Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
     
2 Pages V   1 2 >  
 Closed TopicStart new topic
got as far as the anti malware test, results are worrying! [CLOSED, please dont say i have to format my hard drive?
ianapp
post Sep 27 2008, 12:45 PM
Post #1


Member
**
Posts: 15
OS: xp
laptop going really slow, did the malware scan as advised in a post, here are the results
im no expert but there is alot of spyware?

dont really want to format but its running really slow and random popups every now and then!


this is the result from the anti malware test

if i have to format, whats the best way to back up all my stuff, it had all my business reccords on here, ( i back up on to CDRW, but would rather not have to go through restoring all this lot!)




Malwarebytes' Anti-Malware 1.28
Database version: 1215
Windows 5.1.2600 Service Pack 2

27/09/2008 19:44:25
mbam-log-2008-09-27 (19-44-17).txt

Scan type: Quick Scan
Objects scanned: 45901
Time elapsed: 6 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 27
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 41

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\myglobalsearchbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{37b85a20-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{37b85a2a-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef281620-a3a3-4f08-874f-d68cfc9b7945} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\myglobalsearchbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\optimizer.adssite2 (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\optimizer.adssite2.1 (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\saix.installercaller (Adware.180Solutions) -> No action taken.
HKEY_CLASSES_ROOT\saix.installercaller.1 (Adware.180Solutions) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{81b7f2df-3427-4704-b441-f74a4de94ce1} (Adware.Rightonadz) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{dd469a88-316c-441d-b712-783d9b9a6707} (Adware.180Solutions) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70004d5d-3bf6-4d51-43b2-02fc0002cdb5} (Rogue.Errorsafe) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{981bda1d-c8ad-46ff-be2c-fddd859ac6f5} (Adware.180Solutions) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{d28cd14c-50be-4cfa-951e-b37f25da3472} (Adware.180Solutions) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\error nuker (Rogue.ErrorNuker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Error Nuker (Rogue.ErrorNuker) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MyGlobalSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Error Nuker (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\backup (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\bin (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\config (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\doc (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\log (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\log (Rogue.ErrorNuker) -> Files: 595 -> No action taken.
C:\Program Files\Error Nuker\res (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\startup_log (Rogue.ErrorNuker) -> No action taken.

Files Infected:
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\M9PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\1.bin\NPMYGLSH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\0001F0C3 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\00020EEA (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\0051FD32 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\005202FE.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\0052061B.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\00520967.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\History\search (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyGlobalSearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Error Nuker\Error Nuker.lnk (Rogue.ErrorNuker) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Error Nuker\Startup Manager.lnk (Rogue.ErrorNuker) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Error Nuker\Uninstall Error Nuker.lnk (Rogue.ErrorNuker) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Error Nuker\Web Home.lnk (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\uninstall.exe (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\bin\ErrorNuker.exe (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\bin\ErrorNuker.exe.bak (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\bin\PATCH.EXE (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\bin\StartupManager.exe (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\config\drr_conf.ini (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\config\drr_english.ini (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\config\drr_support.ini (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\doc\errornuker.chm (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\doc\license.rtf (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\doc\readme.txt (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\doc\vssver.scc (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\error_nuker.ico (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\startup.ico (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\uninst.ico (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\vssver.scc (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\~trash.ico (Rogue.ErrorNuker) -> No action taken.
C:\Program Files\Error Nuker\res\~xpinstall.ico (Rogue.ErrorNuker) -> No action taken.
C:\WINDOWS\system32\adssite-remove.exe (Adware.Agent) -> No action taken.
C:\Documents and Settings\All Users\Desktop\Error Nuker.lnk (Rogue.ErrorNuker) -> No action taken.
C:\WINDOWS\system32\rightonadz-uninst.exe (Adware.BHO) -> No action taken.

would these results slow my laptop down?

have i posted the correct information?

just been looking to see if i could see any of this rouge nuker etc i cant find any way to delete them..

format the only way?

This post has been edited by Octagonal: Sep 29 2008, 05:41 AM
Reason for edit: Merged posts. Please don't post more than once or bump the topic as Helpers usually first look for threads with no replies.
Go to the top of the page
 
+Quote Post
sage5
post Oct 1 2008, 07:26 AM
Post #2


Trusted Helper
Group Icon
Posts: 2,164
From: NE Victoria, Australia
OS: WinXp SP3
Hi ianapp,

Welcome to Geeks To Go,

I'm sorry that we haven't got to you until now, but the forum can get hectic at times.

I am sage5 and I will be helping you with this problem.

First I need you to download the following tools & save them to your Desktop.
OTViewIt
OTMoveIt3 by OldTimer.


Re-Run the Malwarebytes Antimalware scan:
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Save the entire report as C:\mbam.txt

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Run OTViewIt:
  • Close all open windows and double click the OTViewIt.exe icon on your Desktop
  • Tick the Scan all Users box, & the Use Whitelist box.
  • Click the Run Scan button and let the program run uninterrupted.
  • It will produce two logs for you. OTViewIt.txt will open automatically. The other one will be saved on your desktop as Extras.txt
  • I will need you to post both those logs here.

NOTE: These can be large files, and there is a limit to the number of characters that can be posted at once on this forum.
It may require you to make 2 posts, to get all the information to me

Cheers,

sage5

This post has been edited by sage5: Oct 1 2008, 07:29 AM
Go to the top of the page
 
+Quote Post
ianapp
post Oct 1 2008, 01:11 PM
Post #3


Member
**
Posts: 15
OS: xp
OTViewIt logfile created on: 01/10/2008 20:02:10 - Run 2
OTViewIt by OldTimer - Version 1.0.9.2 Folder = C:\Documents and Settings\ian\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

735.36 Mb Total Physical Memory | 507.02 Mb Available Physical Memory | 68.95% Memory free
1.38 Gb Paging File | 1.18 Gb Available in Paging File | 85.63% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 24.83 Gb Free Space | 66.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-65EE2E91BE
Current User Name: ian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = All Days

========== Processes ==========

[2008/05/16 00:06:57 | 00,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2007/04/02 07:26:11 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2007/01/19 13:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe
[2004/04/19 06:12:00 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe
[2004/08/04 13:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2006/08/31 21:33:02 | 00,115,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
[2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/01 19:36:11 | 00,419,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/05/16 00:06:57 | 00,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2008/05/16 00:19:24 | 00,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
[2008/05/16 00:19:00 | 00,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
[2008/05/16 00:16:59 | 00,349,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
[2004/08/04 13:00:00 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand | Stopped])
[2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2004/08/04 13:00:00 | 00,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fxssvc.exe -- (Fax [Disabled | Stopped])
[2007/05/14 19:42:26 | 00,138,680 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
[2004/04/19 06:12:00 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe -- (SLService [Auto | Running])
[2007/01/19 13:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

========== Driver Services ==========

[2008/05/16 00:13:26 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2001/08/17 13:52:00 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ABP480N5.SYS -- (abp480n5 [Disabled | Stopped])
[2001/08/17 14:07:32 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2004/08/03 23:07:44 | 00,044,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\AGPCPQ.SYS -- (agpCPQ [Disabled | Stopped])
[2001/08/17 13:52:02 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aha154x.sys -- (Aha154x [Disabled | Stopped])
[2001/08/17 14:07:36 | 00,055,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aic78u2.sys -- (aic78u2 [Disabled | Stopped])
[2001/08/17 14:07:38 | 00,056,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aic78xx.sys -- (aic78xx [Disabled | Stopped])
[2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde [Disabled | Stopped])
[2004/08/03 23:07:42 | 00,042,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ALIM1541.SYS -- (alim1541 [Disabled | Stopped])
[2004/08/03 23:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS -- (amdagp [Disabled | Stopped])
[2004/08/04 13:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Stopped])
[2004/05/08 10:21:44 | 00,035,840 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2001/08/17 13:52:04 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amsint.sys -- (amsint [Disabled | Stopped])
[2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc.sys -- (asc [Disabled | Stopped])
[2001/08/17 13:52:04 | 00,022,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asc3350p.sys -- (asc3350p [Disabled | Stopped])
[2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550 [Disabled | Stopped])
[2008/05/16 00:16:06 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/05/16 00:18:33 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/05/16 00:15:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
[2008/05/16 00:20:32 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/05/16 00:14:11 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2003/07/17 16:40:06 | 00,265,728 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
[2004/08/04 00:10:18 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE [On_Demand | Stopped])
[2001/08/17 13:52:06 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cd20xrnt.sys -- (cd20xrnt [Disabled | Stopped])
[2005/09/07 13:29:44 | 00,044,288 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
[2005/09/07 13:32:58 | 00,024,960 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
[2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde [Disabled | Stopped])
[2004/02/12 01:18:00 | 00,191,092 | ---- | M] (O2 Micro ) -- C:\WINDOWS\system32\drivers\o2mmb.sys -- (CONAN [On_Demand | Running])
[2001/08/17 13:52:06 | 00,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cpqarray.sys -- (Cpqarray [Disabled | Stopped])
[2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
[2001/08/17 13:52:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dac960nt.sys -- (dac960nt [Disabled | Stopped])
[2001/08/17 14:07:44 | 00,020,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o [Disabled | Stopped])
[2001/08/17 13:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
[2005/12/19 15:02:36 | 00,028,449 | ---- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS [On_Demand | Stopped])
[2005/12/19 15:02:36 | 00,060,572 | ---- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K [On_Demand | Stopped])
[2004/08/03 23:07:44 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\GAGP30KX.SYS -- (gagp30kx [Boot | Stopped])
[2001/08/17 14:07:44 | 00,025,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hpn.sys -- (hpn [Disabled | Stopped])
[2004/08/03 23:00:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt [System | Running])
[2004/08/03 23:00:52 | 00,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i2omp.sys -- (i2omp [Disabled | Stopped])
[2001/08/17 13:52:08 | 00,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ini910u.sys -- (ini910u [Disabled | Stopped])
[2004/08/04 00:00:54 | 00,087,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irda.sys -- (irda [Auto | Running])
[2004/01/27 23:00:00 | 00,006,100 | ---- | M] (O2 Micro) -- C:\WINDOWS\system32\drivers\MbxStby.sys -- (MbxStby [On_Demand | Running])
[2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x [Disabled | Stopped])
[2004/08/04 00:00:48 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSIRCOMM.sys -- (MSIRCOMM [On_Demand | Stopped])
[2004/08/03 23:58:40 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE [On_Demand | Stopped])
[2004/04/19 03:33:00 | 00,230,656 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5 [On_Demand | Running])
[2004/04/19 03:26:00 | 01,301,488 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm [On_Demand | Stopped])
[2004/08/04 00:10:30 | 00,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC [On_Demand | Stopped])
[2004/08/04 00:10:14 | 00,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP [On_Demand | Stopped])
[2004/04/19 03:15:00 | 00,180,664 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax [On_Demand | Stopped])
[2001/08/17 13:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde [Boot | Running])
[2001/08/17 14:07:40 | 00,027,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\perc2.sys -- (perc2 [Disabled | Stopped])
[2001/08/17 14:07:42 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\perc2hib.sys -- (perc2hib [Disabled | Stopped])
[2004/08/04 13:00:00 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor [System | Stopped])
[2004/08/04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080 [Disabled | Stopped])
[2001/08/17 13:52:16 | 00,033,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ql10wnt.sys -- (Ql10wnt [Disabled | Stopped])
[2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160 [Disabled | Stopped])
[2001/08/17 13:52:16 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ql1240.sys -- (ql1240 [Disabled | Stopped])
[2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280 [Disabled | Stopped])
[2001/08/17 14:51:32 | 00,019,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasirda.sys -- (Rasirda [On_Demand | Running])
[2004/04/19 03:50:00 | 00,013,912 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent [Boot | Running])
[2004/08/03 23:29:52 | 00,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB [On_Demand | Stopped])
[2006/04/28 18:24:42 | 00,061,600 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
[2006/04/28 18:25:40 | 00,009,360 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])
[2006/04/28 18:25:44 | 00,097,184 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])
[2006/04/28 18:26:46 | 00,088,688 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])
[2006/04/28 16:24:06 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])
[2006/04/28 18:27:48 | 00,086,560 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex [On_Demand | Stopped])
[2006/04/28 18:24:00 | 00,090,800 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic [On_Demand | Stopped])
[2007/11/13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/09/03 10:29:08 | 00,229,888 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315 [On_Demand | Running])
[2003/07/18 09:58:20 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP [Boot | Running])
[2004/09/02 14:37:16 | 00,012,928 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp [System | Running])
[2002/07/10 23:39:34 | 00,032,256 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC [On_Demand | Stopped])
[2004/08/04 00:10:18 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP [On_Demand | Stopped])
[2004/04/19 03:42:00 | 00,635,152 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr [On_Demand | Running])
[2004/04/19 03:34:00 | 00,095,760 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal [On_Demand | Stopped])
[2004/04/19 03:04:00 | 00,013,312 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup [On_Demand | Running])
[2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow [Disabled | Stopped])
[2001/09/24 11:08:20 | 00,030,088 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb [On_Demand | Stopped])
[2004/08/04 00:10:14 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip [On_Demand | Stopped])
[2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Disabled | Stopped])
[2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Disabled | Stopped])
[2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Disabled | Stopped])
[2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
[2001/08/17 13:51:56 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\toside.sys -- (TosIde [Disabled | Stopped])
[2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra [Disabled | Stopped])
[2004/08/04 13:00:00 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci [On_Demand | Running])
[2004/08/03 23:08:38 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci [On_Demand | Running])
[2006/09/12 18:00:00 | 00,173,632 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\V0330Vid.sys -- (V0330VID [On_Demand | Stopped])
[2004/08/03 23:07:44 | 00,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VIAAGP.SYS -- (viaagp [Disabled | Stopped])
[2004/08/03 22:59:44 | 00,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde [Disabled | Stopped])
[2004/07/23 16:43:26 | 00,159,488 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio [On_Demand | Running])
[2004/08/04 00:10:22 | 00,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC [On_Demand | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.google.com/ie
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.co.uk/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.co.uk/

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com/ie

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (HKLM) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k File not found
"NapsterShell"=C:\Program Files\Napster\napster.exe /systray (Napster)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R285 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "C:\WINDOWS\TEMP\E_S9A.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE (Microsoft Corporation)
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE (Microsoft Corporation)
"EPSON Stylus Photo R285 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "C:\WINDOWS\TEMP\E_S9A.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"CDRAutoRun"=0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"CDRAutoRun"=0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-2067409609-4096223238-882650063-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Google Search: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)
&Translate English Word: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)
Backward Links: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)
Cached Snapshot of Page: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)
Similar Pages: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)
Translate Page into English: c:\Program Files\Google\GoogleToolbar2.dll [2007/06/06 07:37:17 | 02,554,944 | R--- | M] (Google Inc.)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console -- C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}: Skype -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Messenger -- C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Windows Messenger -- C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{5ED80217-570B-4DA9-BF44-BE107C0EC166}: http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab -- Windows Live Safety Center Base Module
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://download.divx.com/player/DivXBrowserPlugin.cab -- DivXBrowserPlugin Object
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -- Java Plug-in 1.5.0_02
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_03
{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_06
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -- Java Plug-in 1.5.0_02
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwa...ash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{0121A781-2BA4-470A-A07F-87AAD2DE1E2E} (Servers: | Description: Sony Ericsson Device 039 USB Ethernet Emulation (NDIS 5))
{15780835-EBD6-4E6E-BF55-6DBD0F8AFC9F} (Servers: | Description: SiS 900-Based PCI Fast Ethernet Adapter)
{41C27D50-E7E1-477F-8C86-67687EF885EB} (Servers: | Description: Belkin Wireless 54Mbps Notebook Adapter)
{5D7C7FC9-6FF9-4BFA-892D-FF7AC3BB41B9} (Servers: | Description: 1394 Net Adapter)
{C1E82DB2-849F-4312-8078-DFCDB59F09D8} (Servers: | Description: )

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
WgaLogon: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/20 13:16:39 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within All Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2008/10/01 19:36:12 | 00,335,360 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTMoveIt3.exe
[2008/10/01 19:36:05 | 00,419,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ian\Desktop\OTViewIt.exe
[2008/09/30 23:53:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Roxio
[2008/09/30 23:50:42 | 00,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Napster.lnk
[2008/09/30 23:50:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Napster Shared
[2008/09/30 23:49:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/09/30 23:49:49 | 00,000,000 | ---D | C] -- C:\Program Files\Napster
[2008/09/27 19:36:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Malwarebytes
[2008/09/27 19:36:02 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/09/27 19:36:02 | 00,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/09/27 19:36:01 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/09/27 19:36:00 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/09/27 19:36:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/09/27 19:35:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Download Manager
[2008/09/27 19:34:34 | 00,128,368 | ---- | C] (Digital River) -- C:\Documents and Settings\ian\Desktop\Download_mbam-setup.exe
[2008/09/27 19:06:29 | 00,457,030 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\untitled.bmp
[2008/09/16 18:17:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008/08/14 18:42:47 | 00,001,913 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON File Manager.lnk
[2008/08/14 18:38:03 | 00,001,555 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Print CD.lnk
[2008/08/14 18:37:39 | 00,000,000 | ---D | C] -- C:\Program Files\EPSON Print CD
[2008/08/14 18:35:23 | 00,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK2.dll
[2008/08/14 18:35:23 | 00,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EpPicPrt.dll
[2008/08/14 18:35:23 | 00,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/08/14 18:35:23 | 00,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICEntry.dll
[2008/08/14 18:35:23 | 00,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK.dll
[2008/08/14 18:35:23 | 00,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/08/14 18:35:23 | 00,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2008/08/14 18:35:23 | 00,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/08/14 18:35:23 | 00,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/08/14 18:35:23 | 00,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/08/14 18:35:23 | 00,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/08/14 18:35:23 | 00,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/08/14 18:35:23 | 00,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2008/08/14 18:35:23 | 00,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2008/08/14 18:35:23 | 00,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/08/14 18:35:23 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/08/14 18:35:22 | 00,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EPPicMgr.dll
[2008/08/14 18:35:22 | 00,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/08/14 18:35:22 | 00,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/08/14 18:35:22 | 00,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/08/14 18:35:22 | 00,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/08/14 18:35:22 | 00,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/08/14 18:35:22 | 00,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/08/14 18:35:22 | 00,013,732 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2008/08/14 18:35:22 | 00,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/08/14 18:35:22 | 00,006,442 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_IT.cfg
[2008/08/14 18:35:22 | 00,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2008/08/14 18:35:22 | 00,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2008/08/14 18:35:22 | 00,006,335 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_GE.cfg
[2008/08/14 18:35:22 | 00,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2008/08/14 18:35:22 | 00,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2008/08/14 18:35:22 | 00,006,122 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_DU.cfg
[2008/08/14 18:35:22 | 00,006,103 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2008/08/14 18:35:22 | 00,005,817 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_KO.cfg
[2008/08/14 18:35:22 | 00,005,436 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_SC.cfg
[2008/08/14 18:35:22 | 00,002,889 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_RU.cfg
[2008/08/14 18:35:22 | 00,002,426 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_TC.cfg
[2008/08/14 18:35:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\InstallShield
[2008/08/14 18:35:03 | 00,001,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Stylus Photo R285_290 Manual.lnk
[2008/08/14 18:34:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/08/14 18:34:32 | 00,076,800 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBCKE.DLL
[2008/08/14 18:34:32 | 00,062,976 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BCKE.DLL
[2008/08/14 18:33:16 | 00,000,041 | ---- | C] () -- C:\WINDOWS\CDER285DEFGIPS.ini
[2008/06/25 20:03:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Desktop\New Folder
[2008/06/25 19:25:35 | 77,114,9824 | -HS- | C] () -- C:\hiberfil.sys
[2008/06/25 13:28:34 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2008/06/25 12:27:48 | 00,001,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2008/06/25 12:27:47 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2008/06/25 12:27:46 | 00,042,912 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2008/06/25 12:27:45 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2008/06/25 12:27:43 | 00,095,608 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2008/06/25 12:26:05 | 00,094,416 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2008/06/25 12:26:05 | 00,093,264 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2008/06/25 12:26:05 | 00,078,416 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2008/06/25 12:26:05 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2008/06/25 12:25:45 | 01,152,888 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2008/06/25 12:25:45 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2008/06/25 12:25:42 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2008/06/23 23:36:17 | 00,018,868 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\MERIDIAN HEATING.pdf
[2008/06/20 18:50:22 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/06/20 18:14:35 | 00,713,143 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\Backup.TB1
[2008/06/20 06:58:54 | 00,000,268 | -H-- | C] () -- C:\sqmdata19.sqm
[2008/06/20 06:58:54 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2008/06/19 17:24:39 | 00,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2008/06/19 17:24:39 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2008/06/18 19:53:47 | 00,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2008/06/18 19:53:46 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2008/06/18 19:28:40 | 00,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2008/06/18 19:28:40 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2008/06/18 19:11:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2008/06/18 18:52:51 | 00,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2008/06/18 18:52:51 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2008/06/18 07:23:05 | 00,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2008/06/18 07:23:05 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2008/06/18 07:19:59 | 00,000,268 | -H-- | C] () -- C:\sqmdata13.sqm
[2008/06/18 07:19:59 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2008/06/17 20:26:41 | 00,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2008/06/17 20:26:41 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2008/06/17 20:21:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/06/12 07:27:34 | 00,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2008/06/12 07:27:34 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2008/06/11 07:36:44 | 00,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2008/06/11 07:36:44 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2008/05/27 01:20:11 | 00,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2008/05/27 01:20:11 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2008/05/26 01:32:03 | 00,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2008/05/26 01:32:03 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2008/05/16 11:13:18 | 00,048,179 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\invoice.JPG
[2008/04/22 19:45:47 | 00,000,268 | -H-- | C] () -- C:\sqmdata07.sqm
[2008/04/22 19:45:47 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2008/03/26 01:08:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/03/26 01:07:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\My Documents\My Chat Logs
[2008/03/26 01:06:00 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/03/26 01:05:58 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2008/03/20 21:40:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\My Documents\WebCam Center
[2008/03/20 21:40:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Creative
[2008/03/20 19:41:41 | 00,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2008/03/20 19:40:07 | 00,001,978 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative Product Registration.lnk
[2008/03/20 19:39:38 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008/03/20 19:39:38 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008/03/20 19:39:31 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008/03/20 19:39:31 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008/03/20 19:39:28 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008/03/20 19:39:28 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008/03/20 19:39:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/03/20 19:39:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008/03/20 19:39:24 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008/03/20 19:39:24 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008/03/20 19:39:19 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008/03/20 19:39:19 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008/03/20 19:39:15 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008/03/20 19:39:15 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008/03/20 19:39:11 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008/03/20 19:39:11 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008/03/20 19:38:56 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/03/20 19:38:56 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008/03/20 19:38:56 | 00,074,685 | R--- | C] () -- C:\WINDOWS\System32\V0330530.set
[2008/03/20 19:38:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/03/20 19:38:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008/03/20 19:38:56 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/03/20 19:38:56 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008/03/20 19:38:56 | 00,004,338 | R--- | C] () -- C:\WINDOWS\VF0330.uns
[2008/03/20 19:38:53 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/03/20 19:38:53 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008/03/20 19:38:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/03/20 19:38:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008/03/20 19:38:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\CtDrvInstall
[2008/03/20 19:36:27 | 00,001,944 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative WebCam Center.lnk
[2008/03/20 19:35:55 | 00,000,000 | ---D | C] -- C:\Program Files\Creative
[2008/03/20 00:18:44 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\FAO Lynn Chalk.doc
[2008/03/16 18:58:19 | 00,053,248 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\Default.xls
[2008/03/11 18:00:02 | 00,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2008/02/27 02:08:10 | 00,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2008/02/19 00:48:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Skype
[2008/02/19 00:47:25 | 00,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2008/02/19 00:47:19 | 00,000,000 | ---D | C] -- C:\Program Files\Skype
[2008/02/19 00:47:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2008/02/19 00:47:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008/02/19 00:44:17 | 22,685,480 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\ian\Desktop\SkypeSetup.exe
[2008/02/07 22:31:18 | 00,064,288 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\lppers.JPG
[2008/02/07 22:30:35 | 00,000,434 | ---- | C] () -- C:\Documents and Settings\ian\Desktop\Shortcut to Meridian.lnk
[2008/02/07 22:20:55 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Messenger
[2008/02/05 21:54:53 | 00,000,490 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\Contact List.ctt
[2007/12/09 22:47:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Desktop\pics off ph
[2007/12/06 22:40:45 | 00,210,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2007/12/06 22:40:45 | 00,029,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2007/12/06 22:40:37 | 00,270,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2007/12/06 22:40:19 | 00,003,424 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.PNF
[2007/12/04 22:06:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2007/12/04 21:35:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2007/12/04 21:34:19 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2007/12/04 21:34:19 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2007/12/04 19:35:53 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2007/12/04 08:56:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Local Settings\Application Data\ApplicationHistory
[2007/11/21 01:17:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\ian\My Documents\My Videos
[2007/11/21 01:17:16 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2007/10/24 01:47:38 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscoree.dll
[2007/10/24 01:47:38 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscorier.dll
[2007/10/24 01:47:38 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscories.dll
[2007/10/24 01:47:28 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dfshim.dll
[2007/10/22 21:29:34 | 00,055,808 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\new up to date cv.DOC
[2007/10/20 01:56:04 | 01,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll
[2007/10/20 01:56:04 | 00,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll
[2007/10/04 00:09:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\My Documents\HiJackThis
[2007/09/23 21:41:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Desktop\holiday photos
[2007/09/23 14:09:57 | 00,040,315 | ---- | C] () -- C:\WINDOWS\System32\gzmrot-uninst.exe
[2007/08/07 20:58:32 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\ian\My Documents\MeridianHtg.xls
[2007/06/21 19:37:32 | 00,033,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2007/06/21 19:37:32 | 00,025,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2007/06/21 19:37:32 | 00,020,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2007/06/21 19:37:31 | 00,025,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2007/05/17 23:41:42 | 00,001,480 | -H-- | C] () -- C:\Documents and Settings\All Users\Desktop\NVC v5.70 Release Notes.lnk
[2007/05/16 00:02:08 | 00,001,281 | RH-- | C] () -- C:\Documents and Settings\ian\Desktop\BearShare Downloads.lnk
[2007/05/08 15:03:04 | 01,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4.dll
[2007/04/26 18:05:13 | 00,592,361 | -H-- | C] () -- C:\Documents and Settings\ian\Desktop\newest.TB1
[2007/03/09 15:11:38 | 00,000,000 | ---D | C] -- C:\EPSON
[2007/01/29 09:58:06 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2007/01/19 13:53:04 | 00,051,056 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\sirenacm.dll
[2006/12/19 15:17:19 | 02,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2006/12/19 15:15:09 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2006/12/19 13:55:40 | 02,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2006/12/19 13:55:39 | 02,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2006/11/16 03:05:17 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2006/11/16 03:04:56 | 00,000,000 | ---D | C] -- C:\fef9d434c16cb7d373f0f546b10f0f
[2006/11/08 01:17:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\My Documents\camera pics
[2006/11/07 19:11:42 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2006/11/07 19:11:42 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2006/11/07 19:10:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006/11/07 18:17:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Local Settings\Application Data\Sony Ericsson
[2006/11/07 18:12:02 | 00,018,704 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\se27nd5.sys
[2006/11/07 17:57:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ian\Application Data\Teleca
[2006/11/07 17:54:56 | 00,000,000 | ---D | C]
Go to the top of the page
 
+Quote Post
ianapp
post Oct 1 2008, 01:12 PM
Post #4


Member
**
Posts: 15
OS: xp
[2004/09/09 23:42:29 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasser.dll
[2004/09/09 23:42:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2004/09/09 23:42:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasctrs.dll
[2004/09/09 23:42:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2004/09/09 23:42:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2004/09/09 23:42:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2004/09/09 23:42:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2004/09/09 23:42:29 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasacd.sys
[2004/09/09 23:42:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2004/09/09 23:42:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2004/09/09 23:42:29 | 00,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2004/09/09 23:42:29 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcdd.sys
[2004/09/09 23:42:29 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2004/09/09 23:42:29 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched32.dll
[2004/09/09 23:42:29 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2004/09/09 23:42:29 | 00,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2004/09/09 23:42:28 | 01,287,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2004/09/09 23:42:28 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2004/09/09 23:42:28 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2004/09/09 23:42:28 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printui.dll
[2004/09/09 23:42:28 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2004/09/09 23:42:28 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2004/09/09 23:42:28 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2004/09/09 23:42:28 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2004/09/09 23:42:28 | 00,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2004/09/09 23:42:28 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2004/09/09 23:42:28 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2004/09/09 23:42:28 | 00,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\photowiz.dll
[2004/09/09 23:42:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2004/09/09 23:42:28 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.cpl
[2004/09/09 23:42:28 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2004/09/09 23:42:28 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\polstore.dll
[2004/09/09 23:42:28 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psbase.dll
[2004/09/09 23:42:28 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psched.sys
[2004/09/09 23:42:28 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2004/09/09 23:42:28 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2004/09/09 23:42:28 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrpnsp.dll
[2004/09/09 23:42:28 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmspl.dll
[2004/09/09 23:42:28 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorec.dll
[2004/09/09 23:42:28 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2004/09/09 23:42:28 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2004/09/09 23:42:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pifmgr.dll
[2004/09/09 23:42:28 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfproc.dll
[2004/09/09 23:42:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorsvc.dll
[2004/09/09 23:42:28 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2004/09/09 23:42:28 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2004/09/09 23:42:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plustab.dll
[2004/09/09 23:42:28 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\profmap.dll
[2004/09/09 23:42:28 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfdisk.dll
[2004/09/09 23:42:28 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfos.dll
[2004/09/09 23:42:28 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2004/09/09 23:42:28 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psapi.dll
[2004/09/09 23:42:28 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2004/09/09 23:42:28 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2004/09/09 23:42:28 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2004/09/09 23:42:28 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powrprof.dll
[2004/09/09 23:42:28 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2004/09/09 23:42:28 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfnet.dll
[2004/09/09 23:42:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\prflbmsg.dll
[2004/09/09 23:42:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2004/09/09 23:42:28 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfts.dll
[2004/09/09 23:42:28 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2004/09/09 23:42:28 | 0