Clean PC? [CLOSED]

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide. Want to reply to a topic, start a new one, or remove the advertising? Join today (always free).

> Geeks to Go! » Security » Malware Removal - HijackThis™ Logs Go Here

Clean PC? [CLOSED], Just confirming the HJT log is clean

Options

MatrixEquilibriu... MatrixEquilibrium View Member Profile	Sep 27 2008, 09:43 PM Post #1
GeekU Junior Posts: 311 From: The Free World OS: XP Pro	Hi, I just want to confirm that my HJT log is clean, there are some lines I'm not sure about. I've opened Startup through msconfig, and there are only 4 checked boxes which I set, yet in this log two Nokia PC Suite lines are visible. PC Suite is a safe program, but I unchecked it from startup and it's still showing up. Lastly, what is the Sony Service (O23)? I don't have any sony products. Logitech mouse, Dell keyboard, logitech webcam, Creative speakers, HP printer... Thank you in advance. Matrix Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:04:29 AM, on 10/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 4383 bytes I'm not able to end Ad-Aware's protection service...it's not installed, yet the .exe file is still there, and Access is Denied when I try to end the process. -Matrix This post has been edited by MatrixEquilibrium*: Oct 1 2008, 11:07 PM

Essexboy View Member Profile	Oct 4 2008, 11:04 AM Post #2
Global Moderator Posts: 9,573 From: Darkest Cornwall OS: Vista Ultimate	Hi there and sorry for the delay, what problems if any are you experiencing ? Download OTViewIt to your desktop. Close all windows and double click OTViewIt Place a tick in the Scan all Users box Click Run Scan and let the program run uninterrupted On completion it will produce two logs on the Desktop, atttach the OTViewIt.txt and Extras.txt logs in your next post. To attach a file, do the following: Click Add Reply Under the reply panel is the Attachments Panel Browse for the attachment file you want to upload, then click the green Upload button Once it has uploaded, click the Manage Current Attachments drop down box Click on to insert the attachment into your post

MatrixEquilibriu... MatrixEquilibrium View Member Profile	Oct 5 2008, 09:13 PM Post #3
GeekU Junior Posts: 311 From: The Free World OS: XP Pro	An error came up after scanning. Win 32 Error Code 1717 "The interface is unknown" Edit: there's no Extras.txt file. This post has been edited by MatrixEquilibrium: Oct 5 2008, 09:17 PM

MatrixEquilibriu... MatrixEquilibrium View Member Profile	Oct 5 2008, 09:16 PM Post #4
GeekU Junior Posts: 311 From: The Free World OS: XP Pro	Ok this just saved. Larger than available space, couldn't attach. Here are the contents: OTViewIt logfile created on: 10/5/2008 11:12:03 PM - Run 3 OTViewIt by OldTimer - Version 1.0.10.0 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 509.98 Mb Total Physical Memory \| 220.81 Mb Available Physical Memory \| 43.30% Memory free 1.45 Gb Paging File \| 1.07 Gb Available in Paging File \| 74.31% Paging File free Paging file location(s): C:\pagefile.sys 1000 1200; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 26.02 Gb Total Space \| 11.00 Gb Free Space \| 42.28% Space Free \| Partition Type: NTFS Drive D: \| 11.23 Gb Total Space \| 10.33 Gb Free Space \| 91.95% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SULI Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days ========== Processes ========== [2004/08/03 18:56:58 \| 00,050,688 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe [2004/08/03 18:56:58 \| 00,502,272 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe [2004/08/03 18:56:56 \| 00,108,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [2008/10/03 02:43:38 \| 00,611,664 \| ---- \| M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008/07/17 19:21:52 \| 00,068,865 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008/08/15 02:59:20 \| 00,149,761 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008/09/10 16:50:26 \| 00,116,040 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008/08/29 10:18:44 \| 00,238,888 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [2004/08/03 18:56:52 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008/10/04 12:11:28 \| 00,147,456 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe [2001/02/23 10:07:30 \| 00,270,336 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [2004/08/03 18:56:50 \| 01,032,192 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2005/09/20 10:32:24 \| 00,077,824 \| ---- \| M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe [2008/07/17 19:21:52 \| 00,266,497 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008/10/04 12:11:37 \| 00,144,792 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe [2008/09/10 17:40:06 \| 00,289,576 \| ---- \| M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe [2004/08/03 18:56:50 \| 00,015,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe [2008/09/10 17:39:48 \| 00,536,872 \| ---- \| M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe [2007/08/13 19:43:56 \| 00,622,080 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe [2007/09/20 11:35:36 \| 00,118,336 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe [2008/10/05 23:10:48 \| 00,416,768 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe ========== (O23) Win32 Services ========== [2008/10/03 02:43:38 \| 00,611,664 \| ---- \| M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Alerter [Disabled \| Stopped]) [2004/08/03 18:56:48 \| 00,044,544 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe -- (ALG [On_Demand \| Running]) [2008/07/17 19:21:52 \| 00,068,865 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto \| Running]) [2008/08/15 02:59:20 \| 00,149,761 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto \| Running]) [2008/09/10 16:50:26 \| 00,116,040 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt [On_Demand \| Stopped]) [2005/09/23 07:28:32 \| 00,029,896 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (AudioSrv [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (BITS [Auto \| Running]) [2008/08/29 10:18:44 \| 00,238,888 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Browser [Auto \| Stopped]) [2004/08/03 18:56:48 \| 00,005,632 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand \| Stopped]) [2004/08/03 18:56:48 \| 00,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv [Disabled \| Stopped]) [2005/09/23 07:28:56 \| 00,066,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) [2004/08/03 18:56:50 \| 00,005,120 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (COMSysApp [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (CryptSvc [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (DcomLaunch [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Dhcp [Auto \| Running]) [2004/08/03 18:56:50 \| 00,224,768 \| ---- \| M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\dmadmin.exe -- (dmadmin [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (dmserver [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Dnscache [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (ERSvc [Disabled \| Stopped]) [2004/08/03 18:56:56 \| 00,108,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (Eventlog [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (EventSystem [On_Demand \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (FastUserSwitchingCompatibility [Disabled \| Stopped]) [2008/08/24 02:09:08 \| 00,654,848 \| ---- \| M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (helpsvc [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (HidServ [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (HTTPFilter [On_Demand \| Stopped]) [2003/04/01 23:08:30 \| 00,069,632 \| ---- \| M] (Sony Corporation) -- C:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV [On_Demand \| Stopped]) [2005/04/04 00:41:10 \| 00,069,632 \| ---- \| M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand \| Stopped]) [2004/08/03 18:56:52 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN [Auto \| Running]) [2004/08/03 18:56:52 \| 00,150,016 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand \| Stopped]) [2008/09/10 17:39:48 \| 00,536,872 \| ---- \| M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand \| Running]) [2008/10/04 12:11:28 \| 00,147,456 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (lanmanserver [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (lanmanworkstation [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (LmHosts [Auto \| Running]) [2001/02/23 10:07:30 \| 00,270,336 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Messenger [Disabled \| Stopped]) [2004/08/03 18:56:52 \| 00,032,768 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc [Disabled \| Stopped]) [2004/08/03 18:56:54 \| 00,006,144 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC [On_Demand \| Stopped]) [2004/08/03 18:56:52 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc [Auto \| Stopped]) [2005/05/04 15:45:36 \| 00,078,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe -- (MSIServer [On_Demand \| Stopped]) [2004/08/03 18:56:56 \| 00,111,104 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDE [Disabled \| Stopped]) [2004/08/03 18:56:56 \| 00,111,104 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm [Disabled \| Stopped]) [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (Netlogon [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Netman [On_Demand \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Nla [On_Demand \| Running]) [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (NtmsSvc [On_Demand \| Stopped]) [2004/08/03 18:56:56 \| 00,108,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (PlugPlay [Auto \| Running]) [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent [Auto \| Running]) [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (RasAuto [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (RasMan [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,140,800 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (RemoteAccess [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (RemoteRegistry [Auto \| Running]) [2004/08/03 18:56:52 \| 00,075,264 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\locator.exe -- (RpcLocator [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (RpcSs [Auto \| Running]) [2001/08/23 11:00:00 \| 00,132,608 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvp.exe -- (RSVP [On_Demand \| Stopped]) [2004/08/03 18:56:52 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (SamSs [Auto \| Running]) [2004/08/03 18:56:56 \| 00,095,744 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Schedule [Auto \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (seclogon [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (SENS [Auto \| Running]) [2008/04/07 10:17:30 \| 00,430,592 \| ---- \| M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (SharedAccess [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (ShellHWDetection [Auto \| Running]) [2005/06/10 19:53:32 \| 00,057,856 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (srservice [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (SSDPSRV [On_Demand \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (stisvc [Auto \| Running]) [2004/08/03 18:56:50 \| 00,005,120 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (SwPrv [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,089,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (TapiSrv [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (TermService [On_Demand \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Themes [Auto \| Running]) [2004/08/03 18:56:58 \| 00,073,216 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (TrkWks [Disabled \| Stopped]) [2005/01/28 14:44:28 \| 00,038,912 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (upnphost [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,018,432 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\ups.exe -- (UPS [On_Demand \| Stopped]) [2007/10/18 12:31:54 \| 00,098,328 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [Disabled \| Stopped]) [2004/08/03 18:56:58 \| 00,289,792 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssvc.exe -- (VSS [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (W32Time [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (WebClient [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (winmgmt [Auto \| Running]) [2007/10/25 16:27:54 \| 00,266,240 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (WmdmPmSN [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (Wmi [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,126,464 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv [On_Demand \| Stopped]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (wscsvc [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (wuauserv [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (WZCSVC [Auto \| Running]) [2004/08/03 18:56:58 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (xmlprov [On_Demand \| Stopped]) ========== Driver Services ========== [2004/08/03 17:07:38 \| 00,187,776 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI [Boot \| Running]) [2001/08/23 11:00:00 \| 00,011,648 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC [Disabled \| Stopped]) [2006/02/14 20:22:26 \| 00,142,464 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys -- (aec [On_Demand \| Stopped]) [2004/08/03 17:14:16 \| 00,138,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD [System \| Running]) [2004/08/03 17:05:04 \| 00,014,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac [On_Demand \| Stopped]) [2004/08/03 16:59:44 \| 00,095,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi [Boot \| Running]) [2004/08/03 16:58:32 \| 00,059,904 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc [On_Demand \| Stopped]) [2001/08/17 09:59:44 \| 00,003,072 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub [On_Demand \| Running]) [2007/02/27 16:25:01 \| 00,011,840 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System \| Running]) [2008/06/30 16:57:06 \| 00,052,032 \| ---- \| M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand \| Running]) [2008/07/17 19:21:52 \| 00,075,072 \| ---- \| M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb [System \| Running]) [2001/08/23 11:00:00 \| 00,004,224 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep [System \| Running]) File not found -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys -- (catchme [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,013,952 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k [Disabled \| Stopped]) [2004/08/03 23:10:18 \| 00,017,024 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,018,688 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio [System \| Stopped]) [2004/08/03 17:14:12 \| 00,063,744 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs [Disabled \| Running]) [2004/08/03 16:59:54 \| 00,049,536 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom [System \| Running]) [2001/08/17 13:17:44 \| 00,042,432 \| ---- \| M] (Digi International, Inc.) -- C:\WINDOWS\system32\drivers\digirlpt.sys -- (DIGIRPS [On_Demand \| Stopped]) [2004/08/03 16:59:56 \| 00,036,352 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk [Boot \| Running]) [2004/08/03 17:07:18 \| 00,799,744 \| ---- \| M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot [Disabled \| Stopped]) [2004/08/03 17:07:18 \| 00,153,344 \| ---- \| M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio [Boot \| Running]) [2001/08/23 11:00:00 \| 00,005,888 \| ---- \| M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload [Boot \| Running]) [2004/08/03 23:07:40 \| 00,052,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic [On_Demand \| Stopped]) [2004/08/03 23:07:58 \| 00,002,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud [On_Demand \| Stopped]) [2004/02/10 15:49:14 \| 00,154,112 \| ---- \| M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand \| Running]) [2004/08/03 17:14:18 \| 00,143,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat [Disabled \| Stopped]) [2004/08/03 16:59:28 \| 00,027,392 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,034,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips [System \| Running]) [2004/08/03 16:59:28 \| 00,020,480 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk [System \| Stopped]) [2004/08/03 17:01:20 \| 00,124,800 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr [Boot \| Running]) [2001/08/23 11:00:00 \| 00,125,056 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk [Boot \| Running]) [2008/04/17 13:12:54 \| 00,015,464 \| ---- \| M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand \| Running]) [2007/09/07 02:39:57 \| 00,070,001 \| ---- \| M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [On_Demand \| Stopped]) [2004/08/03 17:04:14 \| 00,035,072 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc [On_Demand \| Running]) [2007/09/13 15:34:19 \| 00,026,056 \| ---- \| M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi [On_Demand \| Stopped]) [2001/08/17 14:02:20 \| 00,009,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb [On_Demand \| Stopped]) [2006/03/16 20:33:10 \| 00,262,784 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP [On_Demand \| Running]) [2004/08/03 17:14:38 \| 00,052,736 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt [System \| Running]) [2005/09/20 11:00:54 \| 01,302,332 \| ---- \| M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand \| Running]) [2004/08/03 17:00:16 \| 00,041,856 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi [System \| Running]) [2004/08/03 18:59:42 \| 00,005,504 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde [Boot \| Running]) [2004/08/03 16:59:20 \| 00,036,096 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm [System \| Running]) [2004/08/03 17:00:08 \| 00,029,056 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,032,896 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver [On_Demand \| Stopped]) [2004/08/03 17:04:46 \| 00,020,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp [On_Demand \| Stopped]) [2004/09/29 18:28:37 \| 00,134,912 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat [On_Demand \| Running]) [2004/08/03 17:14:30 \| 00,074,752 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec [System \| Running]) [2004/08/03 17:00:48 \| 00,011,264 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,035,840 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp [Boot \| Running]) [2004/08/03 16:58:34 \| 00,024,576 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass [System \| Running]) [2004/08/03 23:07:50 \| 00,171,776 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer [On_Demand \| Running]) [2004/08/03 16:59:48 \| 00,092,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD [Boot \| Running]) [2001/08/23 11:00:00 \| 00,004,224 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd [System \| Running]) [2004/08/03 19:05:44 \| 00,030,080 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem [On_Demand \| Stopped]) [2004/08/03 19:05:44 \| 00,023,040 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass [System \| Running]) [2001/08/17 13:48:00 \| 00,012,160 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid [On_Demand \| Stopped]) [2004/08/03 16:58:32 \| 00,042,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr [Boot \| Running]) [2004/08/03 17:00:58 \| 00,181,248 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV [On_Demand \| Running]) [2006/05/05 05:41:45 \| 00,453,120 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb [System \| Running]) [2004/08/03 17:00:42 \| 00,019,072 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs [System \| Running]) [2004/08/03 22:58:42 \| 00,007,552 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV [On_Demand \| Stopped]) [2004/08/03 22:58:40 \| 00,005,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK [On_Demand \| Stopped]) [2004/08/03 22:58:42 \| 00,004,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM [On_Demand \| Stopped]) [2004/08/03 19:05:44 \| 00,015,488 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios [On_Demand \| Running]) [2004/08/03 22:58:40 \| 00,005,504 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE [On_Demand \| Stopped]) [2004/08/03 17:15:22 \| 00,107,904 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup [Boot \| Running]) [2004/08/03 23:10:30 \| 00,085,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC [On_Demand \| Stopped]) [2004/08/03 17:14:30 \| 00,182,912 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS [Boot \| Running]) [2004/08/03 23:10:14 \| 00,010,880 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,009,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi [On_Demand \| Running]) [2004/08/03 19:05:44 \| 00,012,928 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio [On_Demand \| Running]) [2004/08/03 17:14:32 \| 00,091,776 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,038,016 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy [On_Demand \| Running]) [2004/08/03 17:03:22 \| 00,034,560 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS [System \| Running]) [2004/08/03 17:14:38 \| 00,162,816 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT [System \| Running]) [2007/11/29 11:39:42 \| 00,016,896 \| ---- \| M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd [On_Demand \| Stopped]) [2007/11/29 11:39:40 \| 00,019,328 \| ---- \| M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand \| Stopped]) [2008/02/01 16:17:12 \| 00,138,112 \| ---- \| M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand \| Stopped]) [2008/02/01 16:17:06 \| 00,008,320 \| ---- \| M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand \| Stopped]) [2004/08/03 17:00:44 \| 00,030,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs [System \| Running]) [2004/08/03 17:15:10 \| 00,574,592 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs [Disabled \| Running]) [2001/08/23 11:00:00 \| 00,002,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\null.sys -- (Null [System \| Running]) [2001/08/23 11:00:00 \| 00,012,416 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt [On_Demand \| Stopped]) [2001/08/23 11:00:00 \| 00,032,512 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd [On_Demand \| Stopped]) [2004/08/03 19:05:44 \| 00,080,128 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,018,688 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr [Boot \| Running]) [2001/08/23 11:00:00 \| 00,006,784 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm [Auto \| Running]) [2007/09/17 16:53:26 \| 00,021,632 \| ---- \| M] (Nokia) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd [On_Demand \| Stopped]) [2004/08/03 17:07:48 \| 00,068,224 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI [Boot \| Running]) [2001/08/23 11:00:00 \| 00,003,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde [Boot \| Running]) [2004/08/03 17:07:48 \| 00,119,936 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia [Disabled \| Stopped]) [2004/08/03 17:14:28 \| 00,048,384 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport [On_Demand \| Running]) [2004/08/03 17:04:20 \| 00,069,120 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,017,792 \| ---- \| M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand \| Running]) [2007/07/24 06:00:00 \| 00,043,872 \| ---- \| M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot \| Running]) [2001/08/17 14:05:16 \| 00,028,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\OVCD.sys -- (QCDonner [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,008,832 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd [System \| Running]) [2004/08/03 17:14:24 \| 00,051,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp [On_Demand \| Running]) [2004/08/03 17:05:08 \| 00,041,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,016,512 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti [On_Demand \| Running]) [2006/05/05 05:47:57 \| 00,174,592 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss [System \| Running]) [2001/08/23 11:00:00 \| 00,004,224 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD [System \| Running]) [2004/08/03 23:01:16 \| 00,196,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr [On_Demand \| Running]) [2005/06/10 00:09:46 \| 00,139,528 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD [On_Demand \| Stopped]) [2004/08/03 18:59:38 \| 00,057,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook [System \| Running]) [2008/05/28 11:33:36 \| 00,008,944 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System \| Running]) [2008/05/28 11:33:38 \| 00,007,408 \| R--- \| M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand \| Stopped]) [2008/05/28 11:33:36 \| 00,055,024 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System \| Running]) [2008/06/12 02:28:49 \| 00,056,108 \| ---- \| M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System \| Running]) [2004/07/17 05:36:38 \| 00,027,440 \| ---- \| M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand \| Stopped]) [2004/09/17 09:02:54 \| 00,732,928 \| ---- \| M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt [On_Demand \| Running]) [2004/08/03 16:59:08 \| 00,015,488 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum [On_Demand \| Running]) [2004/08/03 17:15:54 \| 00,064,896 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial [System \| Running]) [2004/08/03 16:59:56 \| 00,011,392 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy [System \| Stopped]) [2004/12/16 18:40:04 \| 00,055,312 \| ---- \| M] (MCCI) -- C:\WINDOWS\system32\drivers\slabbus.sys -- (slabbus [On_Demand \| Stopped]) [2004/12/16 18:41:30 \| 00,089,808 \| ---- \| M] (MCCI) -- C:\WINDOWS\system32\drivers\slabser.sys -- (slabser [On_Demand \| Stopped]) [2004/08/03 23:10:18 \| 00,011,136 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP [On_Demand \| Stopped]) [2005/01/27 15:31:06 \| 00,260,352 \| ---- \| M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand \| Running]) [2004/08/03 23:07:48 \| 00,006,400 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter [On_Demand \| Stopped]) [2004/08/03 17:06:26 \| 00,073,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys -- (sr [Boot \| Running]) [2006/04/21 02:12:27 \| 00,332,800 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv [On_Demand \| Running]) [2007/03/01 11:34:22 \| 00,028,352 \| ---- \| M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv [System \| Running]) [2004/08/03 23:10:14 \| 00,015,360 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip [On_Demand \| Stopped]) [2004/08/03 19:05:44 \| 00,004,352 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum [On_Demand \| Running]) [2001/08/17 14:00:52 \| 00,054,272 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi [On_Demand \| Stopped]) [2004/08/03 23:15:56 \| 00,060,800 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio [On_Demand \| Running]) [2006/04/20 07:51:50 \| 00,359,808 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip [System \| Running]) [2004/08/03 19:01:08 \| 00,012,040 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE [On_Demand \| Stopped]) [2004/08/03 19:01:08 \| 00,021,896 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP [On_Demand \| Stopped]) [2004/08/04 01:01:08 \| 00,040,840 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD [System \| Running]) [2004/08/03 17:00:32 \| 00,066,176 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs [Disabled \| Stopped]) [2004/08/03 16:58:34 \| 00,209,408 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys -- (Update [On_Demand \| Running]) [2007/11/29 11:39:42 \| 00,008,064 \| ---- \| M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev [On_Demand \| Stopped]) [2004/08/03 17:08:38 \| 00,026,624 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci [On_Demand \| Running]) [2004/08/03 17:08:44 \| 00,057,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub [On_Demand \| Running]) [2004/08/04 00:08:44 \| 00,025,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser [On_Demand \| Stopped]) [2007/11/29 11:39:52 \| 00,008,064 \| ---- \| M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand \| Stopped]) [2004/08/03 23:08:48 \| 00,026,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR [On_Demand \| Stopped]) [2004/08/03 17:08:38 \| 00,020,480 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci [On_Demand \| Running]) File not found -- C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS -- (VFILT [Disabled \| Stopped]) [2004/08/03 17:07:08 \| 00,020,992 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave [System \| Running]) [2004/08/03 17:00:18 \| 00,052,352 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap [Boot \| Running]) [2004/08/03 17:04:58 \| 00,034,560 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp [On_Demand \| Running]) [2006/11/06 18:04:56 \| 00,028,672 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh [On_Demand \| Stopped]) [2006/11/02 08:22:54 \| 00,492,000 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand \| Stopped]) [2004/08/03 23:15:06 \| 00,082,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud [On_Demand \| Running]) [2005/01/28 14:44:28 \| 00,018,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb [On_Demand \| Running]) [2001/08/23 11:00:00 \| 00,012,032 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled \| Stopped]) [2004/08/03 23:10:22 \| 00,019,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC [On_Demand \| Stopped]) File not found -- C:\WINDOWS\system32\zntport.sys -- (zntport [Auto \| Stopped]) ========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Default_Secondary_Page_URL"= "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\windows\system32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Security Risk Page"=about:SecurityRisk "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Local Page"=C:\windows\system32\blank.htm "Page_Transitions"= "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.google.com/ [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL] ""=http://home.microsoft.com/access/autosearch.asp?p=%s [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 "ProxyOverride" = .local [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Search_URL"=http://home.microsoft.com/search/lobby/search.asp "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Search_URL"=http://home.microsoft.com/search/lobby/search.asp "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main] [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Local Page"=C:\windows\system32\blank.htm "Page_Transitions"= "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.google.com/ [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\SearchURL] ""=http://home.microsoft.com/access/autosearch.asp?p=%s [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 "ProxyOverride" = .local ========== (O1) Hosts File ========== HOSTS File = (21 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost ========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) {53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) {9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) ========== (O3) Toolbars ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{0E5CBF21-D15F-11D0-8301-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{0E5CBF21-D15F-11D0-8301-00AA005B4383}" (HKLM) -- C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) ========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH) "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.) "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (Time Information Services Ltd.) [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (Time Information Services Ltd.) [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) ========== (O4) Startup Folders ========== ========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=1 "HideStartupScripts"=0 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=FF FF FF FF [binary data] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=1 "HideStartupScripts"=0 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=145 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=145 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=145 [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=145 [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=FF FF FF FF [binary data] [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=1 "HideStartupScripts"=0 ========== (O9) IE Extensions ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\] CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found [HKEY_USERS\S-1-5-21-854245398-606747145-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Extensions\] CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found ========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\] PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery ========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// ========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\] 1 domain(s) and sub-domain(s) not assigned to a zone.

Essexboy View Member Profile	Oct 6 2008, 12:18 PM Post #5
Global Moderator Posts: 9,573 From: Darkest Cornwall OS: Vista Ultimate	Could I have the remainder of the report please. Start from ========== (O15) Trusted Sites ==========

Essexboy View Member Profile	Oct 11 2008, 08:18 AM Post #6
Global Moderator Posts: 9,573 From: Darkest Cornwall OS: Vista Ultimate	Could you please re-post your last reply as we have lost some data - along with an update on your system

Essexboy View Member Profile	Oct 14 2008, 12:04 PM Post #7
Global Moderator Posts: 9,573 From: Darkest Cornwall OS: Vista Ultimate	Due to lack of feedback, this topic has been closed. If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

« Next Oldest · Malware Removal - HijackThis™ Logs Go Here · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members: