Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Antivir says I'm clean, but I've never felt so dirty

Started by kerry111 , Nov 09 2007 10:11 PM

  • This topic is locked This topic is locked
No replies to this topic

#1 kerry111

kerry111

    New Member

  • New Member
  • Pip
  • 5 posts

Posted 09 November 2007 - 10:11 PM

And I don't think that's the only thing that's messing with my computer, A compaq presario sr5152nx dual core amd 64. It used to zing now it just slugs along with 2 gigs of
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5181 bytes

******************************AND HERE'S THE STARTUP LIST:

StartupList report, 11/9/2007, 10:25:51 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows Vista (WinNT 6.00.1904)
Detected: Internet Explorer v7.00 (7.00.6000.16546)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Windows\System32\CTXFISPI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Smallvideosoft\Freez iPod Video Converter\ipodconverter.exe
C:\Windows\explorer.exe
C:\Program Files\Creative\MediaSource5\CTCMSu.exe
C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Windows\system32\Taskmgr.exe
C:\Windows\System32\notepad.exe
c:\users\DJK\Documents\Setup Files\HiJackThis_v2.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

hpsysdrv = c:\hp\support\hpsysdrv.exe
KBD = C:\HP\KBD\KbdStub.EXE
OsdMaestro = "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
RtHDVCpl = RtHDVCpl.exe
(Default) =
AudioDrvEmulator = "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
CTXFIREG = CTXFIREG.EXE
avgnt = "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
VolPanel = "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
CTHelper = CTHELPER.EXE
CTxfiHlp = CTXFIHLP.EXE
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
WindowsWelcomeCenter = rundll32.exe oobefldr.dll,ShowWelcomeCenter
HPADVISOR = C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
ehTray.exe = C:\Windows\ehome\ehTray.exe
Creative Detector = "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
Creative MediaSource Go = "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
SetDefaultMIDI = MIDIDef.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

[OsdMaestro]
ModelName = 5189URF
Version = 1.00.007
Language =

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\Windows\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\Windows\system32\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\Windows\system32\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\Windows\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\Windows\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registry Editor'

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

*No BHO's found*

--------------------------------------------------

Enumerating Task Scheduler jobs:

User_Feed_Synchronization-{2DE63FBE-F7DB-40C6-A20B-4CE231FAF53A}.job

--------------------------------------------------

Enumerating Download Program Files:

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\Windows\system32\LegitCheckControl.DLL
CODEBASE = http://download.micr...heckControl.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.ma...t/ultrashim.cab

[Update Class]
InProcServer32 = C:\Windows\system32\iuctl.dll
CODEBASE = http://v4.windowsupd...9350.1680092593

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\System32\mswsock.dll
NameSpace #3: C:\Windows\System32\winrnr.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
Protocol #1: C:\Windows\system32\mswsock.dll
Protocol #2: C:\Windows\system32\mswsock.dll
Protocol #3: C:\Windows\system32\mswsock.dll
Protocol #4: C:\Windows\system32\mswsock.dll
Protocol #5: C:\Windows\system32\mswsock.dll
Protocol #6: C:\Windows\system32\mswsock.dll
Protocol #7: C:\Windows\system32\mswsock.dll
Protocol #8: C:\Windows\system32\mswsock.dll
Protocol #9: C:\Windows\system32\mswsock.dll
Protocol #10: C:\Windows\system32\mswsock.dll
Protocol #11: C:\Windows\system32\mswsock.dll
Protocol #12: C:\Windows\system32\mswsock.dll
Protocol #13: C:\Windows\system32\mswsock.dll
Protocol #14: C:\Windows\system32\mswsock.dll
Protocol #15: C:\Windows\system32\mswsock.dll
Protocol #16: C:\Windows\system32\mswsock.dll
Protocol #17: C:\Windows\system32\mswsock.dll
Protocol #18: C:\Windows\system32\mswsock.dll
Protocol #19: C:\Windows\system32\mswsock.dll
Protocol #20: C:\Windows\system32\mswsock.dll
Protocol #21: C:\Windows\system32\mswsock.dll
Protocol #22: C:\Windows\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Microsoft ACPI Driver: system32\drivers\acpi.sys (system)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled)
adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
PPdus ASPI Shell: system32\drivers\Afc.sys (manual start)
Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (autostart)
aliide: \SystemRoot\system32\drivers\aliide.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\system32\drivers\amdagp.sys (manual start)
amdide: \SystemRoot\system32\drivers\amdide.sys (disabled)
AMD K7 Processor Driver: \SystemRoot\system32\drivers\amdk7.sys (disabled)
AMD K8 Processor Driver: system32\DRIVERS\amdk8.sys (manual start)
AntiVir PersonalEdition Classic Scheduler: "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe" (autostart)
AntiVir PersonalEdition Classic Guard: "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe" (autostart)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart)
arc: \SystemRoot\system32\drivers\arc.sys (disabled)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
IDE Channel: system32\drivers\atapi.sys (system)
Atheros Extensible Wireless LAN device driver: system32\DRIVERS\athr.sys (manual start)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
avgio: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys (system)
avgntflt: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys (manual start)
avipbb: system32\DRIVERS\avipbb.sys (system)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled)
Belkin Wireless G Desktop Card Service: system32\DRIVERS\BLKWGD.sys (manual start)
Bowser: system32\DRIVERS\bowser.sys (manual start)
Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\brfiltlo.sys (manual start)
Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\brfiltup.sys (manual start)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\system32\drivers\brserid.sys (disabled)
Brother WDM Serial driver: \SystemRoot\system32\drivers\brserwdm.sys (disabled)
Brother MFC USB Fax Only Modem: \SystemRoot\system32\drivers\brusbmdm.sys (disabled)
Brother MFC USB Serial WDM Driver: \SystemRoot\system32\drivers\brusbser.sys (manual start)
Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (disabled)
WIDCOMM USB Bluetooth Driver: System32\Drivers\btwusb.sys (manual start)
CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
@%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Consumer IR Devices: system32\DRIVERS\circlass.sys (manual start)
Common Log (CLFS): System32\CLFS.sys (system)
Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
cmdide: \SystemRoot\system32\drivers\cmdide.sys (disabled)
COMMONFX.DLL: system32\COMMONFX.DLL (manual start)
Microsoft Composite Battery Driver: \SystemRoot\system32\drivers\compbatt.sys (disabled)
@comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Crcdisk Filter Driver: system32\drivers\crcdisk.sys (system)
Creative Service for CDROM Access: C:\Windows\system32\CTsvcCDA.exe (disabled)
Transmeta Crusoe Processor Driver: \SystemRoot\system32\drivers\crusoe.sys (disabled)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
CT20XUT.DLL: system32\CT20XUT.DLL (manual start)
Creative AC3 Software Decoder: system32\drivers\ctac32k.sys (manual start)
Creative Audio Driver (WDM): system32\drivers\ctaud2k.sys (manual start)
CTAUDFX.DLL: system32\CTAUDFX.DLL (manual start)
Creative DVD-Audio Device Driver: system32\drivers\ctdvda2k.sys (manual start)
CTEAPSFX.DLL: system32\CTEAPSFX.DLL (manual start)
CTEDSPFX.DLL: system32\CTEDSPFX.DLL (manual start)
CTEDSPIO.DLL: system32\CTEDSPIO.DLL (manual start)
CTEDSPSY.DLL: system32\CTEDSPSY.DLL (manual start)
CTERFXFX.DLL: system32\CTERFXFX.DLL (manual start)
CTEXFIFX.DLL: system32\CTEXFIFX.DLL (manual start)
CTHWIUT.DLL: system32\CTHWIUT.DLL (manual start)
Creative Proxy Driver: system32\drivers\ctprxy2k.sys (manual start)
CTSBLFX.DLL: system32\CTSBLFX.DLL (manual start)
Creative SoundFont Management Device Driver: system32\drivers\ctsfm2k.sys (manual start)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
Dfs Client Driver: System32\Drivers\dfsc.sys (system)
@dfsrres.dll,-101: %SystemRoot%\system32\DFSR.exe (manual start)
@%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Disk Driver: system32\drivers\disk.sys (system)
@%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
MS IEEE-1284.4 Driver: system32\DRIVERS\Dot4.sys (manual start)
Print Class Driver for IEEE-1284.4: system32\DRIVERS\Dot4Prt.sys (manual start)
MS Dot4USB Filter Dot4USB Filter: system32\DRIVERS\dot4usb.sys (manual start)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
Intel® PRO/1000 NDIS 6 Adapter Driver: system32\DRIVERS\E1G60I32.sys (manual start)
@%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
ReadyBoost Caching Driver: System32\drivers\ecache.sys (system)
@%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start)
@%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start)
@%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
elxstor: \SystemRoot\system32\drivers\elxstor.sys (disabled)
ReadyBoost: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
E-mu Plug-in Architecture Driver: system32\drivers\emupia2k.sys (manual start)
@%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (disabled)
@%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
File Information FS MiniFilter: system32\drivers\fileinfo.sys (system)
FileTrace: system32\drivers\filetrace.sys (manual start)
Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (disabled)
FltMgr: system32\drivers\fltmgr.sys (system)
@%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start)
GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start)
@gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (disabled)
Creative 20X HAL Driver: system32\drivers\ha20x2k.sys (manual start)
Microsoft 1.1 UAA Function Driver for High Definition Audio Service: system32\drivers\HdAudio.sys (manual start)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (disabled)
Microsoft Infrared HID Driver: system32\DRIVERS\hidir.sys (manual start)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start)
@%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
HpCISSs: \SystemRoot\system32\drivers\hpcisss.sys (disabled)
hpqcxs08: %SystemRoot%\system32\svchost.exe -k hpdevmgmt (manual start)
HP CUE DeviceDiscovery Service: %SystemRoot%\system32\svchost.exe -k hpdevmgmt (autostart)
HSF_DP: system32\DRIVERS\HSX_DP.sys (manual start)
HSXHWBS2: system32\DRIVERS\HSXHWBS2.sys (manual start)
HTTP: system32\drivers\HTTP.sys (manual start)
i2omp: \SystemRoot\system32\drivers\i2omp.sys (disabled)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
Intel RAID Controller Vista: \SystemRoot\system32\drivers\iastorv.sys (disabled)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
iirsp: \SystemRoot\system32\drivers\iirsp.sys (disabled)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Service for Realtek HD Audio (WDM): system32\drivers\RTKVHDA.sys (manual start)
intelide: \SystemRoot\system32\drivers\intelide.sys (disabled)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (disabled)
PnP-X IP Bus Enumerator: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
@%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IPMIDRV: \SystemRoot\system32\drivers\ipmidrv.sys (disabled)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IR Bus Enumerator: system32\drivers\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: \SystemRoot\system32\drivers\isapnp.sys (disabled)
iScsiPort Driver: system32\DRIVERS\msiscsi.sys (manual start)
ITEATAPI_Service_Install: \SystemRoot\system32\drivers\iteatapi.sys (disabled)
ITERAID_Service_Install: \SystemRoot\system32\drivers\iteraid.sys (disabled)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system)
@keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
KSecDD: System32\Drivers\ksecdd.sys (system)
KtmRm for Distributed Transaction Coordinator: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
LightScribeService Direct Disc Labeling Service: "c:\Program Files\Common Files\LightScribe\LSSrvc.exe" (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (disabled)
LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (disabled)
LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (disabled)
UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (autostart)
mamotou: system32\DRIVERS\mamotou.sys (manual start)
MaVctrl: system32\DRIVERS\MaVc2K.sys (autostart)
@%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
megasas: \SystemRoot\system32\drivers\megasas.sys (disabled)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Modem: system32\drivers\modem.sys (manual start)
Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start)
Motorola USB CDC ACM Driver: system32\DRIVERS\motmodem.sys (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
Mount Point Manager: System32\drivers\mountmgr.sys (system)
Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (disabled)
@%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
Mraid35x: \SystemRoot\system32\drivers\mraid35x.sys (disabled)
Marvell TOPDOG ™ 802.11n Driver for Vista Native WIFI (CB8x/EC8x): system32\DRIVERS\MRVW147.sys (manual start)
WebDav Client Redirector Driver: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
SMB MiniRedirector Wrapper and Engine: system32\DRIVERS\mrxsmb.sys (manual start)
SMB 1.x MiniRedirector: system32\DRIVERS\mrxsmb10.sys (manual start)
SMB 2.0 MiniRedirector: system32\DRIVERS\mrxsmb20.sys (manual start)
msahci: \SystemRoot\system32\drivers\msahci.sys (disabled)
Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (disabled)
@comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
ISA/EISA Class Driver: system32\drivers\msisadrv.sys (system)
@%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Mup: System32\Drivers\mup.sys (system)
@%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start)
NBService: C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (disabled)
NDIS System Driver: system32\drivers\ndis.sys (system)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
Net Driver HPZ12: %SystemRoot%\System32\svchost.exe -k HPZ12 (autostart)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NETBT: System32\DRIVERS\netbt.sys (system)
@%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
@%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Askey RT73 Wireless Driver for Vista: system32\DRIVERS\netr73.sys (manual start)
Net.Tcp Port Sharing Service: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (manual start)
nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (disabled)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
NMIndexingService: "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" (disabled)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
NSI proxy service: system32\drivers\nsiproxy.sys (system)
N-trig HID Tablet Driver: \SystemRoot\system32\drivers\ntrigdigi.sys (disabled)
NVIDIA nForce Networking Controller Driver: system32\DRIVERS\nvmfdx32.sys (manual start)
nvlddmkm: system32\DRIVERS\nvlddmkm.sys (manual start)
nvraid: \SystemRoot\system32\drivers\nvraid.sys (disabled)
nvstor: \SystemRoot\system32\drivers\nvstor.sys (disabled)
nvstor32: system32\drivers\nvstor32.sys (system)
NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Microsoft Office Diagnostics Service: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start)
NEC FireWarden OHCI Compliant IEEE 1394 Host Controller: \SystemRoot\system32\drivers\ohci1394.sys (disabled)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Creative OS Services Driver: system32\drivers\ctoss2k.sys (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
Parallel port driver: \SystemRoot\system32\drivers\parport.sys (manual start)
Partition Manager: System32\drivers\partmgr.sys (system)
Parvdm: \SystemRoot\system32\drivers\parvdm.sys (autostart)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
PCI Bus Driver: system32\drivers\pci.sys (system)
pciide: system32\drivers\pciide.sys (system)
pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (disabled)
VSO Software pcouffin: System32\Drivers\pcouffin.sys (manual start)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
Pml Driver HPZ12: %SystemRoot%\System32\svchost.exe -k HPZ12 (autostart)
@%SystemRoot%\system32\p2psvc.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: \SystemRoot\system32\drivers\processr.sys (disabled)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
PS2: system32\DRIVERS\PS2.sys (manual start)
@%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
QLogic Fibre Channel Miniport Driver: \SystemRoot\system32\drivers\ql2300.sys (disabled)
QLogic iSCSI Miniport Driver: \SystemRoot\system32\drivers\ql40xx.sys (disabled)
@%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
Windows Mobile-based device connectivity: %SystemRoot%\system32\svchost.exe -k WindowsMobile (disabled)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
@%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
@%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Redirected Buffering Sub Sysytem: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: \SystemRoot\system32\drivers\rdpdr.sys (disabled)
RDP Encoder Mirror Driver: system32\drivers\rdpencdd.sys (system)
@%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
@regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
RMCAST (Pgm) Protocol Driver: system32\DRIVERS\RMCAST.sys (autostart)
RoxMediaDB9: "c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" (manual start)
@%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (disabled)
@%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start)
Serial Port Driver: \SystemRoot\system32\drivers\serial.sys (manual start)
Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (disabled)
@%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (disabled)
SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start)
SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start)
High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (disabled)
Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP Bus Filter: \SystemRoot\system32\drivers\sisagp.sys (manual start)
SiSRaid2: \SystemRoot\system32\drivers\sisraid2.sys (disabled)
SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (disabled)
@%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart)
@%SystemRoot%\system32\SLUINotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (system)
@%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
Print Spooler: %SystemRoot%\System32\spoolsv.exe (autostart)
srv: System32\DRIVERS\srv.sys (manual start)
srv2: System32\DRIVERS\srv2.sys (manual start)
srvnet: System32\DRIVERS\srvnet.sys (manual start)
@%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
ssmdrv: system32\DRIVERS\ssmdrv.sys (system)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
stllssvr: "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" (manual start)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
@%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
Symc8xx: \SystemRoot\system32\drivers\symc8xx.sys (disabled)
Sym_hi: \SystemRoot\system32\drivers\sym_hi.sys (disabled)
Sym_u3: \SystemRoot\system32\drivers\sym_u3.sys (disabled)
Superfetch: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Tablet PC Input Service: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
TDPIPE: system32\drivers\tdpipe.sys (manual start)
TDTCP: system32\drivers\tdtcp.sys (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
Terminal Services Security Filter Driver: System32\DRIVERS\tssecsrv.sys (manual start)
Microsoft Tun Miniport Adapter Driver: system32\DRIVERS\tunmp.sys (manual start)
Microsoft IPv6 Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start)
Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start)
udfs: system32\DRIVERS\udfs.sys (disabled)
@%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start)
uliahci: \SystemRoot\system32\drivers\uliahci.sys (disabled)
UlSata: \SystemRoot\system32\drivers\ulsata.sys (disabled)
ulsata2: \SystemRoot\system32\drivers\ulsata2.sys (disabled)
UMBus Enumerator Driver: system32\DRIVERS\umbus.sys (manual start)
@%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Apple Mobile USB Driver: System32\Drivers\usbaapl.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
eHome Infrared Receiver (USBCIR): system32\DRIVERS\usbcir.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (disabled)
USB RNDIS Adapter: system32\DRIVERS\usb8023x.sys (manual start)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
vga: system32\DRIVERS\vgapnp.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Bus Filter: \SystemRoot\system32\drivers\viaagp.sys (manual start)
VIA C7 Processor Driver: \SystemRoot\system32\drivers\viac7.sys (disabled)
viaide: \SystemRoot\system32\drivers\viaide.sys (disabled)
Volume Manager Driver: system32\drivers\volmgr.sys (system)
Dynamic Volume Manager: System32\drivers\volmgrx.sys (system)
Storage volumes: system32\drivers\volsnap.sys (system)
vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (disabled)
@%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (disabled)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
Remote Access IPv6 ARP Driver: system32\DRIVERS\wanarp.sys (system)
Windows Mobile-2003-based device connectivity: %SystemRoot%\system32\svchost.exe -k WindowsMobile (disabled)
@%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
Microsoft Watchdog Timer Driver: \SystemRoot\system32\drivers\wd.sys (disabled)
Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system)
@%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k wdisvc (manual start)
@%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart)
winachsf: system32\DRIVERS\HSX_CNXT.sys (manual start)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart)
@%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Microsoft Windows Management Interface for ACPI: \SystemRoot\system32\drivers\wmiacpi.sys (disabled)
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" (manual start)
Parental Controls: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (disabled)
@%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
WpdUsb: system32\DRIVERS\wpdusb.sys (manual start)
Winsock IFS driver: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
@%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
XAudio: system32\DRIVERS\xaudio.sys (autostart)
XAudioService: %SystemRoot%\system32\DRIVERS\xaudio.exe (autostart)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\ProgramData\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_4734c370\UPDENGVDFTEST|||a

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\system32\webcheck.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 50,580 bytes
Report generated in 0.265 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only



********and i just did a antivir system scan and look::: what do I need todo????




AntiVir PersonalEdition Classic
Report file date: Friday, November 09, 2007 21:03

Scanning for 923375 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: SYSTEM
Computer name: DJK-PC

Version information:
BUILD.DAT : 270 15603 Bytes 9/19/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 9/12/2007 02:30:28
AVSCAN.DLL : 7.0.6.0 49192 Bytes 9/12/2007 02:30:28
LUKE.DLL : 7.0.5.3 147496 Bytes 9/12/2007 02:30:28
LUKERES.DLL : 7.0.6.1 10280 Bytes 9/12/2007 02:30:28
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 02:14:54
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 9/13/2007 08:48:43
ANTIVIR2.VDF : 7.0.0.172 1092608 Bytes 11/5/2007 20:31:08
ANTIVIR3.VDF : 7.0.0.197 104960 Bytes 11/9/2007 20:31:04
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 11/6/2007 20:32:33
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2/26/2007 15:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 9/12/2007 02:30:28
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 18:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 9/12/2007 02:30:30
AVREG.DLL : 7.0.1.6 30760 Bytes 9/12/2007 02:30:28
AVARKT.DLL : 1.0.0.20 278568 Bytes 9/12/2007 02:30:25
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 9/12/2007 02:30:26
NETNT.DLL : 7.0.0.0 7720 Bytes 3/8/2007 16:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 9/12/2007 02:30:21
RCTEXT.DLL : 7.0.62.0 86056 Bytes 9/12/2007 02:30:21
SQLITE3.DLL : 3.3.17.1 339968 Bytes 9/12/2007 02:30:28

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: medium
Primary action...................: interactive
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: off
Smart extensions.................: off
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: Friday, November 09, 2007 21:03

Starting search for hidden objects.
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdcau63rce.xml
[NOTE] The file is not visible.
[INFO] A backup was created as '47a914ab.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdcaukphiu.xml
[NOTE] The file is not visible.
[INFO] A backup was created as '47a914ad.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdcavg0ten.xml
[NOTE] The file is not visible.

[NOTE] The file is not visible.
[INFO] A backup was created as '47a914dc.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdposturl[1].aspx
[NOTE] The file is not visible.
[INFO] A backup was created as '47a914dd.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdposturl[2].aspx
[NOTE] The file is not visible.
[INFO] A backup was created as '4d22399e.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdposturl[3].aspx
[NOTE] The file is not visible.
[INFO] A backup was created as '47a914de.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\aek60yah\getmdrcdposturl[4].aspx
[NOTE] The file is not visible.
[INFO] A backup was created as '4d266c5f.qua' ( QUARANTINE )
c:\u
[INFO] A backup was created as '47a9151e.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\iie1h86v\getmdrcdcasa0ljs.xml
[NOTE] The file is not visible.
[INFO] A backup was created as '4c2c4f87.qua' ( QUARANTINE )
c:\users\djk\appdata\local\microsoft\windows\temporary internet files\content.ie5\iie1h86v\getmdrcdcashubl1.xml
[NOTE] The file is not visible.
[INFO] A backup was created as '47a9151f.qua' ( QUARANTINE )
'77928' objects were checked, '557' hidden objects were found.

The scan of running processes will be started

S
57 processes with 57 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0083
[NOTE] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
c:\hp\support\
C:\hp\KBD\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\
C:\Windows\System32\
C:\Windows\System32\
C:\Windows\System32\
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
C:\Windows\System32\
The registry was scanned ( '14' files ).


Starting the file scan:

Begin scan in 'C:\' <COMPAQ>
C:\
C:\hiberfil.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\pagefile.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\$Recycle.Bin\S-1-5-20\
C:\$Recycle.Bin\S-1-5-21-2152478756-3922319563-605102323-500\
C:\$Recycle.Bin\S-1-5-21-2257001731-136261297-713428605-500\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-1000\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-1001\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-1002\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-500\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-500\$R0TLFK2\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-500\$R6J3X5U\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-500\$R6J3X5U\color themes\
C:\$Recycle.Bin\S-1-5-21-3772523789-83427666-3784358141-501\
C:\Boot\
C:\Boot\cs-CZ\
C:\Boot\da-DK\
C:\Boot\de-DE\
C:\Boot\el-GR\
C:\Boot\en-US\
C:\Boot\es-ES\
C:\Boot\fi-FI\
C:\Boot\Fonts\
C:\Boot\fr-FR\
C:\Boot\hu-HU\
C:\Boot\it-IT\
C:\Boot\ja-JP\
C:\Boot\ko-KR\
C:\Boot\nb-NO\
C:\Boot\nl-NL\
C:\Boot\pl-PL\
C:\Boot\pt-BR\
C:\Boot\pt-PT\
C:\Boot\ru-RU\
C:\Boot\sv-SE\
C:\Boot\tr-TR\
C:\Boot\zh-CN\
C:\Boot\zh-HK\
C:\Boot\zh-TW\
C:\hp\
C:\hp\bin\
C:\hp\bin\logs\
C:\hp\bin\logs\HPQware\
C:\hp\bin\logs\hpu\
C:\hp\bin\logs\PicMov\
C:\hp\bin\logs\PSE_SA\
C:\hp\bin\logs\Snapfish\
C:\hp\bin\LS\
C:\hp\bin\Python\
C:\hp\bin\Python\DLLs\
C:\hp\bin\Python\Doc\
C:\hp\bin\Python\include\
C:\hp\bin\Python\Lib\
C:\hp\bin\Python\Lib\bsddb\
C:\hp\bin\Python\Lib\bsddb\test\
C:\hp\bin\Python\Lib\compiler\
C:\hp\bin\Python\Lib\curses\
C
C:\Program Files\Picasa2\
C:\Program Files\Picasa2\setup.exe
[0] Archive type: ZIP SFX (self extracting)
--> unkwn


C:\ProgramData\winzip\
C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\
C:\System Volume Information\
C:\System Volume Information\{102a474c-8d01-11dc-9e6c-001bfc07eba9}{3808876b-c176-4e48-b7ae-04046e6cc752}
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\System Volume Information\{102a4756-8d01-11dc-9e6c-001bfc07eba9}{3808876b-c176-4e48-b7ae-04046e6cc752}
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\System Volume Information\{102a4760-8d01-11dc-9e6c-001bfc07eba9}{3808876b-c176-4e48-b7ae-04046e6cc752}
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\System Volume Information\{102a476a-8d01-11dc-9e6c-001bfc07eba9}{3808876b-c176-4e48-b7ae-04046e6cc752}
[
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\
C:\Windows\ServiceProfiles\NetworkService\
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[0] Archive type: TNEF (Microsoft)
[WARNING] Error opening the file
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM5BZT3J\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC56F43M\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZZZ573C\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRJX5SHX\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media\11.0\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\Icon Files\
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\
C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\
C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\
C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-20\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\
C:\Windows\servicing\
C:\Windows\servicing\en-US\
C:\Windows\servicing\GC32\
C:\Windows\servicing\Packages\
C:\Windows\Setup\scripts\
C:\Windows\Setup\State\
C:\Windows\ShellNew\
C:\Windows\SMINST\
C:\Windows\SMINST\BOOTDISK\
C:\Windows\SMINST\BOOTDISK\BOOT\
C:\Windows\SMINST\plugin\
C:\Windows\SoftwareDistribution\
C:\Windows\SoftwareDistribution\AuthCabs\
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\
C:\Windows\SoftwareDistribution\DataStore\
C:\Windows\SoftwareDistribution\DataStore\Logs\
C:\Windows\SoftwareDistribution\Download\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\cbshandler\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehepg_31bf3856ad364e35_6.0.6000.16484_none_d96a7804d1ff27c2\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehepg_31bf3856ad364e35_6.0.6000.20595_none_d9ea452deb23fcd4\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehexthost_31bf3856ad364e35_6.0.6000.16484_none_bcaff4bac1ee8b0d\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehexthost_31bf3856ad364e35_6.0.6000.20595_none_bd2fc1e3db13601f\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehiextens_31bf3856ad364e35_6.0.6000.16484_none_fb92fb9f09f3e902\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehiextens_31bf3856ad364e35_6.0.6000.20595_none_fc12c8c82318be14\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehshell_31bf3856ad364e35_6.0.6000.16484_none_895d934544b2b614\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_ehshell_31bf3856ad364e35_6.0.6000.20595_none_89dd606e5dd78b26\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16484_none_30e985ac
a4b29c4\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.20595_none_316952d5
36ffed6\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16484_none_2344de9fcf6
95da\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.20595_none_23c4abc8e88
6aec\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16484_none_127eb769a2c98772\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.20595_none_12fe8492bbee5c84\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16484_none_31f127bfdd10ebd0\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.20595_none_3270f4e8f635c0e2\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16484_none_2da4f6778558c340\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.20595_none_2e24c3a09e7d9852\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16484_none_248fd6ee6510de0f\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.20595_none_250fa4177e35b321\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16484_none_4fd3434b538ee5c1\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.20595_none_505310746cb3bad3\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16484_none_3684087716f6a8d6\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.20595_none_3703d5a0301b7de8\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16484_none_39d24dd82e54307d\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.20595_none_3a521b014779058f\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16484_none_cc8b5ba1cc7e7bdb\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.20595_none_cd0b28cae5a350ed\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16484_none_3cf1a893629ae365\
C:\Windows\SoftwareDistribution\Download\ce743c5f48a4657d14fb18ae8248dfcb\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.20595_none_3d7175bc7bbfb877\
C:\Windows\SoftwareDistribution\EventCache\
C:\Windows\SoftwareDistribution\SelfUpdate\
C:\Windows\SoftwareDistribution\SelfUpdate\Handler\
C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\
C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\
C:\Windows\Speech\Common\
C:\Windows\Speech\Common\en-US\
C:\Windows\Speech\Engines\Lexicon\en-GB\

D:\boot\ja-JP\
D:\boot\ko-KR\
D:\boot\nb-NO\
D:\boot\nl-NL\
D:\boot\pl-PL\
D:\boot\pt-BR\
D:\boot\pt-PT\
D:\boot\ru-RU\
D:\boot\sv-SE\
D:\boot\tr-TR\
D:\boot\zh-CN\
D:\boot\zh-HK\
D:\boot\zh-TW\


D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S1.cab
[0] Archive type: CAB (Microsoft)
--> IENT_1.cab
[1] Archive type: CAB (Microsoft)
--> MSHTML.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S2.cab
[0] Archive type: CAB (Microsoft)
--> IENT_2.cab
[1] Archive type: CAB (Microsoft)
--> MSHTML.DLL
[INFO] Error multiple volume
--> JSCRIPT.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S3.cab
[0] Archive type: CAB (Microsoft)
--> IENT_3.cab
[1] Archive type: CAB (Microsoft)
--> JSCRIPT.DLL
[INFO] Error multiple volume
--> MSXML3.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S4.cab
[0] Archive type: CAB (Microsoft)
--> IENT_4.cab
[1] Archive type: CAB (Microsoft)
--> MSXML3.DLL
[INFO] Error multiple volume
--> BROWSEUI.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S5.cab
[0] Archive type: CAB (Microsoft)
--> IENT_5.cab
[1] Archive type: CAB (Microsoft)
--> BROWSEUI.DLL
[INFO] Error multiple volume
--> inseng.dll
[INFO] Error multiple volume
--> iesetup.dll
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IENT_S6.cab
[0] Archive type: CAB (Microsoft)
--> IENT_6.cab
[1] Archive type: CAB (Microsoft)
--> inseng.dll
[INFO] Error multiple volume
--> iesetup.dll
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S1.cab
[0] Archive type: CAB (Microsoft)
--> IE_1.cab
[1] Archive type: CAB (Microsoft)
--> MSHTML.TLB
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S2.cab
[0] Archive type: CAB (Microsoft)
--> IE_2.cab
[1] Archive type: CAB (Microsoft)
--> MSHTML.TLB
[INFO] Error multiple volume
--> WININET.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S3.cab
[0] Archive type: CAB (Microsoft)
--> IE_3.cab
[1] Archive type: CAB (Microsoft)
--> WININET.DLL
[INFO] Error multiple volume
--> MSXML3.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S4.cab
[0] Archive type: CAB (Microsoft)
--> IE_4.cab
[1] Archive type: CAB (Microsoft)
--> MSXML3.DLL
[INFO] Error multiple volume
--> BROWSEWM.DLL
[INFO] Error multiple volume
--> BROWSELC.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S5.cab
[0] Archive type: CAB (Microsoft)
--> IE_5.cab
[1] Archive type: CAB (Microsoft)
--> BROWSEWM.DLL
[INFO] Error multiple volume
--> BROWSELC.DLL
[INFO] Error multiple volume
--> MSLS31.DLL
[INFO] Error multiple volume
--> MMUTILSE.DLL
[INFO] Error multiple volume
[INFO] Error multiple volume
D:\hp\apps\APP02718\src\MSWORKS\REDIST\IE6\IE_S6.cab
[0] Archive type: CAB (Microsoft)
--> IE_6.cab
[1] Archive type: CAB (Microsoft)
--> MSLS31.DLL
[INFO] Error multiple volume
--> MMUTILSE.DLL
[INFO] Error multiple volume
D
D:\PC-Doctor 5 for Win PE\drivers\usbdongle\x64\
D:\PC-Doctor 5 for Win PE\drivers\usbdongle\x86\
D:\PC-Doctor 5 for Win PE\images\
D:\PC-Doctor 5 for Win PE\images\img16_16\
D:\PC-Doctor 5 for Win PE\images\img24_24\
D:\PC-Doctor 5 for Win PE\images\img32_32\
D:\PC-Doctor 5 for Win PE\images\img48_48\
D:\PC-Doctor 5 for Win PE\images\img64_64\
D:\PC-Doctor 5 for Win PE\images\img72_72\
D:\PC-Doctor 5 for Win PE\scripts\
D:\PRELOAD\
D:\RECOVERY\
D:\SOURCES\
D:\SOURCES\RECOVERY\
D:\SOURCES\RECOVERY\Tools\
D:\System Volume Information\
D:\System Volume Information\{34e4d7f9-8ee7-11dc-b310-001bfc07eba9}{3808876b-c176-4e48-b7ae-04046e6cc752}
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
D:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
D:\Windows\
D:\Windows\System32\


End of the scan: Friday, November 09, 2007 22:19
Used time: 1:15:28 min

The scan has been done completely.

17722 Scanning directories
265468 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
557 files were moved to quarantine
0 files were renamed
127 Files cannot be scanned
265468 Files not concerned
7398 Archives were scanned
129 Warnings
46 Notes
77928 Objects were scanned with rootkit scan
557 Hidden objects were found




ANY HELP????/


Thanks,

K

    Advertisements

Register to Remove

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·