Prosim o preventivku
Napsal: 24 zář 2010 00:41
Ahojte, pocitac se mi docela hodne zpomalil, tak by jsem Vas chtel poprosit o preventivku.
Logfile of random's system information tool 1.08 (written by random/random)
Run by UTHAYA at 2010-09-23 16:39:48
Microsoft Windows XP Professional Service Pack 3
System drive D: has 33 GB (72%) free of 46 GB
Total RAM: 502 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:40:01 PM, on 9/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
D:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
D:\Program Files\Pure Networks\Network Magic\nmapp.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
D:\Program Files\Lexmark X125\LEX125SU.exe
D:\Program Files\WinZip\WZQKPICK.EXE
D:\WINDOWS\system32\lxducoms.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
D:\WINDOWS\system32\wuauclt.exe
D:\RSIT.exe
D:\Program Files\trend micro\UTHAYA.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [lxdumon.exe] "D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LMPDPSRV] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [nmctxth] "D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "D:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [igfxtray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [NSSInstallation] D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe /runonce /rm
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PPWebCap] D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSN Optimized;US)" -"http://www.drivearcade.com/preroll.php?g_id=1320"
O4 - Global Startup: Lexmark X125 Settings Utility.lnk = D:\Program Files\Lexmark X125\LEX125SU.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?fcc5fe1cd69242e6a648c814df1979fe
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?fcc5fe1cd69242e6a648c814df1979fe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - D:\WINDOWS\system32\lxducoms.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
--
End of file - 10494 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\Install.job
D:\WINDOWS\tasks\Norton Security Scan for UTHAYA.job
D:\WINDOWS\tasks\OGALogon.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{C843166D-DA22-4EB3-8B3E-AF9A5FE23CA4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-22 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"lxdumon.exe"=D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [2008-09-10 676520]
"lxduamon"=D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10 16040]
"Lexmark 5600-6600 Series Fax Server"=D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe [2008-09-10 311976]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"LMPDPSRV"=D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE [2002-07-11 45056]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"nmctxth"=D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2008-05-16 648504]
"nmapp"=D:\Program Files\Pure Networks\Network Magic\nmapp.exe [2008-05-21 451896]
"igfxtray"=D:\WINDOWS\system32\igfxtray.exe [2005-08-24 94208]
"igfxhkcmd"=D:\WINDOWS\system32\hkcmd.exe [2005-08-24 77824]
"igfxpers"=D:\WINDOWS\system32\igfxpers.exe [2005-08-24 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"=D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe [2010-09-23 497016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=D:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-09 39408]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"PPWebCap"=D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe [2000-03-01 48128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]
D:\Documents and Settings\All Users\Start Menu\Programs\Startup
Lexmark X125 Settings Utility.lnk - D:\Program Files\Lexmark X125\LEX125SU.exe
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
D:\WINDOWS\system32\igfxdev.dll [2005-08-24 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxducoms.exe"="D:\WINDOWS\system32\lxducoms.exe:*:Enabled:5600-6600 Series Server"
"D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe"="D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe:*:Disabled:PDP RPC Server"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2010-09-23 16:39:50 ----D---- D:\Program Files\trend micro
2010-09-23 16:39:48 ----D---- D:\rsit
2010-09-23 16:39:08 ----A---- D:\RSIT.exe
2010-09-23 16:32:47 ----D---- D:\WINDOWS\pss
2010-09-23 07:48:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2160329$
2010-09-23 02:20:02 ----HDC---- D:\WINDOWS\$NtUninstallKB980232$
2010-09-23 02:19:48 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2010-09-23 02:19:38 ----HDC---- D:\WINDOWS\$NtUninstallKB2079403$
2010-09-23 02:19:21 ----HDC---- D:\WINDOWS\$NtUninstallKB981322$
2010-09-22 10:17:27 ----HDC---- D:\WINDOWS\$NtUninstallKB980218$
2010-09-22 10:16:54 ----HDC---- D:\WINDOWS\$NtUninstallKB982214$
2010-09-22 10:16:27 ----HDC---- D:\WINDOWS\$NtUninstallKB2259922$
2010-09-22 10:16:17 ----HDC---- D:\WINDOWS\$NtUninstallKB980195$
2010-09-22 10:16:03 ----HDC---- D:\WINDOWS\$NtUninstallKB979402_WM9$
2010-09-22 10:15:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2115168$
2010-09-22 10:15:43 ----HDC---- D:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-22 10:15:27 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-09-22 10:13:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2010-09-22 10:13:37 ----HDC---- D:\WINDOWS\$NtUninstallKB978037$
2010-09-22 10:12:07 ----HDC---- D:\WINDOWS\$NtUninstallKB978338$
2010-09-22 10:10:30 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-09-22 10:08:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2347290$
2010-09-22 10:08:26 ----HDC---- D:\WINDOWS\$NtUninstallKB981852$
2010-09-22 10:02:42 ----HDC---- D:\WINDOWS\$NtUninstallKB2121546$
2010-09-22 10:02:24 ----HDC---- D:\WINDOWS\$NtUninstallKB982802$
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-TW
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-HK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\tr-TR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\sv-SE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\pt-BR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nl-NL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nb-NO
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ko-KR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\it-IT
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\he-IL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fr-FR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fi-FI
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\es-ES
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\el-GR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\de-DE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\da-DK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ar-SA
2010-09-22 09:57:05 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2010-09-22 09:56:52 ----HDC---- D:\WINDOWS\$NtUninstallKB977816$
2010-09-22 09:54:39 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$
2010-09-22 09:54:26 ----HDC---- D:\WINDOWS\$NtUninstallKB978601$
2010-09-22 09:53:56 ----HDC---- D:\WINDOWS\$NtUninstallKB980436$
2010-09-22 09:51:39 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-09-22 09:42:32 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2010-09-22 09:39:29 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2010-09-22 09:38:41 ----HDC---- D:\WINDOWS\$NtUninstallKB2286198$
2010-09-22 09:38:15 ----HDC---- D:\WINDOWS\$NtUninstallKB979309$
2010-09-22 09:37:49 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2010-09-22 09:37:14 ----HDC---- D:\WINDOWS\$NtUninstallKB978706$
2010-09-22 09:36:45 ----HDC---- D:\WINDOWS\$NtUninstallKB981997$
2010-09-22 09:36:20 ----HDC---- D:\WINDOWS\$NtUninstallKB975562$
2010-09-22 09:35:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2141007$
2010-09-22 09:28:40 ----HDC---- D:\WINDOWS\$NtUninstallKB982665$
2010-09-22 07:06:10 ----A---- D:\WINDOWS\system32\igfxres.dll
2010-09-22 06:29:43 ----D---- D:\Program Files\Symantec
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\S32EVNT1.DLL
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-09-22 06:27:15 ----D---- D:\WINDOWS\system32\drivers\NAV
2010-09-22 06:27:15 ----D---- D:\Program Files\Windows Sidebar
2010-09-22 06:27:03 ----D---- D:\Program Files\Norton AntiVirus
======List of files/folders modified in the last 1 months======
2010-09-23 16:39:50 ----RD---- D:\Program Files
2010-09-23 16:39:40 ----D---- D:\WINDOWS\Temp
2010-09-23 16:39:31 ----D---- D:\WINDOWS\Prefetch
2010-09-23 16:38:51 ----D---- D:\Documents and Settings
2010-09-23 16:32:47 ----D---- D:\WINDOWS
2010-09-23 14:56:05 ----SD---- D:\WINDOWS\Tasks
2010-09-23 14:54:40 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Macromedia
2010-09-23 14:54:20 ----D---- D:\WINDOWS\system32\Macromed
2010-09-23 10:06:13 ----SHD---- D:\System Volume Information
2010-09-23 10:05:14 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Skype
2010-09-23 10:04:58 ----D---- D:\WINDOWS\system32
2010-09-23 07:48:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-09-23 07:48:14 ----HD---- D:\WINDOWS\inf
2010-09-23 07:48:10 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-09-23 07:47:30 ----D---- D:\WINDOWS\system32\CatRoot2
2010-09-23 06:37:13 ----D---- D:\WINDOWS\Microsoft.NET
2010-09-23 05:36:26 ----RSD---- D:\WINDOWS\assembly
2010-09-23 05:05:58 ----SHD---- D:\WINDOWS\Installer
2010-09-23 04:56:35 ----D---- D:\WINDOWS\Debug
2010-09-23 04:45:12 ----D---- D:\Program Files\Microsoft Silverlight
2010-09-23 02:20:05 ----D---- D:\WINDOWS\system32\drivers
2010-09-23 02:19:56 ----HD---- D:\WINDOWS\$hf_mig$
2010-09-23 02:14:42 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-09-23 02:13:02 ----D---- D:\WINDOWS\WinSxS
2010-09-23 02:01:02 ----D---- D:\WINDOWS\AppPatch
2010-09-23 02:01:01 ----D---- D:\Program Files\NortonInstaller
2010-09-22 10:15:02 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-09-22 09:57:47 ----D---- D:\Program Files\Internet Explorer
2010-09-22 09:57:28 ----D---- D:\WINDOWS\ie8updates
2010-09-22 09:39:35 ----D---- D:\Program Files\Outlook Express
2010-09-22 09:36:49 ----D---- D:\Program Files\Movie Maker
2010-09-22 09:26:19 ----D---- D:\Program Files\Google
2010-09-22 06:31:54 ----D---- D:\Program Files\Common Files\Symantec Shared
2010-09-22 06:27:03 ----D---- D:\Documents and Settings\All Users\Application Data\Norton
2010-09-22 06:17:42 ----D---- D:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-09-22 06:14:26 ----D---- D:\Documents and Settings\All Users\Application Data\avg9
2010-09-22 06:11:22 ----SD---- D:\Documents and Settings\UTHAYA\Application Data\Microsoft
2010-09-10 14:34:30 ----A---- D:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GMAEnabler;SoftGMA Enabler; D:\WINDOWS\system32\DRIVERS\GMAEnabler.sys [2005-05-23 4736]
R0 SymDS;Symantec Data Store; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-29 328752]
R0 SymEFA;Symantec Extended File Attributes; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; D:\WINDOWS\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); D:\WINDOWS\system32\drivers\NAV\1108000.005\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; D:\WINDOWS\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-28 116784]
R2 pnarp;Pure Networks Device Discovery Driver; D:\WINDOWS\system32\DRIVERS\pnarp.sys [2008-05-16 23992]
R2 ppsio2;PPDevice; D:\WINDOWS\system32\drivers\ppsio2.sys [1999-04-01 22400]
R2 purendis;Pure Networks Wireless Driver; D:\WINDOWS\system32\DRIVERS\purendis.sys [2008-05-16 25272]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; D:\WINDOWS\system32\DRIVERS\b57xp32.sys [2009-08-06 121472]
R3 ctljystk;Creative SBLive! Gameport; D:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100922.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVEX15.SYS []
R3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SRTSP;Symantec Real Time Storage Protection; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\D:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMTDI;Symantec Network Dispatch Driver; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS [2010-05-05 361904]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 ialm;ialm; D:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-08-24 1052732]
S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 lxdu_device;lxdu_device; D:\WINDOWS\system32\lxducoms.exe [2008-05-23 594600]
R2 NAV;Norton AntiVirus; D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-25 126392]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nmservice;Pure Networks Platform Service; D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2008-05-16 648504]
S2 gupdate;Google Update Service (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 135664]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService; D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe [2008-05-23 98984]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; D:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-09 182768]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 nmraapache;Pure Networks Net2Go Service; D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [2008-05-21 12800]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; D:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by UTHAYA at 2010-09-23 16:39:48
Microsoft Windows XP Professional Service Pack 3
System drive D: has 33 GB (72%) free of 46 GB
Total RAM: 502 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:40:01 PM, on 9/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
D:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
D:\Program Files\Pure Networks\Network Magic\nmapp.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
D:\Program Files\Lexmark X125\LEX125SU.exe
D:\Program Files\WinZip\WZQKPICK.EXE
D:\WINDOWS\system32\lxducoms.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
D:\WINDOWS\system32\wuauclt.exe
D:\RSIT.exe
D:\Program Files\trend micro\UTHAYA.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [lxdumon.exe] "D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LMPDPSRV] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [nmctxth] "D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "D:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [igfxtray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [NSSInstallation] D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe /runonce /rm
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PPWebCap] D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSN Optimized;US)" -"http://www.drivearcade.com/preroll.php?g_id=1320"
O4 - Global Startup: Lexmark X125 Settings Utility.lnk = D:\Program Files\Lexmark X125\LEX125SU.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?fcc5fe1cd69242e6a648c814df1979fe
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?fcc5fe1cd69242e6a648c814df1979fe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - D:\WINDOWS\system32\lxducoms.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
--
End of file - 10494 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\Install.job
D:\WINDOWS\tasks\Norton Security Scan for UTHAYA.job
D:\WINDOWS\tasks\OGALogon.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{C843166D-DA22-4EB3-8B3E-AF9A5FE23CA4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-22 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"lxdumon.exe"=D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [2008-09-10 676520]
"lxduamon"=D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10 16040]
"Lexmark 5600-6600 Series Fax Server"=D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe [2008-09-10 311976]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"LMPDPSRV"=D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE [2002-07-11 45056]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"nmctxth"=D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2008-05-16 648504]
"nmapp"=D:\Program Files\Pure Networks\Network Magic\nmapp.exe [2008-05-21 451896]
"igfxtray"=D:\WINDOWS\system32\igfxtray.exe [2005-08-24 94208]
"igfxhkcmd"=D:\WINDOWS\system32\hkcmd.exe [2005-08-24 77824]
"igfxpers"=D:\WINDOWS\system32\igfxpers.exe [2005-08-24 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"=D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe [2010-09-23 497016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=D:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-09 39408]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"PPWebCap"=D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe [2000-03-01 48128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]
D:\Documents and Settings\All Users\Start Menu\Programs\Startup
Lexmark X125 Settings Utility.lnk - D:\Program Files\Lexmark X125\LEX125SU.exe
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
D:\WINDOWS\system32\igfxdev.dll [2005-08-24 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxducoms.exe"="D:\WINDOWS\system32\lxducoms.exe:*:Enabled:5600-6600 Series Server"
"D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe"="D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe:*:Disabled:PDP RPC Server"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2010-09-23 16:39:50 ----D---- D:\Program Files\trend micro
2010-09-23 16:39:48 ----D---- D:\rsit
2010-09-23 16:39:08 ----A---- D:\RSIT.exe
2010-09-23 16:32:47 ----D---- D:\WINDOWS\pss
2010-09-23 07:48:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2160329$
2010-09-23 02:20:02 ----HDC---- D:\WINDOWS\$NtUninstallKB980232$
2010-09-23 02:19:48 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2010-09-23 02:19:38 ----HDC---- D:\WINDOWS\$NtUninstallKB2079403$
2010-09-23 02:19:21 ----HDC---- D:\WINDOWS\$NtUninstallKB981322$
2010-09-22 10:17:27 ----HDC---- D:\WINDOWS\$NtUninstallKB980218$
2010-09-22 10:16:54 ----HDC---- D:\WINDOWS\$NtUninstallKB982214$
2010-09-22 10:16:27 ----HDC---- D:\WINDOWS\$NtUninstallKB2259922$
2010-09-22 10:16:17 ----HDC---- D:\WINDOWS\$NtUninstallKB980195$
2010-09-22 10:16:03 ----HDC---- D:\WINDOWS\$NtUninstallKB979402_WM9$
2010-09-22 10:15:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2115168$
2010-09-22 10:15:43 ----HDC---- D:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-22 10:15:27 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-09-22 10:13:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2010-09-22 10:13:37 ----HDC---- D:\WINDOWS\$NtUninstallKB978037$
2010-09-22 10:12:07 ----HDC---- D:\WINDOWS\$NtUninstallKB978338$
2010-09-22 10:10:30 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-09-22 10:08:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2347290$
2010-09-22 10:08:26 ----HDC---- D:\WINDOWS\$NtUninstallKB981852$
2010-09-22 10:02:42 ----HDC---- D:\WINDOWS\$NtUninstallKB2121546$
2010-09-22 10:02:24 ----HDC---- D:\WINDOWS\$NtUninstallKB982802$
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-TW
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-HK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\tr-TR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\sv-SE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\pt-BR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nl-NL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nb-NO
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ko-KR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\it-IT
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\he-IL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fr-FR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fi-FI
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\es-ES
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\el-GR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\de-DE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\da-DK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ar-SA
2010-09-22 09:57:05 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2010-09-22 09:56:52 ----HDC---- D:\WINDOWS\$NtUninstallKB977816$
2010-09-22 09:54:39 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$
2010-09-22 09:54:26 ----HDC---- D:\WINDOWS\$NtUninstallKB978601$
2010-09-22 09:53:56 ----HDC---- D:\WINDOWS\$NtUninstallKB980436$
2010-09-22 09:51:39 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-09-22 09:42:32 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2010-09-22 09:39:29 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2010-09-22 09:38:41 ----HDC---- D:\WINDOWS\$NtUninstallKB2286198$
2010-09-22 09:38:15 ----HDC---- D:\WINDOWS\$NtUninstallKB979309$
2010-09-22 09:37:49 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2010-09-22 09:37:14 ----HDC---- D:\WINDOWS\$NtUninstallKB978706$
2010-09-22 09:36:45 ----HDC---- D:\WINDOWS\$NtUninstallKB981997$
2010-09-22 09:36:20 ----HDC---- D:\WINDOWS\$NtUninstallKB975562$
2010-09-22 09:35:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2141007$
2010-09-22 09:28:40 ----HDC---- D:\WINDOWS\$NtUninstallKB982665$
2010-09-22 07:06:10 ----A---- D:\WINDOWS\system32\igfxres.dll
2010-09-22 06:29:43 ----D---- D:\Program Files\Symantec
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\S32EVNT1.DLL
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-09-22 06:27:15 ----D---- D:\WINDOWS\system32\drivers\NAV
2010-09-22 06:27:15 ----D---- D:\Program Files\Windows Sidebar
2010-09-22 06:27:03 ----D---- D:\Program Files\Norton AntiVirus
======List of files/folders modified in the last 1 months======
2010-09-23 16:39:50 ----RD---- D:\Program Files
2010-09-23 16:39:40 ----D---- D:\WINDOWS\Temp
2010-09-23 16:39:31 ----D---- D:\WINDOWS\Prefetch
2010-09-23 16:38:51 ----D---- D:\Documents and Settings
2010-09-23 16:32:47 ----D---- D:\WINDOWS
2010-09-23 14:56:05 ----SD---- D:\WINDOWS\Tasks
2010-09-23 14:54:40 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Macromedia
2010-09-23 14:54:20 ----D---- D:\WINDOWS\system32\Macromed
2010-09-23 10:06:13 ----SHD---- D:\System Volume Information
2010-09-23 10:05:14 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Skype
2010-09-23 10:04:58 ----D---- D:\WINDOWS\system32
2010-09-23 07:48:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-09-23 07:48:14 ----HD---- D:\WINDOWS\inf
2010-09-23 07:48:10 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-09-23 07:47:30 ----D---- D:\WINDOWS\system32\CatRoot2
2010-09-23 06:37:13 ----D---- D:\WINDOWS\Microsoft.NET
2010-09-23 05:36:26 ----RSD---- D:\WINDOWS\assembly
2010-09-23 05:05:58 ----SHD---- D:\WINDOWS\Installer
2010-09-23 04:56:35 ----D---- D:\WINDOWS\Debug
2010-09-23 04:45:12 ----D---- D:\Program Files\Microsoft Silverlight
2010-09-23 02:20:05 ----D---- D:\WINDOWS\system32\drivers
2010-09-23 02:19:56 ----HD---- D:\WINDOWS\$hf_mig$
2010-09-23 02:14:42 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-09-23 02:13:02 ----D---- D:\WINDOWS\WinSxS
2010-09-23 02:01:02 ----D---- D:\WINDOWS\AppPatch
2010-09-23 02:01:01 ----D---- D:\Program Files\NortonInstaller
2010-09-22 10:15:02 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-09-22 09:57:47 ----D---- D:\Program Files\Internet Explorer
2010-09-22 09:57:28 ----D---- D:\WINDOWS\ie8updates
2010-09-22 09:39:35 ----D---- D:\Program Files\Outlook Express
2010-09-22 09:36:49 ----D---- D:\Program Files\Movie Maker
2010-09-22 09:26:19 ----D---- D:\Program Files\Google
2010-09-22 06:31:54 ----D---- D:\Program Files\Common Files\Symantec Shared
2010-09-22 06:27:03 ----D---- D:\Documents and Settings\All Users\Application Data\Norton
2010-09-22 06:17:42 ----D---- D:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-09-22 06:14:26 ----D---- D:\Documents and Settings\All Users\Application Data\avg9
2010-09-22 06:11:22 ----SD---- D:\Documents and Settings\UTHAYA\Application Data\Microsoft
2010-09-10 14:34:30 ----A---- D:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GMAEnabler;SoftGMA Enabler; D:\WINDOWS\system32\DRIVERS\GMAEnabler.sys [2005-05-23 4736]
R0 SymDS;Symantec Data Store; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-29 328752]
R0 SymEFA;Symantec Extended File Attributes; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; D:\WINDOWS\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); D:\WINDOWS\system32\drivers\NAV\1108000.005\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; D:\WINDOWS\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-28 116784]
R2 pnarp;Pure Networks Device Discovery Driver; D:\WINDOWS\system32\DRIVERS\pnarp.sys [2008-05-16 23992]
R2 ppsio2;PPDevice; D:\WINDOWS\system32\drivers\ppsio2.sys [1999-04-01 22400]
R2 purendis;Pure Networks Wireless Driver; D:\WINDOWS\system32\DRIVERS\purendis.sys [2008-05-16 25272]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; D:\WINDOWS\system32\DRIVERS\b57xp32.sys [2009-08-06 121472]
R3 ctljystk;Creative SBLive! Gameport; D:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100922.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVEX15.SYS []
R3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SRTSP;Symantec Real Time Storage Protection; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\D:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMTDI;Symantec Network Dispatch Driver; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS [2010-05-05 361904]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 ialm;ialm; D:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-08-24 1052732]
S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 lxdu_device;lxdu_device; D:\WINDOWS\system32\lxducoms.exe [2008-05-23 594600]
R2 NAV;Norton AntiVirus; D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-25 126392]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nmservice;Pure Networks Platform Service; D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2008-05-16 648504]
S2 gupdate;Google Update Service (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 135664]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService; D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe [2008-05-23 98984]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; D:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-09 182768]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 nmraapache;Pure Networks Net2Go Service; D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [2008-05-21 12800]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; D:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Stahněte MBAM z mého podpisu
záložka