|
|
Wonderwoman
regular
Reg'd: Thu
Posts: 261
|
Re: so so slow
Thu Jul 02 2009 11:02 PM
|
|
|
|
not sure if its my imagination, but seem faster already-
here a both logs -
ComboFix 09-07-02.02 - Compaq_Owner 02/07/2009 22:50.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.1022.516 [GMT 1:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\documents and settings\Compaq_Owner\Application Data\inst.exe
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\windows\Installer\2ea358.a374.msi
c:\windows\Installer\8c6af8.msi
c:\windows\Installer\ccf09.msi
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\plugin1.dat
c:\windows\system32\pthreadVC.dll
c:\windows\system32\SysPr.prx
c:\windows\system32\WanPacket.dll
c:\windows\system32\win32
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2009-06-02 to 2009-07-02 )))))))))))))))))))))))))))))))
.
2009-07-02 21:40 . 2009-07-02 21:40 -------- d-----w- c:\program files\Trend Micro
2009-07-02 07:58 . 2009-06-26 09:06 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-02 07:58 . 2009-06-26 09:06 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-07-02 07:58 . 2009-06-26 09:06 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-02 07:58 . 2009-06-26 09:06 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-07-02 07:58 . 2009-06-26 09:06 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-07-02 07:58 . 2009-06-26 09:06 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-02 07:58 . 2009-06-26 09:06 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-02 07:58 . 2009-06-26 09:06 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-02 07:58 . 2009-06-26 09:06 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-07-02 07:58 . 2009-06-26 09:05 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-02 07:58 . 2009-06-26 09:05 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-01 12:52 . 2009-07-01 12:52 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-06-30 22:16 . 2009-06-30 22:16 -------- d-----w- c:\program files\IrfanView
2009-06-30 17:05 . 2009-06-30 17:05 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Anthropics
2009-06-30 16:50 . 2009-06-30 16:50 -------- d-----w- c:\program files\Photo!
2009-06-27 12:55 . 2009-06-27 12:55 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Kodak
2009-06-27 12:51 . 2009-06-27 12:51 -------- d-----w- c:\program files\Kodak
2009-06-27 12:51 . 2009-06-27 12:51 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Downloaded Installations
2009-06-24 20:17 . 2007-08-29 11:54 185344 ----a-w- c:\windows\system32\iwpsetup.exe
2009-06-11 07:30 . 2009-04-30 21:22 12800 ----a-w- c:\windows\system32\dllcache\xpshims.dll
2009-06-11 07:30 . 2009-04-30 21:22 246272 ----a-w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 14:05 . 2009-06-09 14:05 -------- d-----w- c:\program files\MSXML 4.0
2009-06-09 11:27 . 2009-06-09 11:27 -------- d-----w- c:\program files\Coupon Printer
2009-06-09 11:27 . 2009-06-09 11:27 31 ---ha-w- c:\windows\UKCpInfo.sys
2009-06-08 13:40 . 2009-06-08 13:40 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\FotoWire
2009-06-07 14:15 . 2009-06-08 15:05 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\skypePM
2009-06-07 14:15 . 2009-06-07 14:15 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-07 14:11 . 2009-06-24 20:30 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Skype
2009-06-07 14:10 . 2009-06-07 14:10 -------- d-----w- c:\program files\Common Files\Skype
2009-06-07 14:10 . 2009-06-07 14:10 -------- d-----r- c:\program files\Skype
2009-06-07 14:10 . 2009-06-07 14:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-06 22:47 . 2009-06-06 22:47 -------- d-----w- c:\program files\Common Files\CyberLink
2009-06-03 15:25 . 2009-06-03 15:25 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\DoubleD
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-02 21:55 . 2009-03-28 19:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\MailWasherPro
2009-07-02 07:58 . 2009-03-28 16:08 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-27 17:42 . 2009-05-24 09:04 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Vso
2009-06-27 15:26 . 2009-04-13 09:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-27 15:19 . 2009-05-30 17:44 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-26 09:06 . 2009-03-28 16:09 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-26 09:06 . 2009-03-28 16:08 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-17 14:20 . 2009-06-08 12:43 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Affinegy
2009-06-17 10:27 . 2009-04-13 09:40 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 10:27 . 2009-04-13 09:40 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-14 16:32 . 2009-03-28 16:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-08 13:40 . 2009-06-08 13:40 -------- d-----w- c:\program files\Common Files\FotoWire
2009-06-08 13:40 . 2009-06-08 10:54 -------- d-----w- c:\program files\Logitech
2009-06-08 13:17 . 2009-05-24 14:30 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-08 12:51 . 2005-01-02 06:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-08 12:39 . 2009-06-08 12:38 -------- d-----w- c:\program files\Virgin Broadband Wireless
2009-06-08 12:39 . 2009-06-08 12:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Affinegy
2009-06-08 12:30 . 2009-06-08 12:30 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-06-08 12:30 . 2009-06-08 12:30 -------- d-----w- c:\program files\NETGEAR
2009-06-08 11:17 . 2009-05-30 07:29 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\CyberLink
2009-06-08 11:14 . 2009-05-30 07:27 -------- d-----w- c:\program files\CyberLink
2009-06-08 11:13 . 2009-05-30 09:13 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
2009-06-08 10:55 . 2009-06-08 10:55 -------- d-----w- c:\program files\Common Files\Logitech
2009-06-08 10:54 . 2009-06-08 10:54 81920 ------r- c:\windows\bwUnin-6.1.4.68-8876480L.exe
2009-06-06 22:47 . 2009-05-30 09:18 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-06-06 22:47 . 2009-05-30 09:18 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\PostBuild.exe
2009-06-06 06:58 . 2009-05-30 07:29 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-05-30 09:24 . 2009-05-30 09:24 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe
2009-05-30 09:23 . 2009-05-30 09:23 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
2009-05-30 09:21 . 2009-05-30 07:27 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\PostBuild.exe
2009-05-30 09:16 . 2009-05-30 09:16 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
2009-05-30 09:15 . 2009-05-30 09:15 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2009-05-30 09:13 . 2009-05-30 09:13 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{80E158EA-7181-40FE-A701-301CE6BE64AB}\PostBuild.exe
2009-05-30 09:11 . 2009-05-30 09:12 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-05-30 07:29 . 2009-03-28 11:15 75104 ----a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-29 13:10 . 2009-04-06 17:01 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Canon
2009-05-29 12:53 . 2009-03-28 16:37 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\U3
2009-05-27 17:32 . 2009-05-27 17:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Cached Installations
2009-05-27 17:07 . 2009-05-24 14:30 -------- d-----w- c:\program files\Stellar Phoenix Photo Recovery
2009-05-27 15:19 . 2009-05-25 08:54 -------- d-----w- c:\program files\Stellar Phoenix Deleted File Recovery
2009-05-27 15:19 . 2009-05-24 14:55 -------- d-----w- c:\program files\PhotoRescue Wizard PC 3.1.9.11674
2009-05-27 15:19 . 2009-05-24 14:37 -------- d-----w- c:\program files\Digital Photo Recovery
2009-05-25 08:54 . 2009-05-25 08:54 4 ----a-w- c:\windows\vx86036.dat
2009-05-24 15:14 . 2009-05-24 14:48 -------- d-----w- c:\program files\OfficeRecovery
2009-05-24 14:36 . 2009-05-24 14:36 23 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\SLLOG.sys
2009-05-24 14:36 . 2009-05-24 14:36 23 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\SLLOG.sys
2009-05-24 11:09 . 2009-05-24 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\vsosdk
2009-05-24 09:04 . 2009-05-24 09:04 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-05-24 09:04 . 2009-05-24 09:04 47360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\pcouffin.sys
2009-05-24 09:04 . 2009-05-24 09:04 47360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\pcouffin.sys
2009-05-24 09:04 . 2009-05-24 09:04 -------- d-----w- c:\program files\VSO
2009-05-23 11:30 . 2009-04-20 17:24 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\The Complete Genealogy Reporter
2009-05-22 09:53 . 2009-05-22 09:53 -------- d-----w- c:\documents and settings\All Users\Application Data\VirginMedia
2009-05-19 19:52 . 2009-05-19 19:52 15360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Thinstall\Data Doctor Recovery Digital Camera 3.0.1.5\1000000b00002i\RUNDLL32.exe
2009-05-19 19:52 . 2009-05-19 19:52 15360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Thinstall\Data Doctor Recovery Digital Camera 3.0.1.5\4000005200003i\FamilyTreeBuilder-Comm.exe
2009-05-19 18:59 . 2009-05-19 18:59 15360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Thinstall\Data Doctor Recovery Digital Camera 3.0.1.5\40000097c00002i\MyHeritage.exe
2009-05-19 17:27 . 2009-05-19 17:27 15360 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Thinstall\Data Doctor Recovery Digital Camera 3.0.1.5\400000d00002i\DataDoctor-HDD.exe
2009-05-19 17:27 . 2009-05-19 14:02 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Thinstall
2009-05-19 16:54 . 2009-05-19 16:54 -------- d-----w- c:\program files\DiskInternals
2009-05-13 05:15 . 2009-03-28 17:41 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-11 08:36 . 2009-03-28 16:09 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-08 12:01 . 2009-04-09 15:10 -------- d-----w- c:\program files\Google
2009-05-07 15:44 . 2009-03-28 17:38 344064 ----a-w- c:\windows\system32\localspl.dll
2009-05-04 16:52 . 2009-05-04 15:43 -------- d-----w- c:\program files\Family Tree Maker 2008
2009-05-04 15:44 . 2009-05-04 15:44 1078 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}\DocumentationShortcu_EDEA8AB776834ED2AA19E6C078064C0D.exe
2009-05-04 15:44 . 2009-05-04 15:44 10134 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}\ARPPRODUCTICON.exe
2009-05-04 15:44 . 2009-05-04 15:44 -------- d-----w- c:\program files\Microsoft WSE
2009-05-04 15:23 . 2009-03-31 16:31 -------- d-----w- c:\program files\Family Tree Maker 2006
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-04-17 09:58 . 2009-03-28 17:41 1846656 ----a-w- c:\windows\system32\win32k.sys
2009-04-16 17:32 . 2009-04-16 17:32 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-04-15 15:11 . 2009-03-28 17:40 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-13 15:20 . 2009-04-13 15:20 106496 ----a-w- c:\windows\rtpmsi32.dll
2009-04-13 13:50 . 2009-04-13 13:50 245760 ------w- c:\windows\Setup1.exe
2009-04-13 13:50 . 2009-04-13 13:50 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-04-07 20:25 . 2009-04-18 11:34 100944 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-04-07 20:25 . 2009-04-18 11:34 79888 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-04-07 20:25 . 2009-04-18 11:14 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2005-08-07 17:24 . 2009-03-28 18:05 32 --sha-w- c:\windows\SMINST\HPCD.SYS
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"MSGTAG"="c:\program files\MSGTAG\MSGTAG.exe" [2003-09-16 1320448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"PS2"="c:\windows\system32\ps2.exe" [2003-09-12 98304]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-26 1948440]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-05-21 221184]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2009-3-28 16485023]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2007-9-12 1527808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-26 09:06 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Windows Update"="c:\windows\system32\svchost.exe"
"Windows Update 4"="c:\windows\system32\svchost.exe"
"LDM"=c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" boot
"MSGTAG"="c:\program files\MSGTAG\MSGTAG.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"AlcxMonitor"=ALCXMNTR.EXE
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
"DiskeeperSystray"="c:\program files\Executive Software\Diskeeper\DkIcon.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Getting started with MacDrive"="c:\program files\Mediafour\MacDrive 7\MDGetStarted.exe" /auto
"MacDrive application"="c:\program files\Mediafour\MacDrive 7\MacDrive.exe"
"EPSON Stylus Photo R200 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" -lang 1033
"BDRegion"=c:\program files\Cyberlink\Shared Files\brs.exe
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe"
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe"
"InstantBurn"=c:\progra~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
"Family Tree Builder Update"=c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"UpdatePDRShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
"LogitechVideoRepair"=c:\program files\Logitech\Video\ISStart.exe
"LogitechGalleryRepair"=c:\program files\Logitech\Video\ISStart.exe
"LogitechVideoTray"=c:\program files\Logitech\Video\LogiTray.exe
"Wireless Manager"="c:\program files\Virgin Broadband Wireless\Wireless Manager.exe" startup
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\German\\setup.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\MSGTAG\\MSGTAG.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [04/02/2009 11:14 284160]
R0 MDPMGRNT;MacDrive partition driver;c:\windows\system32\drivers\MDPMGRNT.SYS [04/02/2009 11:22 19456]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28/03/2009 17:08 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28/03/2009 17:09 108552]
R1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\drivers\CLBStor.sys [30/05/2009 10:12 15784]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2009/06/06 23:48];c:\program files\CyberLink\PowerDVD8\000.fcl [05/03/2009 01:47 87536]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28/03/2009 17:08 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28/03/2009 17:08 298776]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;c:\windows\system32\drivers\CLBUDF.sys [30/05/2009 10:12 162344]
R2 MacDriveService;MacDrive service;c:\program files\Mediafour\MacDrive 7\MacDriveService.exe [26/11/2008 09:23 150528]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13/04/2009 10:40 195856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13/04/2009 10:40 19096]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [23/04/2007 14:11 224896]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18/04/2009 12:34 79888]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{J2O6W5DJ-14MS-4317-3R78-R5R86E5G12AE}]
c:\program files\System32\Updater.exe Restart
.
Contents of the 'Scheduled Tasks' folder
2009-06-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17]
2009-07-02 c:\windows\Tasks\User_Feed_Synchronization-{4565CF51-C5AF-4B74-AABA-1FE7A5EDB061}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-MacDrive Volume Icons - (no file)
Notify-khfDtsRh - khfDtsRh.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/ig?hl=en&source=iglk
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.myheritage.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=Q105&bd=presario&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;localhost
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-02 22:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1495055109-845452938-3173171980-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1495055109-845452938-3173171980-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{53C38EED-D45D-3C90-EDAD-90F1CE12DCB7}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(560)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
c:\program files\Mediafour\MacDrive 7\MDVolumeIcons.dll
c:\program files\Mediafour\MacDrive 7\MACDRAPI.DLL
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Virgin Broadband Wireless\AffinegyService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\Crypserv.exe
c:\program files\Executive Software\Diskeeper\DkService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2009-07-02 22:57 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-02 21:57
Pre-Run: 165,860,986,880 bytes free
Post-Run: 165,742,043,136 bytes free
337 --- E O F --- 2009-06-14 16:33
HJ log-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:10, on 02/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSGTAG] "C:\Program Files\MSGTAG\MSGTAG.exe" /startup
O4 - Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/48.14/uploader2.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.co.uk/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\acaptuser32.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 10019 bytes
|
|
|
|
Previous
Index
Next
Flat
Edit
Reply
Quote
