Witam mam problem z reklamami CiD. Bardzo prosze o pomoc. Oto logi z combo fixa i hijcakthis:
ComboFix 08-07-05.1 - Bartek 2008-07-07 9:56:12.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.591 [GMT 2:00]
Running from: C:\Documents and Settings\Bartek\Pulpit\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\Documents and Settings\Bartek\Dane aplikacji.#
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@580@3C4198.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@580@3C41C8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@580@3C41F8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@8E4@3C4198.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@8E4@3C41C8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@8E4@3C41F8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@C20@3C4198.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@C20@3C41C8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@C20@3C41F8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@CF4@3C4198.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@CF4@3C41C8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@CF4@3C41F8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@E14@3C4198.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@E14@3C41C8.###
C:\Documents and Settings\Bartek\Dane aplikacji.#\MBX@E14@3C41F8.###
C:\Documents and Settings\Wojtek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\000ADD7E.bin
C:\Program Files\myglobalsearch\bar\Cache\000AEE28.bin
C:\Program Files\myglobalsearch\bar\Cache\000AF173.bin
C:\Program Files\myglobalsearch\bar\Cache\000DDFC2
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\Recycled\Recycled
C:\Recycled\Recycled\ctfmon.exe
.
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-06-27 21:59 . 2008-06-27 21:59
2008-06-27 21:59 . 2008-06-27 21:59
2008-06-27 21:59 . 2008-06-27 21:59
2008-06-23 12:15 . 2008-06-23 12:15 22,328 --a------ C:\Documents and Settings\Bartek\Dane aplikacji\PnkBstrK.sys
2008-06-23 12:14 . 2008-06-23 12:14 319 --a------ C:\WINDOWS\game.ini
2008-06-20 21:05 . 2008-06-26 19:28
2008-06-20 21:05 . 2008-06-20 21:06 681 --a------ C:\WINDOWS\mozver.dat
2008-06-13 16:31 . 2008-06-13 16:31
2008-06-13 16:31 . 2008-06-13 16:31
2008-06-11 21:20 . 2008-07-07 09:56
2008-06-11 10:26 . 2008-06-14 20:01 273,024 -----c— C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 10:02 . 2008-06-11 10:02
2008-06-11 10:02 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-06-11 09:58 . 2008-06-11 09:58
2008-06-11 09:57 . 2008-06-14 10:27
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-07 08:00 --------- d-----w C:\Documents and Settings\Bartek\Dane aplikacji\Skype
2008-07-07 07:45 --------- d-----w C:\Documents and Settings\Bartek\Dane aplikacji\skypePM
2008-07-06 14:28 136,888 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-06 14:28 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-07-04 12:30 --------- d-----w C:\Program Files\neostrada tp
2008-07-04 12:29 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-07-04 12:29 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
2008-06-24 14:34 --------- d-----w C:\Program Files\BearShare
2008-06-23 16:35 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 14:31 444,952 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-06-13 14:31 109,080 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-06-13 14:31 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-06-03 21:03 --------- d-----w C:\Documents and Settings\Wojtek\Dane aplikacji\Gadu-Gadu
2008-06-03 19:18 --------- d-----w C:\Documents and Settings\Wojtek\Dane aplikacji\Ulead Systems
2008-06-02 11:18 --------- d-----w C:\Documents and Settings\Bartek\Dane aplikacji\Ulead Systems
2008-06-02 11:06 --------- d-----w C:\Program Files\BitComet
2008-06-02 10:53 --------- d-----w C:\Program Files\Windows Media Components
2008-06-02 10:53 --------- d-----w C:\Program Files\Common Files\InterVideo
2008-06-02 10:46 --------- d-----w C:\Program Files\Testy gimnazjalne 2006
2008-06-02 10:46 --------- d-----w C:\Program Files\Steam
2008-05-31 09:43 --------- d-----w C:\Documents and Settings\Wojtek\Dane aplikacji\Skype
2008-05-22 11:53 --------- d-----w C:\Documents and Settings\Wojtek\Dane aplikacji\Zylom Games
2008-05-22 11:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Zylom
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-28 10:29 805,400 ----a-r C:\WINDOWS\system32\tmp13F.tmp
2008-04-28 10:29 805,400 ----a-r C:\WINDOWS\system32\tmp13E.tmp
2008-04-21 07:03 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-11 17:23 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-04-06 13:10 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44 15360]
“DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2007-08-22 14:06 167368]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” [2007-06-01 11:21 153136]
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe” [2007-05-15 18:12 484904]
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2008-02-06 18:37 21898024]
“BitComet”=“C:\Program Files\BitComet\BitComet.exe” [2008-03-25 08:38 2196280]
“Gadu-Gadu”=“E:\Program Files\Gadu-Gadu\gg.exe” [2007-11-14 12:54 2131392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=“C:\WINDOWS\System32\NvCpl.dll” [2007-06-28 18:43 8466432]
“NvMediaCenter”=“C:\WINDOWS\System32\NvMcTray.dll” [2007-06-28 18:43 81920]
“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2008-03-05 18:57 155648]
“WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2008-01-16 00:54 37376]
“NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2007-03-01 16:57 153136]
“avgnt”=“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” [2008-04-17 14:47 262401]
“Ante bags flap that”=“C:\Documents and Settings\All Users\Dane aplikacji\kind setup ante bags\Scr help.exe” [2008-07-07 10:00 2823168]
“nwiz”=“nwiz.exe” [2007-06-28 18:43 1626112 C:\WINDOWS\system32\nwiz.exe]
“RTHDCPL”=“RTHDCPL.EXE” [2007-04-10 09:28 16126464 C:\WINDOWS\RTHDCPL.exe]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-04 00:44 15360]
C:\Documents and Settings\Bartek\Menu Start\Programy\Autostart\
PowerReg Scheduler V3.exe [2008-04-17 15:14:09 225280]
PowerReg Scheduler.exe [2008-04-17 15:08:24 256000]
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\eMule\emule.exe”=
“C:\Program Files\Shareaza\Shareaza.exe”=
“C:\Program Files\BitComet\BitComet.exe”=
“J:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=
“J:\Program Files\Codemasters\GRID Demo\GRID.exe”=
“C:\WINDOWS\system32\PnkBstrA.exe”=
“C:\WINDOWS\system32\PnkBstrB.exe”=
“E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe”=
“E:\Program Files\BearShare\BearShare.exe”=
“E:\Program Files\Gadu-Gadu\gg.exe”=
“C:\Program Files\Skype\Phone\Skype.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“23304:TCP”= 23304:TCP:BitComet 23304 TCP
“23304:UDP”= 23304:UDP:BitComet 23304 UDP
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys []
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys []
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{3bd9d120-ead0-11dc-bfd8-845c6fef3968}]
\Shell\AutoRun\command - E:\
\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{41a90132-0bb6-11dd-80db-0090d00c16af}]
\Shell\AutoRun\command - L:\
\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
“C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”
.
Contents of the ‘Scheduled Tasks’ folder
“2008-07-07 08:00:00 C:\WINDOWS\Tasks\A37EB43C91B53218.job”
- c:\docume~1\szymon~1\daneap~1\greysc~1\Locks Mp3 Bird.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 10:00:04
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2008-07-07 10:02:21 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-07 08:02:18
Pre-Run: 1,056,751,616 bajtów wolnych
Post-Run: 1,670,897,664 bajt˘w wolnych
188 — E O F — 2008-06-22 09:01:37
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:48, on 2008-07-07
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\BitComet\BitComet.exe
E:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Bartek\Pulpit\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [Ante bags flap that] C:\Documents and Settings\All Users\Dane aplikacji\kind setup ante bags\Scr help.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [bitComet] “C:\Program Files\BitComet\BitComet.exe” /tray
O4 - HKCU…\Run: [Gadu-Gadu] “E:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: Download with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Download all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Eksport do programu Microsoft Excel - res://J:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Eksportuj do programu Microsoft Excel - res://J:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
–
End of file - 7247 bytes