Hi,
Here are my logs. Just one problem. I installed Avast and ran a scan and deleted a few infected files and now I don't have a desktop (eek!). I have the desktop image and my mouse and can run programs through task manager but there is no start menu or desktop icons.
I'm currently using safe mode to combat this. They all appear there.
Also in response to a partition I think the answer is yes. A while ago I reinstalled my windows and when I did so my ms start up information changed and brings up an option screen asking me which one to boot. One option is my windows XP and the other is the windows recovery console. I never use to have this and as I remember my hard drive did partition itself during this installation but I am not sure how to access it and never bothered to change it as it didn't affect the running of my computer.
It definitely isn't an external drive or anything as I don't have one (boo).
Anyway, here are my logs.
MBAM
Malwarebytes' Anti-Malware 1.41
Database version: 3051
Windows 5.1.2600 Service Pack 2 (Safe Mode)
10/29/2009 9:51:50 AM
mbam-log-2009-10-29 (09-51-49).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 250805
Time elapsed: 54 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_TDIFW_DRV (Rogue.DesktopDefender2010) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_TDIFW_DRV (Rogue.DesktopDefender2010) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTM
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\lphc339j0ejdc .exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Horatio E
->Temp folder emptied: 40070205 bytes
->Temporary Internet Files folder emptied: 109720144 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36567564 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 488995 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 98304 bytes
RecycleBin emptied: 17682091 bytes
Total Files Cleaned = 195.18 mb
OTM by OldTimer - Version 3.0.0.6 log created on 10292009_095827
Files moved on Reboot...
Registry entries deleted on Reboot...
ESET
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.5730.13 (longhorn(wmbla).070711-1130)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=0427be361432f04eb0e6b2601ec247c4
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-29 10:23:05
# local_time=2009-10-29 10:23:05 (+0000, GMT Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 14145157 14145157 0 0
# compatibility_mode=769 16775126 100 93 4084 193088416 67349 0
# compatibility_mode=8192 67108863 100 0 3775 3775 0 0
# scanned=20035
# found=0
# cleaned=0
# scan_time=940
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=7.00.5730.13 (longhorn(wmbla).070711-1130)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=0427be361432f04eb0e6b2601ec247c4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-29 11:55:46
# local_time=2009-10-29 11:55:46 (+0000, GMT Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 14146253 14146253 0 0
# compatibility_mode=769 16775126 100 93 5180 193089512 68445 0
# compatibility_mode=8192 67108863 100 0 4871 4871 0 0
# scanned=127683
# found=5
# cleaned=0
# scan_time=5399
C:\WINDOWS\explorer.exe Win32/TrojanProxy.Agent.NCI virus (error while cleaning) 00000000000000000000000000000000 I
C:\WINDOWS\system32\lsass.exe Win32/TrojanProxy.Agent.NCI virus (error while cleaning) 00000000000000000000000000000000 I
C:\WINDOWS\system32\svchost.exe Win32/TrojanProxy.Agent.NCI virus (error while cleaning) 00000000000000000000000000000000 I
C:\WINDOWS\system32\winlogon.exe Win32/TrojanProxy.Agent.NCI virus (error while cleaning) 00000000000000000000000000000000 I
${Memory} Win32/TrojanProxy.Agent.NCI virus 00000000000000000000000000000000 I
RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Horatio E at 2009-10-29 11:57:23
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 103 GB (43%) free of 238 GB
Total RAM: 1150 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:42 AM, on 10/29/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Horatio E\Desktop\RSIT.exe
C:\Documents and Settings\Horatio E\Desktop\Horatio E.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [OTM] "C:\Documents and Settings\Horatio E\Desktop\OTM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/200 ... oader5.cabO16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -
http://download.eset.com/special/eos-be ... canner.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
--
End of file - 6918 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-10-05 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-18 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-13 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-18 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-18 256112]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-05 198160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]
"IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-09-28 1241872]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]
"OTM"=C:\Documents and Settings\Horatio E\Desktop\OTM.exe [2009-10-27 408064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-28 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-23 46080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{290079fe-7e2d-11de-afd6-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{290079ff-7e2d-11de-afd6-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29dd9874-7dfc-11de-afd5-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5917975a-83a8-11de-afe8-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{904246b4-7dbb-11de-afd3-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a750bf3e-7f46-11de-afda-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab001b54-7e77-11de-afd7-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd904d18-8505-11de-afee-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d75b6f4b-8139-11de-afe1-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7a28b1c-7ef6-11de-afd9-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2a72ad2-8990-11de-affc-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc4194f4-82bc-11de-afe6-0014a5104de0}]
shell\AutoRun\command - E:\AUTORUN.EXE
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2009-10-29 10:04:47 ----D---- C:\Program Files\ESET
2009-10-28 12:44:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-10-28 08:52:08 ----D---- C:\Program Files\iPod
2009-10-27 10:37:21 ----A---- C:\WINDOWS\resetlog.txt
2009-10-27 10:08:10 ----D---- C:\_OTM
2009-10-24 16:21:45 ----D---- C:\rsit
2009-10-24 15:37:47 ----D---- C:\Program Files\Alwil Software
2009-10-15 13:53:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-15 13:53:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-15 13:53:14 ----A---- C:\WINDOWS\system32\java.exe
2009-10-11 16:13:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-11 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-11 16:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-11 16:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-11 16:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-11 16:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-11 16:07:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-10-11 16:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-11 16:05:26 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-11 16:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-10-11 16:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-11 16:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-10-11 16:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-11 16:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-11 16:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-11 15:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-11 15:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-11 15:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-11 15:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-11 15:56:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-11 15:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-11 15:53:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-11 15:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-11 15:52:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-11 15:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-11 15:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-10-11 15:47:05 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2009-10-11 14:58:04 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-11 14:58:01 ----D---- C:\Program Files\TechSmith
2009-10-11 14:56:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-10-11 14:14:12 ----D---- C:\My Music
2009-10-11 12:58:21 ----D---- C:\Program Files\Software Informer
2009-10-08 23:03:51 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-06 11:43:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-06 08:38:42 ----D---- C:\Program Files\Hijackthis
2009-10-05 13:03:22 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-05 13:02:28 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-05 13:02:20 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-05 13:02:20 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-05 13:02:18 ----D---- C:\Program Files\Common Files\xing shared
2009-10-05 13:02:04 ----D---- C:\Program Files\real
2009-10-04 15:30:52 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-10-04 15:30:51 ----D---- C:\Documents and Settings\Horatio E\Application Data\NCH Swift Sound
2009-10-04 15:30:45 ----D---- C:\Program Files\NCH Swift Sound
======List of files/folders modified in the last 1 months======
2009-10-29 10:25:06 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-29 10:25:02 ----D---- C:\WINDOWS\system32
2009-10-29 10:24:03 ----D---- C:\Downloads
2009-10-29 10:05:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-29 10:04:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-29 10:04:50 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-29 10:04:47 ----RD---- C:\Program Files
2009-10-29 10:02:07 ----D---- C:\Program Files\Mozilla Firefox
2009-10-29 10:00:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-29 10:00:26 ----D---- C:\WINDOWS\Temp
2009-10-29 08:54:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-29 08:54:46 ----D---- C:\WINDOWS\system32\drivers
2009-10-28 21:07:56 ----D---- C:\WINDOWS\Prefetch
2009-10-28 15:21:07 ----D---- C:\WINDOWS
2009-10-28 08:53:42 ----SHD---- C:\WINDOWS\Installer
2009-10-28 08:53:42 ----D---- C:\Config.Msi
2009-10-28 08:53:01 ----D---- C:\Program Files\iTunes
2009-10-28 08:52:06 ----D---- C:\Program Files\Common Files\Apple
2009-10-28 08:48:56 ----D---- C:\Program Files\Bonjour
2009-10-28 08:48:51 ----D---- C:\Program Files\QuickTime Alternative
2009-10-28 08:48:27 ----HD---- C:\WINDOWS\inf
2009-10-28 08:48:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-27 16:49:37 ----D---- C:\Documents and Settings\Horatio E\Application Data\Adobe
2009-10-27 10:34:39 ----D---- C:\WINDOWS\system32\config
2009-10-27 10:34:09 ----D---- C:\WINDOWS\system32\wbem
2009-10-27 10:34:08 ----D---- C:\WINDOWS\Registration
2009-10-27 10:29:26 ----D---- C:\Program Files\IObit
2009-10-27 10:08:13 ----SD---- C:\WINDOWS\Tasks
2009-10-15 14:13:54 ----SD---- C:\Documents and Settings\Horatio E\Application Data\Microsoft
2009-10-15 13:53:11 ----D---- C:\Program Files\Java
2009-10-12 18:14:17 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-10-12 14:39:55 ----RSD---- C:\WINDOWS\Fonts
2009-10-11 17:12:02 ----D---- C:\WINDOWS\AppPatch
2009-10-11 16:13:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-11 16:12:18 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-11 16:12:13 ----A---- C:\WINDOWS\imsins.BAK
2009-10-11 16:08:29 ----D---- C:\Program Files\Outlook Express
2009-10-11 16:07:34 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-11 14:56:42 ----D---- C:\Program Files\Common Files
2009-10-11 14:14:30 ----A---- C:\WINDOWS\cdplayer.ini
2009-10-11 14:14:04 ----D---- C:\Documents and Settings\Horatio E\Application Data\Real
2009-10-11 13:29:20 ----D---- C:\Program Files\Sony
2009-10-11 13:27:49 ----D---- C:\Documents and Settings\Horatio E\Application Data\Software Informer
2009-10-09 10:10:49 ----D---- C:\Program Files\Adobe
2009-10-08 23:04:51 ----D---- C:\Documents and Settings
2009-10-08 22:30:18 ----A---- C:\WINDOWS\WININIT.INI
2009-10-06 09:24:59 ----D---- C:\WINDOWS\WinSxS
2009-10-06 09:24:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-10-05 15:03:03 ----D---- C:\WINDOWS\system32\LogFiles
2009-10-05 13:02:38 ----D---- C:\Program Files\Common Files\Real
2009-10-05 13:02:04 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-05 13:02:04 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-05 13:02:04 ----A---- C:\WINDOWS\system32\msvcp71.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-09-28 376320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-31 193056]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-02-28 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-28 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-02-28 17024]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 36864]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-02-28 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-23 1273344]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696]
S3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camc6aud.sys [2005-03-15 37760]
S3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camc6hal.sys [2005-03-15 346496]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
S3 Ftda35;Ftda35; C:\WINDOWS\system32\drivers\Ftda35.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
S3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-08-22 101120]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-02-28 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2006-02-28 67584]
S3 se44bus;Sony Ericsson Device 068 driver (WDM); C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS); C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM); C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176]
S3 TSWLAN;TsWlan Packet Driver; C:\WINDOWS\system32\drivers\TsWlan.sys [2007-06-29 33664]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-23 380928]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
S2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-09-28 309008]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2003-03-19 335872]
S2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-17 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-17 655624]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
-----------------EOF-----------------