12:36 —-D—- C:\Windows\inf

2008-12-06 13:12:36 —-A—- C:\Windows\system32\PerfStringBackup.INI

2008-12-06 12:52:42 —-D—- C:\Users\Admin\AppData\Roaming\Vista Start Menu

2008-12-06 05:24:36 —-A—- C:\Windows\system32\bscs.ini

2008-12-06 04:49:11 —-D—- C:\Windows

2008-12-06 03:57:27 —-RD—- C:\Program Files

2008-12-06 03:57:26 —-D—- C:\Program Files\MyWebSearch

2008-12-06 03:34:07 —-SD—- C:\Windows\Downloaded Program Files

2008-12-06 02:56:34 —-D—- C:\Program Files\Mozilla Firefox

2008-12-05 23:55:58 —-HD—- C:\ProgramData

2008-12-05 22:46:47 —-SHD—- C:\Windows\Installer

2008-12-05 22:46:03 —-D—- C:\Program Files\Java

2008-12-05 22:41:20 —-SHD—- C:\System Volume Information

2008-12-05 12:34:29 —-D—- C:\Windows\Tasks

2008-12-05 12:28:02 —-D—- C:\Program Files\Common Files

2008-12-04 12:06:10 —-D—- C:\Windows\Minidump

2008-11-29 20:43:35 —-D—- C:\Program Files\Vista Start Menu

2008-11-28 22:10:52 —-D—- C:\Windows\system32\WDI

2008-11-28 22:08:15 —-D—- C:\Windows\system32\Macromed

2008-11-26 21:57:49 —-RSD—- C:\Windows\assembly

2008-11-24 21:51:43 —-D—- C:\Program Files\WinRAR

2008-11-24 21:02:00 —-D—- C:\Windows\system32\spool

2008-11-24 21:00:42 —-D—- C:\ProgramData\CanonIJPLM

2008-11-24 20:43:22 —-D—- C:\Program Files\Adobe

2008-11-24 20:42:28 —-D—- C:\ProgramData\Adobe

2008-11-24 20:41:31 —-D—- C:\Program Files\Common Files\Adobe

2008-11-22 09:59:58 —-D—- C:\Windows\WindowsMobile

2008-11-21 14:12:01 —-D—- C:\Program Files\AIM6

2008-11-19 17:44:00 —-D—- C:\ProgramData\Viewpoint

2008-11-18 19:04:15 —-D—- C:\Liz

2008-11-18 12:41:38 —-A—- C:\Windows\system32\aswBoot.exe

2008-11-10 17:00:13 —-D—- C:\Windows\system32\catroot2

2008-11-04 23:44:57 —-D—- C:\Windows\system32\catroot

2008-11-04 17:08:09 —-D—- C:\Program Files\Ashampoo

2008-11-04 16:24:59 —-AD—- C:\ProgramData\TEMP

2008-11-02 19:57:26 —-D—- C:\Windows\servicing

2008-11-02 19:50:36 —-D—- C:\Windows\ehome

2008-11-02 18:07:51 —-D—- C:\Program Files\Windows Mail

2008-11-02 17:29:07 —-A—- C:\Windows\system32\LOCALSERVICE.INI

2008-11-01 17:34:26 —-D—- C:\Users\Admin\AppData\Roaming\Canon

2008-10-31 10:51:49 —-D—- C:\Windows\winsxs

2008-10-31 10:51:36 —-D—- C:\Program Files\Paint.NET

2008-10-31 00:20:17 —-SD—- C:\Users\Admin\AppData\Roaming\Microsoft

2008-10-22 15:03:49 —-D—- C:\Program Files\Microsoft Silverlight

2008-10-15 02:16:12 —-D—- C:\Windows\system32\migration

2008-10-15 02:08:30 —-A—- C:\Windows\win.ini

2008-10-11 12:02:32 —-D—- C:\Users\Admin\AppData\Roaming\MP3Rocket

2008-10-07 14:19:40 —-A—- C:\Windows\system32\mrt.exe

2008-10-05 18:09:19 —-A—- C:\Windows\system32\LOCALDEVICE.INI

2008-10-05 17:41:37 —-HD—- C:\Program Files\InstallShield Installation Information

2008-10-05 15:22:27 —-D—- C:\Program Files\Common Files\microsoft shared

2008-10-02 23:09:40 —-D—- C:\Windows\LiveKernelReports

2008-09-22 18:23:22 —-D—- C:\Program Files\Internet Explorer

2008-09-10 02:17:03 —-D—- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 16877]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-18 23152]

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-18 110160]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-18 50864]

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-18 20560]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-18 51792]

R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-02 76584]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]

R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-03-27 97600]

R3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]

R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]

R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]

R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-15 11984]

R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]

R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]

R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]

R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-17 986624]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-17 206848]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]

R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]

R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-07-02 29960]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-17 659968]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S2 int15.sys;int15.sys; \??\C:\Acer\Upgrade Kit\int15.sys [2006-12-14 69632]

S3 a3xbape4;a3xbape4; C:\Windows\system32\drivers\a3xbape4.sys []

S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-07-02 38920]

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-19 19456]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-28 220160]

S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-28 29184]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]

S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]

S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1; C:\Windows\system32\drivers\libusb0.sys [2007-03-20 16896]

S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-18 23680]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\Windows\system32\drivers\Ndisprot.sys [2008-11-29 29184]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]

S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [2006-06-08 6909]

S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]

S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []

S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]

S3 winusb;WinUsb Driver; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-19 31616]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service; C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2008-09-08 749400]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-18 18752]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-18 155160]

R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-07-18 770048]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]

R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]

R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]

R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]

R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-14 168432]

R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]

R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2008-09-02 28762]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

R2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2007-12-30 724992]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]

R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]

R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-18 254040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-18 352920]

R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-06-04 69735]

S2 Windows Tribute Service;Windows Tribute Service; C:\Windows\system32\kdbqi.exe -srv []

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe []

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe []

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-02-19 504104]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

—————–EOF—————–

kerbdog is offline

Related Posts:

written by lina \\ tags: , , , , , , , , , , , , , , , , , , , , , , , ,

Comments

Leave a Reply

You must be logged in to post a comment.