ComboFix 08-11-27.07 - Calvin D Stone 2008-11-28 13:42:22.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.229 [GMT -5:00]
Running from: c:\documents and settings\Calvin D Stone\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Calvin D Stone\Desktop\cfscript.txt
* Created a new restore point
FILE ::
c:\documents and settings\Calvin D Stone\Incomplete\Preview-T-5745425-we pop champaine.mp3
c:\documents and settings\Calvin D Stone\Shared\Chronic Future - Apology For Non-Symmetry.mp3
c:\documents and settings\Calvin D Stone\Shared\Faith Evans - Jealous.wma
c:\documents and settings\Calvin D Stone\Shared\Gangsta Rap The Glockumentary (2007) DVDRip.avi I
c:\documents and settings\Calvin D Stone\Shared\Gangsta Rap The Glockumentary 2007 COMPLETE NTSC DVDR-NTX.avi
c:\program files\Norton AntiVirus\Quarantine\1EE65B22
c:\program files\Norton AntiVirus\Quarantine\1EE65B22.exe
c:\program files\Norton AntiVirus\Quarantine\2C3C3BAB
c:\program files\Norton AntiVirus\Quarantine\2C3F65A8.exe
c:\program files\Norton AntiVirus\Quarantine\4CE071C4
c:\program files\Norton AntiVirus\Quarantine\4CE31BC0
c:\program files\Norton AntiVirus\Quarantine\4CE745BD
c:\program files\Norton AntiVirus\Quarantine\60B15537 I
c:\program files\Norton AntiVirus\Quarantine\60B57F33.exe
c:\windows\system32\Kcrnad1Drv.dll
c:\windows\system32\KcrnadDrv.dll
.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.
2008-11-28 02:10 . 2008-11-28 02:11 <DIR> d-------- c:\program files\NCSoft
2008-11-28 02:00 . 2008-11-28 02:00 <DIR> d-------- c:\documents and settings\Calvin D Stone\Application Data\InstallShield
2008-11-28 01:51 . 2008-11-28 02:00 <DIR> d-------- c:\documents and settings\Calvin D Stone\Application Data\GetRightToGo
2008-11-23 17:50 . 2008-11-24 16:39 4,224 --a------ c:\windows\system32\drivers\beep.sys
2008-11-23 17:50 . 2008-11-24 16:39 4,224 --a--c--- c:\windows\system32\dllcache\beep.sys
2008-11-22 14:37 . 2008-11-22 14:37 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-22 14:37 . 2008-11-22 14:37 <DIR> d-------- c:\documents and settings\Calvin D Stone\Application Data\Malwarebytes
2008-11-22 14:37 . 2008-11-22 14:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-22 14:37 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-22 14:37 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-17 00:38 . 2008-11-17 00:38 <DIR> d-------- C:\rsit
2008-11-17 00:38 . 2008-11-28 13:37 <DIR> d-------- c:\program files\trend micro
2008-11-15 22:10 . 2008-11-15 22:10 <DIR> d-------- c:\documents and settings\Administrator
2008-11-15 22:03 . 2008-11-15 22:03 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\GetModule
2008-11-15 22:03 . 2008-11-22 14:00 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\gadcom
2008-11-13 03:00 . 2008-11-13 03:00 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-12 23:29 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 23:29 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-04 19:34 . 2008-11-22 13:47 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-04 19:34 . 2008-11-23 05:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-04 15:25 . 2008-10-23 10:00 12,752 --a------ c:\windows\system32\SDEarlyDelete.exe
2008-11-04 15:25 . 2008-11-04 15:25 110 --a------ c:\windows\system32\SDEarlyDelete.ini
2008-11-04 15:25 . 2005-02-06 09:02 104 --a------ c:\windows\system32\ProxySettings.ini
2008-11-04 15:25 . 2008-11-04 15:58 63 --a------ c:\windows\system\SysSD.dll
2008-11-04 15:24 . 2008-11-04 20:14 <DIR> d-------- c:\program files\SpywareDetector
2008-11-04 15:24 . 2008-09-23 09:14 921,600 --a------ c:\windows\system32\CheckDll.dll
2008-11-04 00:41 . 2008-11-04 00:41 <DIR> d-------- c:\windows\system32\scripting
2008-11-04 00:40 . 2008-11-04 00:40 <DIR> d-------- c:\windows\system32\en
2008-11-04 00:40 . 2008-11-04 00:40 <DIR> d-------- c:\windows\system32\bits
2008-11-04 00:40 . 2008-11-04 00:40 <DIR> d-------- c:\windows\l2schemas
2008-11-04 00:36 . 2008-11-04 00:41 <DIR> d-------- c:\windows\ServicePackFiles
2008-11-03 00:01 . 2008-11-04 14:39 <DIR> d-------- c:\program files\SpyHunter
2008-11-02 19:27 . 2008-11-02 19:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 08:40 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-28 07:10 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-16 08:05 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2008-11-16 08:04 --------- d-----w c:\documents and settings\Calvin D Stone\Application Data\PlayFirst
2008-11-16 08:02 --------- d-----w c:\program files\Yahoo! Games
2008-11-16 07:42 --------- d-----w c:\documents and settings\Calvin D Stone\Application Data\LimeWire
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2007-05-06 23:12 32 --sha-w c:\windows\{61F619DA-22AC-4292-B9C2-AFDB35602C2A}.dat
2007-05-06 23:12 32 --sha-w c:\windows\system32\{B26B46C6-58DB-4524-BBB8-8751C8C59929}.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95428be1-00b3-4919-8e16-e38550ce7366}]
c:\windows\system32\vvvdgq.dll [BU]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-15 454784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"PlayNC Launcher"="c:\program files\NCSoft\Launcher\NCLauncher.exe" [2008-06-09 38128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2002-08-19 50880]
"ccRegVfy"="c:\program files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-08-19 34504]
"Advanced Tools Check"="c:\progra~1\NORTON~1\AdvTools\ADVCHK.EXE" [2002-08-26 79480]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-07-10 270648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"SDActiveMonitor"="c:\program files\SpywareDetector\SDActiveMonitor.exe" [BU]
"SDAutoLiveupdate"="c:\program files\SpywareDetector\LiveUpdateSD.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"nwiz"="nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2002-08-07 54936]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
c:\documents and settings\Calvin D Stone\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-05-06 106560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"aux"= ctwdm32.dll
"msacm.g723"= g723.acm
"vidc.I263"= I263_32.drv
"VIDC.HFYU"= huffyuv.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"60440:TCP"= 60440:TCP:*
isabled:SolidNetworkManager
"60440:UDP"= 60440:UDP:*
isabled:SolidNetworkManager
R0 sojubus;sojubus;c:\windows\system32\DRIVERS\sojubus.sys [2003-10-05 123520]
R0 sojuscsi;sojuscsi;c:\windows\system32\DRIVERS\sojuscsi.sys [2003-09-28 5504]
.
Contents of the 'Scheduled Tasks' folder
2008-11-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]
2008-11-22 c:\windows\Tasks\Norton AntiVirus - Scan my computer.job
- c:\progra~1\NORTON~1\NAVW32.exe [2002-11-14 19:31]
2008-11-28 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-07 08:04]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-11-28 13:44:05
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-28 13:45:09
ComboFix-quarantined-files.txt 2008-11-28 18:44:54
ComboFix2.txt 2008-11-28 18:32:41
ComboFix3.txt 2008-11-24 21:45:45
ComboFix4.txt 2008-11-23 19:04:19
Pre-Run: 13,241,663,488 bytes free
Post-Run: 13,288,484,864 bytes free
173 --- E O F --- 2008-11-13 08:04:29
info.txt
info.txt logfile of random's system information tool 1.04 2008-11-28 13:37:15
======Uninstall list======
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Alcohol 120%-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
AOL Instant Messenger-->C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support-->MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
Apple Software Update-->MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}
Canon Camera Window DSLR 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{36C65B50-37BA-4467-AAD5-0523EFDF6F62}
Canon EOS 5D WIA Driver-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} /l1033
Canon PhotoRecord-->MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}
Canon Utilities Digital Photo Professional 2.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{17BF3045-AB1D-4048-8356-6C584B83565E} /l1033
Canon Utilities EOS Capture 1.5-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}
Canon ZoomBrowser EX (E)-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Cooking Dash (remove only)-->"C:\Program Files\Yahoo! Games\Cooking Dash\Uninstall.exe"
Diner Dash Flo Through Time (remove only)-->"C:\Program Files\Yahoo! Games\Diner Dash Flo Through Time\Uninstall.exe"
DivX 4.11 Codec-->"C:\Program Files\DivXCodec\uninstall.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Drivers Install For Linksys Easylink Advisor-->MsiExec.exe /I{A1960A82-DB70-474D-A86B-FA74466103C6}
EAX(tm) Unified (SHELL)-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative Labs\EAX(tm) Unified (SHELL)\Uninst.isu"
Flock (Photobucket Edition) 0.7-->C:\Program Files\Flock\uninst.exe
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
Icy Tower v1.3.1-->"c:\games\icytower1.3\unins000.exe"
Indeo® Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
Intel A/V Codecs V2.0-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\CDUninst.isu
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Jojo’s Fashion Show 2 - Las Cruces (remove only)-->"C:\Program Files\Yahoo! Games\Jojo’s Fashion Show 2 - Las Cruces\Uninstall.exe"
LexarMedia ImageRescue Software-->MsiExec.exe /X{8685BFA3-470B-4E20-A41F-A60BBD40E6E2}
Linksys EasyLink Advisor 1.6 (0044)-->rundll32 C:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Suite-->C:\Program Files\Common Files\Ahead\Uninstall\Setup.exe /uninstall
Norton AntiVirus 2003 Professional Edition-->MsiExec.exe /I{F4C9398F-B6C6-4A4B-8B6D-795CD86F915D}
Norton WMI Update-->MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PlayNC Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Pro Media Director Version 1.1.1.1-->"C:\Program Files\Pelican Performance\Pro Media Director\unins000.exe"
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RescuePRO 3.2-->C:\WINDOWS\iun507.exe C:\Program Files\RescuePRO\irunin.ini
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Sims™ 2 Deluxe-->C:\Program Files\EA GAMES\The Sims 2 Deluxe\EAUninstall.exe
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Westwood Shared Internet Components-->C:\Westwood\Internet\UnstllAP.EXE
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! ¤u¨ã¦C-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
======Security center information======
AV: Norton AntiVirus (disabled) (outdated)
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
-----------------EOF-----------------
log.txt
Logfile of random's system information tool 1.04 (written by random/random)
Run by Calvin D Stone at 2008-11-28 13:37:05
Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (32%) free of 40 GB
Total RAM: 511 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:37:13 PM, on 11/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NCSoft\Launcher\NCLauncher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Calvin D Stone\Desktop\RSIT.exe
C:\Program Files\trend micro\Calvin D Stone.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: {6637ec05-583e-61e8-9194-3b001eb82459} - {95428be1-00b3-4919-8e16-e38550ce7366} - C:\WINDOWS\system32\vvvdgq.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SDActiveMonitor] C:\Program Files\SpywareDetector\SDActiveMonitor.exe -AUTO
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\Program Files\SpywareDetector\LiveUpdateSD.exe -AUTO
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) -
http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SDService - Unknown owner - C:\Program Files\SpywareDetector\SDService.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 8129 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95428be1-00b3-4919-8e16-e38550ce7366}]
C:\WINDOWS\system32\vvvdgq.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2002-11-15 112248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2002-08-19 50880]
"ccRegVfy"=C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe [2002-08-19 34504]
"Advanced Tools Check"=C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE [2002-08-26 79480]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"SDActiveMonitor"=C:\Program Files\SpywareDetector\SDActiveMonitor.exe -AUTO []
"SDAutoLiveupdate"=C:\Program Files\SpywareDetector\LiveUpdateSD.exe -AUTO []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"nwiz"=nwiz.exe /install []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"=C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe [2007-03-15 454784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"PlayNC Launcher"=C:\Program Files\NCSoft\Launcher\NCLauncher.exe [2008-06-09 38128]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Calvin D Stone\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\Program Files\NCsoft\Exteel\System\Exteel.exe"="C:\Program Files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\Program Files\NCsoft\Exteel\System\Exteel.exe"="C:\Program Files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel"
======List of files/folders created in the last 1 months======
2008-11-28 13:32:41 ----A---- C:\ComboFix.txt
2008-11-28 02:10:27 ----D---- C:\Program Files\NCSoft
2008-11-28 02:04:43 ----RSD---- C:\WINDOWS\assembly
2008-11-28 02:03:03 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-28 02:00:48 ----D---- C:\Documents and Settings\Calvin D Stone\Application Data\InstallShield
2008-11-28 01:51:31 ----D---- C:\Documents and Settings\Calvin D Stone\Application Data\GetRightToGo
2008-11-24 16:45:47 ----D---- C:\WINDOWS\temp
2008-11-23 05:34:03 ----A---- C:\Boot.bak
2008-11-23 05:33:47 ----RASHD---- C:\cmdcons
2008-11-23 05:32:19 ----A---- C:\WINDOWS\zip.exe
2008-11-23 05:32:19 ----A---- C:\WINDOWS\SWREG.exe
2008-11-23 05:32:19 ----A---- C:\WINDOWS\sed.exe
2008-11-23 05:32:19 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-23 05:32:19 ----A---- C:\WINDOWS\grep.exe
2008-11-23 05:32:19 ----A---- C:\WINDOWS\fdsv.exe
2008-11-23 05:32:18 ----A---- C:\WINDOWS\VFIND.exe
2008-11-23 05:32:18 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-23 05:32:18 ----A---- C:\WINDOWS\SWSC.exe
2008-11-23 05:30:55 ----D---- C:\WINDOWS\ERDNT
2008-11-23 05:30:55 ----D---- C:\Qoobox
2008-11-22 14:37:15 ----D---- C:\Documents and Settings\Calvin D Stone\Application Data\Malwarebytes
2008-11-22 14:37:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-22 14:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-17 00:38:12 ----D---- C:\Program Files\trend micro
2008-11-17 00:38:11 ----D---- C:\rsit
2008-11-15 23:11:30 ----A---- C:\WINDOWS\system32\6361d4d7-.txt
2008-11-13 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-13 03:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-13 03:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-13 03:00:28 ----D---- C:\Program Files\MSXML 4.0
2008-11-05 03:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-04 19:34:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-04 19:34:21 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-04 15:25:09 ----A---- C:\WINDOWS\system32\ProxySettings.ini
2008-11-04 15:25:08 ----A---- C:\WINDOWS\system32\SDEarlyDelete.ini
2008-11-04 15:25:08 ----A---- C:\WINDOWS\system32\SDEarlyDelete.exe
2008-11-04 15:24:47 ----A---- C:\WINDOWS\system32\CheckDll.dll
2008-11-04 15:24:43 ----D---- C:\Program Files\SpywareDetector
2008-11-04 01:00:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-04 01:00:30 ----D---- C:\WINDOWS\Prefetch
2008-11-04 00:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-04 00:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-04 00:48:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-04 00:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-04 00:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-04 00:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-04 00:48:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-04 00:47:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-04 00:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-04 00:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-04 00:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-11-04 00:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-04 00:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-04 00:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-04 00:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-04 00:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-04 00:42:36 ----A---- C:\WINDOWS\setuplog.txt
2008-11-04 00:41:00 ----D---- C:\WINDOWS\system32\scripting
2008-11-04 00:40:59 ----D---- C:\WINDOWS\l2schemas
2008-11-04 00:40:58 ----D---- C:\WINDOWS\system32\en
2008-11-04 00:40:57 ----D---- C:\WINDOWS\system32\bits
2008-11-04 00:36:18 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-04 00:27:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-03 19:54:33 ----D---- C:\WINDOWS\pss
2008-11-03 00:01:00 ----D---- C:\Program Files\SpyHunter
2008-11-02 19:27:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
======List of files/folders modified in the last 1 months======
2008-11-28 13:32:45 ----D---- C:\WINDOWS\system32
2008-11-28 13:32:43 ----SHD---- C:\RECYCLER
2008-11-28 13:32:43 ----D---- C:\WINDOWS
2008-11-28 13:31:32 ----A---- C:\WINDOWS\system.ini
2008-11-28 13:30:41 ----D---- C:\WINDOWS\system32\drivers
2008-11-28 13:30:40 ----D---- C:\WINDOWS\AppPatch
2008-11-28 13:30:40 ----D---- C:\Program Files\Common Files
2008-11-28 13:28:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-28 03:41:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-28 03:40:54 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-28 03:40:50 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-28 03:11:39 ----HD---- C:\WINDOWS\inf
2008-11-28 02:41:47 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-28 02:31:09 ----SD---- C:\Documents and Settings\Calvin D Stone\Application Data\Microsoft
2008-11-28 02:10:27 ----RD---- C:\Program Files
2008-11-28 02:10:24 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-28 02:09:43 ----SHD---- C:\WINDOWS\Installer
2008-11-28 02:09:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-28 02:04:46 ----D---- C:\WINDOWS\WinSxS
2008-11-28 02:03:12 ----D---- C:\WINDOWS\system32\mui
2008-11-28 02:03:12 ----D---- C:\Program Files\Internet Explorer
2008-11-27 01:21:34 ----D---- C:\WINDOWS\Help
2008-11-24 15:16:25 ----D---- C:\WINDOWS\network diagnostic
2008-11-23 05:40:05 ----D---- C:\WINDOWS\system32\config
2008-11-23 05:34:03 ----RASH---- C:\boot.ini
2008-11-22 14:01:04 ----A---- C:\WINDOWS\win.ini
2008-11-16 03:05:01 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-11-16 03:04:59 ----D---- C:\Documents and Settings\Calvin D Stone\Application Data\PlayFirst
2008-11-16 03:02:42 ----D---- C:\Program Files\Yahoo! Games
2008-11-16 02:42:23 ----D---- C:\Documents and Settings\Calvin D Stone\Application Data\LimeWire
2008-11-15 22:10:10 ----D---- C:\Documents and Settings
2008-11-13 03:01:37 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-13 03:01:35 ----A---- C:\WINDOWS\imsins.BAK
2008-11-06 23:26:36 ----D---- C:\WINDOWS\system32\wbem
2008-11-04 20:14:31 ----A---- C:\WINDOWS\wininit.ini
2008-11-04 20:09:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-04 15:25:52 ----D---- C:\WINDOWS\system
2008-11-04 01:01:28 ----D---- C:\WINDOWS\Debug
2008-11-04 01:00:07 ----D---- C:\WINDOWS\system32\Setup
2008-11-04 01:00:07 ----D---- C:\WINDOWS\ime
2008-11-04 01:00:05 ----RSD---- C:\WINDOWS\Fonts
2008-11-04 01:00:03 ----D---- C:\WINDOWS\security
2008-11-04 00:50:05 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-04 00:46:37 ----D---- C:\Program Files\Messenger
2008-11-04 00:41:24 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-04 00:41:01 ----D---- C:\WINDOWS\system32\usmt
2008-11-04 00:41:01 ----D---- C:\WINDOWS\system32\en-US
2008-11-04 00:40:57 ----D---- C:\WINDOWS\PeerNet
2008-11-04 00:40:57 ----D---- C:\Program Files\Movie Maker
2008-11-04 00:36:03 ----D---- C:\WINDOWS\system32\Restore
2008-11-04 00:36:03 ----D---- C:\WINDOWS\system32\npp
2008-11-04 00:36:03 ----D---- C:\WINDOWS\mui
2008-11-04 00:36:01 ----D---- C:\WINDOWS\msagent
2008-11-04 00:35:59 ----D---- C:\WINDOWS\srchasst
2008-11-04 00:35:58 ----D---- C:\Program Files\NetMeeting
2008-11-04 00:35:55 ----D---- C:\WINDOWS\system32\Com
2008-11-04 00:35:51 ----D---- C:\Program Files\Windows Media Player
2008-11-04 00:35:50 ----D---- C:\Program Files\Windows NT
2008-11-04 00:35:50 ----D---- C:\Program Files\Outlook Express
2008-11-04 00:35:44 ----D---- C:\Program Files\Common Files\System
2008-11-04 00:35:10 ----D---- C:\WINDOWS\system32\oobe
2008-11-04 00:30:58 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-04 00:27:07 ----D---- C:\WINDOWS\ehome
2008-11-03 19:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 elagopro;GoProto Protocol Driver for LELA; C:\WINDOWS\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; C:\WINDOWS\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R2 SAVRTPEL;SAVRTPEL; \??\C:\WINDOWS\system32\Drivers\SAVRTPEL.SYS []
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\Drivers\SYMTDI.SYS []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NPDriver;Norton Unerase Protection Driver; \??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\Drivers\SYMREDRV.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S2 npkcrypt;npkcrypt; \??\C:\Nexon\MapleStory\npkcrypt.sys []
S3 ajjzp46s;ajjzp46s; C:\WINDOWS\system32\drivers\ajjzp46s.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-27 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-27 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080430.017\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080430.017\NavEx15.Sys []
S3 npkcusb;npkcusb; \??\C:\Nexon\MapleStory\npkcusb.sys []
S3 SAVRT;SAVRT; \??\C:\WINDOWS\system32\Drivers\SAVRT.SYS []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-06-28 106496]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2002-08-08 308936]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NProtectService;Norton Unerase Protection; C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE [2002-08-14 135168]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe [2004-11-02 316544]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S2 SDService;SDService; C:\Program Files\SpywareDetector\SDService.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-06 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 ccPwdSvc;Symantec Password Validation Service; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2002-08-19 63176]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 navapsvc;Norton AntiVirus Auto Protect Service; C:\Program Files\Norton AntiVirus\navapsvc.exe [2002-11-14 116336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
-----------------EOF-----------------
