[code]
OTScanIt2 logfile created on: 16/12/2008 08:13:59 - Run 1
OTScanIt2 by OldTimer - Version 1.0.3.1     Folder = C:\Users\The Colyers\Desktop\OTScanIt2
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
1.49 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 40.78% Memory free
3.24 Gb Paging File | 2.15 Gb Available in Paging File | 66.42% Paging File free
Paging file location(s): ?:\pagefile.sys;
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226.05 Gb Total Space | 169.69 Gb Free Space | 75.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 298.02 Gb Total Space | 282.46 Gb Free Space | 94.78% Space Free | Partition Type: FAT32
Drive S: | 1.46 Gb Total Space | 1.12 Gb Free Space | 76.62% Space Free | Partition Type: NTFS
 
Computer Name: COLYERS_POOTER
Current User Name: The Colyers
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> [2008/11/29 09:30:13 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtray.exe -> %ProgramFiles%\AVG\AVG8\avgtray.exe -> [2008/11/29 09:35:31 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2008/11/29 09:30:11 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.)
bbprint.exe -> %CommonProgramFiles%\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe -> [2008/04/16 15:04:30 | 00,156,320 | ---- | M] (Bluebeam Software, Inc.)
dwm.exe -> %SystemRoot%\System32\dwm.exe -> [2008/01/19 07:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 07:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 07:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
hkcmd.exe -> %SystemRoot%\System32\hkcmd.exe -> [2008/06/18 13:01:26 | 00,166,424 | ---- | M] (Intel Corporation)
iepr.exe -> %UserProfile%\AppData\Local\TempImages\IEPR.exe -> [2008/10/20 15:37:06 | 00,024,576 | ---- | M] ()
ieuser.exe -> %ProgramFiles%\Internet Explorer\ieuser.exe -> [2008/01/19 07:33:12 | 00,299,520 | ---- | M] (Microsoft Corporation)
igfxpers.exe -> %SystemRoot%\System32\igfxpers.exe -> [2008/06/18 13:01:30 | 00,133,656 | ---- | M] (Intel Corporation)
igfxsrvc.exe -> %SystemRoot%\System32\igfxsrvc.exe -> [2008/06/18 13:01:32 | 00,256,536 | ---- | M] (Intel Corporation)
igfxtray.exe -> %SystemRoot%\System32\igfxtray.exe -> [2008/06/18 13:01:34 | 00,141,848 | ---- | M] (Intel Corporation)
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
khost.exe -> %ProgramFiles%\Kontiki\KHost.exe -> [2008/02/27 16:56:54 | 01,032,376 | ---- | M] (Kontiki Inc.)
lsm.exe -> %SystemRoot%\System32\lsm.exe -> [2008/01/19 07:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
mobsync.exe -> %SystemRoot%\System32\mobsync.exe -> [2008/01/19 07:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation)
mpas-d.exe -> %SystemRoot%\SoftwareDistribution\Download\Install\mpas-d.exe -> [2008/12/15 14:30:53 | 00,564,616 | ---- | M] (Microsoft Corporation)
mpcmdrun.exe -> %ProgramFiles%\Windows Defender\MpCmdRun.exe -> [2008/01/19 07:38:32 | 00,319,544 | ---- | M] (Microsoft Corporation)
msascui.exe -> %ProgramFiles%\Windows Defender\MSASCui.exe -> [2008/01/19 07:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
od2mediabar_vistafilemanager.exe -> %ProgramFiles%\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe -> [2007/06/25 10:55:12 | 00,030,024 | ---- | M] ()
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/12/12 09:24:20 | 00,477,184 | ---- | M] (OldTimer Tools)
rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> [2007/04/10 09:01:32 | 04,431,872 | ---- | M] (Realtek Semiconductor)
sdwinsec.exe -> %ProgramFiles%\Spybot - Search & Destroy\SDWinSec.exe -> [2008/01/28 11:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.)
searchindexer.exe -> %SystemRoot%\System32\SearchIndexer.exe -> [2008/05/27 05:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation)
sepcsuite.exe -> %ProgramFiles%\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe -> [2008/02/20 16:19:44 | 00,356,352 | ---- | M] (Sony Ericsson Mobile Communications AB)
sidebar.exe -> %ProgramFiles%\Windows Sidebar\sidebar.exe -> [2008/01/19 07:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
sidebar.exe -> %ProgramFiles%\Windows Sidebar\sidebar.exe -> [2008/01/19 07:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
slsvc.exe -> %SystemRoot%\System32\SLsvc.exe -> [2008/01/19 07:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation)
taskeng.exe -> %SystemRoot%\System32\taskeng.exe -> [2008/01/19 07:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation)
taskeng.exe -> %SystemRoot%\System32\taskeng.exe -> [2008/01/19 07:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation)
teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> [2008/01/28 11:43:40 | 02,097,488 | RHS- | M] (Safer Networking Limited)
unsecapp.exe -> %SystemRoot%\System32\wbem\unsecapp.exe -> [2008/01/19 07:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation)
wininit.exe -> %SystemRoot%\System32\wininit.exe -> [2008/01/19 07:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation)
wmiprvse.exe -> %SystemRoot%\System32\wbem\WmiPrvSE.exe -> [2008/01/19 07:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation)
wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2008/01/19 07:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation)
wmpnscfg.exe -> %ProgramFiles%\Windows Media Player\wmpnscfg.exe -> [2008/01/19 07:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation)
wuauclt.exe -> %SystemRoot%\System32\wuauclt.exe -> [2008/10/16 21:09:43 | 00,051,224 | ---- | M] (Microsoft Corporation)
wudfhost.exe -> %SystemRoot%\System32\WUDFHost.exe -> [2008/01/19 07:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(AeLookupSvc) Application Experience [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\aelupsvc.dll -> [2006/11/02 09:46:02 | 00,024,576 | ---- | M] (Microsoft Corporation)
(Appinfo) Application Information [Win32_Shared | On_Demand | Running] -> %SystemRoot%\System32\appinfo.dll -> [2008/01/19 07:33:43 | 00,033,280 | ---- | M] (Microsoft Corporation)
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
(avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2008/11/29 09:30:11 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.)
(BFE) Base Filtering Engine [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\BFE.DLL -> [2008/01/19 07:33:47 | 00,328,704 | ---- | M] (Microsoft Corporation)
(CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\certprop.dll -> [2008/01/19 07:33:51 | 00,040,448 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/01/05 11:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation)
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] ->  -> File not found
(DFSR) DFS Replication [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\dfsr.exe -> [2008/01/19 07:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation)
(DPS) Diagnostic Policy Service [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\dps.dll -> [2008/01/19 07:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation)
(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehrecvr.exe -> [2008/01/19 07:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehsched.exe -> [2006/11/02 12:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation)
(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> %SystemRoot%\ehome\ehstart.dll -> [2006/11/02 12:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
(EMDMgmt) ReadyBoost [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\emdmgmt.dll -> [2008/06/26 03:29:02 | 00,565,248 | ---- | M] (Microsoft Corporation)
(fdPHost) Function Discovery Provider Host [Win32_Shared | On_Demand | Running] -> %SystemRoot%\System32\fdPHost.dll -> [2008/01/19 07:34:21 | 00,013,312 | ---- | M] (Microsoft Corporation)
(FDResPub) Function Discovery Resource Publication [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\FDResPub.dll -> [2006/11/02 09:46:04 | 00,027,648 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/01/05 11:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation)
(gpsvc) Group Policy Client [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\gpsvc.dll -> [2008/01/19 07:34:25 | 00,574,464 | ---- | M] (Microsoft Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] ->  -> File not found
(IKEEXT) IKE and AuthIP IPsec Keying Modules [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\IKEEXT.DLL -> [2008/01/19 07:34:32 | 00,438,272 | ---- | M] (Microsoft Corporation)
(IPBusEnum) PnP-X IP Bus Enumerator [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\IPBusEnum.dll -> [2008/01/19 07:34:34 | 00,074,240 | ---- | M] (Microsoft Corporation)
(iphlpsvc) IP Helper [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\iphlpsvc.dll -> [2008/01/19 07:34:34 | 00,188,416 | ---- | M] (Microsoft Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
(Irmon) Infrared monitor service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\irmon.dll -> [2006/11/02 09:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation)
(KService) KService [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Kontiki\KService.exe -> [2008/02/27 16:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.)
(KtmRm) KtmRm for Distributed Transaction Coordinator [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\msdtckrm.dll -> [2008/01/19 07:34:56 | 00,344,576 | ---- | M] (Microsoft Corporation)
(lltdsvc) Link-Layer Topology Discovery Mapper [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\lltdsvc.dll -> [2008/01/19 07:34:42 | 00,188,928 | ---- | M] (Microsoft Corporation)
(Mcx2Svc) Windows Media Center Extender Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\System32\Mcx2Svc.dll -> [2008/01/19 07:34:44 | 00,053,760 | ---- | M] (Microsoft Corporation)
(MMCSS) Multimedia Class Scheduler [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\mmcss.dll -> [2008/01/19 07:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation)
(MpsSvc) Windows Firewall [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\MPSSVC.dll -> [2008/01/19 07:34:53 | 00,393,216 | ---- | M] (Microsoft Corporation)
(MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> %SystemRoot%\System32\Msdtc -> [2006/11/02 13:04:14 | 00,000,000 | ---D | M]
(MSiSCSI) Microsoft iSCSI Initiator Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\iscsiexe.dll -> [2008/01/19 07:34:35 | 00,111,616 | ---- | M] (Microsoft Corporation)
(netprofm) Network List Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\netprofm.dll -> [2008/01/19 07:35:36 | 00,237,056 | ---- | M] (Microsoft Corporation)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/01/05 11:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation)
(NlaSvc) Network Location Awareness [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\nlasvc.dll -> [2008/01/19 07:35:38 | 00,168,448 | ---- | M] (Microsoft Corporation)
(nsi) Network Store Interface Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\nsisvc.dll -> [2008/01/19 07:35:57 | 00,018,432 | ---- | M] (Microsoft Corporation)
(PcaSvc) Program Compatibility Assistant Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\pcasvc.dll -> [2008/01/19 07:36:03 | 00,037,888 | ---- | M] (Microsoft Corporation)
(pla) Performance Logs & Alerts [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\pla.dll -> [2008/01/19 07:36:06 | 01,502,208 | ---- | M] (Microsoft Corporation)
(PlugPlay) Plug and Play [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\umpnpmgr.dll -> [2008/01/19 07:36:45 | 00,221,696 | ---- | M] (Microsoft Corporation)
(PNRPsvc) Peer Name Resolution Protocol [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\p2psvc.dll -> [2008/01/19 07:36:09 | 00,658,944 | ---- | M] (Microsoft Corporation)
(PolicyAgent) IPsec Policy Agent [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\IPSECSVC.DLL -> [2008/06/19 03:31:48 | 00,361,984 | ---- | M] (Microsoft Corporation)
(ProfSvc) User Profile Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\profsvc.dll -> [2008/01/19 07:36:11 | 00,153,600 | ---- | M] (Microsoft Corporation)
(QWAVE) Quality Windows Audio Video Experience [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\qwave.dll -> [2008/01/19 07:36:14 | 00,243,712 | ---- | M] (Microsoft Corporation)
(SBSDWSCService) SBSD Security Center Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spybot - Search & Destroy\SDWinSec.exe -> [2008/01/28 11:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.)
(SCardSvr) Smart Card [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\SCardSvr.dll -> [2008/01/19 07:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation)
(SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\certprop.dll -> [2008/01/19 07:33:51 | 00,040,448 | ---- | M] (Microsoft Corporation)
(SessionEnv) Terminal Services Configuration [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\SessEnv.dll -> [2008/01/19 07:36:21 | 00,084,992 | ---- | M] (Microsoft Corporation)
(slsvc) Software Licensing [Win32_Own | Auto | Running] -> %SystemRoot%\System32\SLsvc.exe -> [2008/01/19 07:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation)
(SLUINotify) SL UI Notification Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\SLUINotify.dll -> [2008/01/19 07:36:30 | 00,057,856 | ---- | M] (Microsoft Corporation)
(SNMPTRAP) SNMP Trap [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\snmptrap.exe -> [2006/11/02 09:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation)
(SstpSvc) Secure Socket Tunneling Protocol Service [Win32_Shared | On_Demand | Running] -> %SystemRoot%\System32\sstpsvc.dll -> [2008/01/19 07:36:36 | 00,116,736 | ---- | M] (Microsoft Corporation)
(swprv) Microsoft Software Shadow Copy Provider [Win32_Own | On_Demand | Running] -> %SystemRoot%\System32\swprv.dll -> [2008/01/19 07:36:37 | 00,310,784 | ---- | M] (Microsoft Corporation)
(SysMain) Superfetch [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\sysmain.dll -> [2008/01/19 07:36:38 | 00,574,976 | ---- | M] (Microsoft Corporation)
(TabletInputService) Tablet PC Input Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\TabSvc.dll -> [2006/11/02 12:35:24 | 00,068,096 | ---- | M] (Microsoft Corporation)
(THREADORDER) Thread Ordering Server [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\mmcss.dll -> [2008/01/19 07:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation)
(UI0Detect) Interactive Services Detection [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\UI0Detect.exe -> [2008/01/19 07:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
(UxSms) Desktop Window Manager Session Manager [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\uxsms.dll -> [2008/01/19 07:36:47 | 00,028,672 | ---- | M] (Microsoft Corporation)
(vds) Virtual Disk [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\vds.exe -> [2008/01/19 07:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation)
(wcncsvc) Windows Connect Now - Config Registrar [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\wcncsvc.dll -> [2008/01/19 07:36:49 | 00,412,672 | ---- | M] (Microsoft Corporation)
(WcsPlugInService) Windows Color System [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\WcsPlugInService.dll -> [2006/11/02 09:46:13 | 00,032,256 | ---- | M] (Microsoft Corporation)
(WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] ->  -> File not found
(WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] ->  -> File not found
(Wecsvc) Windows Event Collector [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\wecsvc.dll -> [2008/01/19 07:36:52 | 00,145,408 | ---- | M] (Microsoft Corporation)
(wercplsupport) Problem Reports and Solutions Control Panel Support [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\wercplsupport.dll -> [2008/01/19 07:36:52 | 00,062,976 | ---- | M] (Microsoft Corporation)
(WinDefend) Windows Defender [Win32_Shared | Auto | Running] -> %ProgramFiles%\Windows Defender\MpSvc.dll -> [2008/01/19 07:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation)
(WinHttpAutoProxySvc) WinHTTP Web Proxy Auto-Discovery Service [Win32_Shared | On_Demand | Running] -> %SystemRoot%\System32\winhttp.dll -> [2008/01/19 07:36:55 | 00,376,832 | ---- | M] (Microsoft Corporation)
(WinRM) Windows Remote Management (WS-Management) [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\WsmSvc.dll -> [2008/01/19 07:37:11 | 00,745,472 | ---- | M] (Microsoft Corporation)
(Wlansvc) WLAN AutoConfig [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\wlansvc.dll -> [2008/01/19 07:36:57 | 00,513,536 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2008/01/19 07:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation)
(WPDBusEnum) Portable Device Enumerator Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\wpdbusenum.dll -> [2008/01/19 07:37:08 | 00,070,144 | ---- | M] (Microsoft Corporation)
(WSearch) Windows Search [Win32_Own | Auto | Running] -> %SystemRoot%\System32\SearchIndexer.exe -> [2008/05/27 05:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation)
(wuauserv) Windows Update [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\wuaueng.dll -> [2008/10/16 21:13:38 | 01,809,944 | ---- | M] (Microsoft Corporation)
(wudfsvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\WUDFSvc.dll -> [2008/01/19 07:37:12 | 00,055,296 | ---- | M] (Microsoft Corporation)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
 
[Driver Services - Safe List]
(61883) 61883 Unit Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\61883.sys -> [2008/01/19 05:53:31 | 00,045,696 | ---- | M] (Microsoft Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\adp94xx.sys -> [2006/11/02 09:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\adpahci.sys -> [2006/11/02 09:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\adpu160m.sys -> [2006/11/02 09:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\adpu320.sys -> [2006/11/02 09:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.)
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\AGRSM.sys -> [2006/11/02 07:41:50 | 00,983,552 | ---- | M] (Agere Systems)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\djsvs.sys -> [2006/11/02 09:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\aliide.sys -> [2006/11/02 09:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\AMDAGP.SYS -> [2006/11/02 09:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation)
(amdide) amdide [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\amdide.sys -> [2006/11/02 09:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation)
(AmdK7) AMD K7 Processor Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\amdk7.sys -> [2006/11/02 08:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation)
(AmdK8) AMD K8 Processor Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\amdk8.sys -> [2006/11/02 08:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation)
(arc) arc [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\arc.sys -> [2006/11/02 09:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\arcsas.sys -> [2006/11/02 09:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(Avc) AVC Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\avc.sys -> [2008/01/19 05:53:31 | 00,040,448 | ---- | M] (Microsoft Corporation)
(AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2008/11/29 09:30:17 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgMfx86) AVG Minifilter x86 Resident Driver [File_System | System | Running] -> %SystemRoot%\System32\drivers\avgmfx86.sys -> [2008/11/29 09:30:17 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.)
(bowser) bowser [File_System | On_Demand | Running] -> %SystemRoot%\System32\drivers\bowser.sys -> [2008/01/19 05:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\BrFiltLo.sys -> [2006/11/02 08:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\BrFiltUp.sys -> [2006/11/02 08:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\BrSerId.sys -> [2006/11/02 08:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\BrSerWdm.sys -> [2006/11/02 08:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\BrUsbMdm.sys -> [2006/11/02 08:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\BrUsbSer.sys -> [2006/11/02 08:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.)
(BTHMODEM) Bluetooth Serial Communications Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\bthmodem.sys -> [2006/11/02 08:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation)
(circlass) Consumer IR Devices [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\circlass.sys -> [2006/11/02 08:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation)
(CLFS) Common Log (CLFS) [Kernel | Unknown | Running] -> %SystemRoot%\System32\clfs.sys -> [2008/01/19 07:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\cmdide.sys -> [2006/11/02 09:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.)
(crcdisk) Crcdisk Filter Driver [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\crcdisk.sys -> [2006/11/02 09:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation)
(Crusoe) Transmeta Crusoe Processor Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\crusoe.sys -> [2006/11/02 08:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation)
(DfsC) DFS Namespace Client Driver [File_System | System | Running] -> %SystemRoot%\System32\drivers\dfsc.sys -> [2008/01/19 05:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation)
(DXGKrnl) LDDM Graphics Subsystem [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\dxgkrnl.sys -> [2008/08/02 01:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\E1G60I32.sys -> [2006/11/02 07:30:54 | 00,117,760 | ---- | M] (Intel Corporation)
(Ecache) ReadyBoost Caching Driver [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\ecache.sys -> [2008/01/19 07:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\elxstor.sys -> [2006/11/02 09:51:34 | 00,316,520 | ---- | M] (Emulex)
(exfat) exFAT File System Driver [File_System | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\exfat.sys -> [2008/01/19 05:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation)
(FileInfo) File Information FS MiniFilter [File_System | Boot | Running] -> %SystemRoot%\System32\drivers\fileinfo.sys -> [2008/01/19 07:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation)
(Filetrace) Filetrace [File_System | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\filetrace.sys -> [2008/01/19 05:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation)
(gagp30kx) Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\GAGP30KX.SYS -> [2006/11/02 09:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(giveio) giveio [Kernel | Boot | Running] -> %SystemRoot%\System32\giveio.sys -> [1996/04/03 19:33:26 | 00,005,248 | ---- | M] ()
(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\HdAudio.sys -> [2006/11/02 07:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\hdaudbus.sys -> [2008/01/19 04:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation)
(HidBth) Microsoft Bluetooth HID Miniport [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\hidbth.sys -> [2006/11/02 08:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation)
(HidIr) Microsoft Infrared HID Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\hidir.sys -> [2006/11/02 08:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\HpCISSs.sys -> [2006/11/02 09:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company)
(ialm) ialm [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\igdkmd32.sys -> [2008/06/18 12:38:20 | 02,307,584 | ---- | M] (Intel Corporation)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\iaStorV.sys -> [2006/11/02 09:51:25 | 00,232,040 | ---- | M] (Intel Corporation)
(igfx) igfx [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\igdkmd32.sys -> [2008/06/18 12:38:20 | 02,307,584 | ---- | M] (Intel Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\iirsp.sys -> [2006/11/02 09:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\RTKVHDA.sys -> [2007/04/10 12:05:38 | 01,764,960 | ---- | M] (Realtek Semiconductor Corp.)
(IPMIDRV) IPMIDRV [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\IPMIDrv.sys -> [2006/11/02 08:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation)
(irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\irsir.sys -> [2008/01/19 05:55:21 | 00,020,992 | ---- | M] (Microsoft Corporation)
(iScsiPrt) iScsiPort Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\msiscsi.sys -> [2008/01/19 07:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\iteatapi.sys -> [2006/11/02 09:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\iteraid.sys -> [2006/11/02 09:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(kbdhid) Keyboard HID Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\kbdhid.sys -> [2006/11/02 08:51:12 | 00,015,872 | ---- | M] (Microsoft Corporation)
(lltdio) Link-Layer Topology Discovery Mapper I/O Driver [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\lltdio.sys -> [2008/01/19 05:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\lsi_fc.sys -> [2006/11/02 09:50:04 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\lsi_sas.sys -> [2006/11/02 09:50:05 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\lsi_scsi.sys -> [2006/11/02 09:50:10 | 00,065,640 | ---- | M] (LSI Logic)
(luafv) UAC File Virtualization [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\luafv.sys -> [2008/01/19 05:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation)
(megasas) megasas [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\megasas.sys -> [2006/11/02 09:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation)
(monitor) Microsoft Monitor Class Function Driver Service [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\monitor.sys -> [2008/01/19 05:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation)
(mpio) Microsoft Multi-Path Bus Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\mpio.sys -> [2006/11/02 09:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation)
(mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\mpsdrv.sys -> [2008/01/19 05:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\Mraid35x.sys -> [2006/11/02 09:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation)
(mrxsmb10) SMB 1.x MiniRedirector [File_System | On_Demand | Running] -> %SystemRoot%\System32\drivers\mrxsmb10.sys -> [2008/08/27 01:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation)
(mrxsmb20) SMB 2.0 MiniRedirector [File_System | On_Demand | Running] -> %SystemRoot%\System32\drivers\mrxsmb20.sys -> [2008/01/19 05:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation)
(msahci) msahci [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\msahci.sys -> [2006/11/02 09:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation)
(msdsm) Microsoft Multi-Path Device Specific Module [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\msdsm.sys -> [2006/11/02 09:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation)
(MSDV) Microsoft DV Camera and VCR [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\msdv.sys -> [2008/01/19 05:53:28 | 00,052,608 | ---- | M] (Microsoft Corporation)
(msisadrv) ISA/EISA Class Driver [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\msisadrv.sys -> [2008/01/19 07:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation)
(MsRPC) MsRPC [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\msrpc.sys -> [2008/01/19 07:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation)
(NativeWifiP) NativeWiFi Filter [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\nwifi.sys -> [2008/05/20 02:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation)
(NETw3v32) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\NETw3v32.sys -> [2006/11/02 07:30:54 | 01,781,760 | ---- | M] (Intel® Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\nfrd960.sys -> [2006/11/02 09:50:19 | 00,045,160 | ---- | M] (IBM Corporation)
(nsiproxy) NSI proxy service [Kernel | System | Running] -> %SystemRoot%\System32\drivers\nsiproxy.sys -> [2008/01/19 05:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\ntrigdigi.sys -> [2006/11/02 07:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\nvraid.sys -> [2006/11/02 09:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\nvstor.sys -> [2006/11/02 09:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation)
(nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\NV_AGP.SYS -> [2006/11/02 09:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation)
(PEAUTH) PEAUTH [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\PEAuth.sys -> [2006/11/02 09:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation)
(PSched) QoS Packet Scheduler [Kernel | System | Running] -> %SystemRoot%\System32\drivers\pacer.sys -> [2008/04/05 01:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation)
(QCDonner) Logitech QuickCam Express(PID_0840) [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\lvcd.sys -> [2004/04/26 22:31:04 | 00,474,304 | ---- | M] (Logitech Inc.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\ql2300.sys -> [2006/11/02 09:51:45 | 00,900,712 | ---- | M] (QLogic Corporation)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\ql40xx.sys -> [2006/11/02 09:50:35 | 00,106,088 | ---- | M] (QLogic Corporation)
(QWAVEdrv) QWAVE driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\qwavedrv.sys -> [2008/01/19 05:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation)
(RasSstp) WAN Miniport (SSTP) [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\rassstp.sys -> [2008/01/19 05:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation)
(RDPENCDD) RDP Encoder Mirror Driver [Kernel | System | Running] -> %SystemRoot%\System32\drivers\RDPENCDD.sys -> [2008/01/19 06:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation)
(rspndr) Link-Layer Topology Discovery Responder [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\rspndr.sys -> [2008/01/19 05:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation)
(RTL8023xp) Realtek 10/100 NIC Family NDIS x86 Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\Rtnicxp.sys -> [2006/11/02 07:30:56 | 00,047,104 | ---- | M] (Realtek Semiconductor Corporation                           )
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\Rtlh86.sys -> [2006/11/02 07:30:56 | 00,044,544 | ---- | M] (Realtek Corporation)
(sbp2port) SBP-2 Transport/Protocol Bus Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sbp2port.sys -> [2006/11/02 09:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation)
(secdrv) Security Driver [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\secdrv.sys -> [2006/11/02 06:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sermouse) Serial Mouse Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sermouse.sys -> [2008/01/19 05:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation)
(sffdisk) SFF Storage Class Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sffdisk.sys -> [2006/11/02 08:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation)
(sffp_mmc) SFF Storage Protocol Driver for MMC [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\sffp_mmc.sys -> [2006/11/02 08:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation)
(sffp_sd) SFF Storage Protocol Driver for SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\sffp_sd.sys -> [2006/11/02 08:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation)
(sisagp) SIS AGP Bus Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\SISAGP.SYS -> [2006/11/02 09:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sisraid2.sys -> [2006/11/02 09:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sisraid4.sys -> [2006/11/02 09:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems)
(Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session) [Kernel | System | Running] -> %SystemRoot%\System32\drivers\smb.sys -> [2008/01/19 05:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation)
(speedfan) speedfan [Kernel | Boot | Running] -> %SystemRoot%\System32\speedfan.sys -> [2006/09/24 13:28:46 | 00,005,248 | ---- | M] (Windows (R) 2000 DDK provider)
(spldr) Security Processor Loader Driver [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\spldr.sys -> [2008/01/19 07:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation)
(srv2) srv2 [File_System | On_Demand | Running] -> %SystemRoot%\System32\drivers\srv2.sys -> [2008/01/19 05:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation)
(srvnet) srvnet [File_System | On_Demand | Running] -> %SystemRoot%\System32\drivers\srvnet.sys -> [2008/01/19 05:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation)
(ST330) ST330 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\st330.sys -> [2007/10/08 19:27:45 | 00,030,464 | ---- | M] (THOMSON Telecom Belgium)
(STBUS) STBUS [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\stbus.sys -> [2007/10/08 19:27:45 | 00,012,672 | ---- | M] (THOMSON Telecom Belgium)
(stppp) Speedtouch PPP Adapter Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\stppp.sys -> [2007/10/08 19:27:45 | 00,035,328 | ---- | M] (THOMSON Telecom Belgium)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\symc8xx.sys -> [2006/11/02 09:50:05 | 00,035,944 | ---- | M] (LSI Logic)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sym_hi.sys -> [2006/11/02 09:49:56 | 00,031,848 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\sym_u3.sys -> [2006/11/02 09:50:03 | 00,034,920 | ---- | M] (LSI Logic)
(tcpipreg) TCP/IP Registry Compatibility [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\tcpipreg.sys -> [2008/01/19 05:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation)
(tdx) NetIO Legacy TDI Support Driver [Kernel | System | Running] -> %SystemRoot%\System32\drivers\tdx.sys -> [2008/01/19 05:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation)
(tssecsrv) Terminal Services Security Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\tssecsrv.sys -> [2008/01/19 06:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation)
(tunmp) Microsoft Tun Miniport Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\TUNMP.SYS -> [2008/01/19 05:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation)
(tunnel) Microsoft IPv6 Tunnel Miniport Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\tunnel.sys -> [2008/01/19 05:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation)
(uagp35) Microsoft AGPv3.5 Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\UAGP35.SYS -> [2006/11/02 09:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation)
(uliagpkx) Uli AGP Bus Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\ULIAGPKX.SYS -> [2006/11/02 09:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\uliahci.sys -> [2006/11/02 09:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\ulsata.sys -> [2006/11/02 09:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\ulsata2.sys -> [2006/11/02 09:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.)
(umbus) UMBus Enumerator Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\umbus.sys -> [2008/01/19 05:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation)
(usbcir) eHome Infrared Receiver (USBCIR) [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\usbcir.sys -> [2006/11/02 08:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation)
(vga) vga [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\vgapnp.sys -> [2006/11/02 08:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation)
(ViaC7) VIA C7 Processor Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\viac7.sys -> [2006/11/02 08:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\viaide.sys -> [2006/11/02 09:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.)
(volmgr) Volume Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\volmgr.sys -> [2008/01/19 07:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation)
(volmgrx) Dynamic Volume Manager [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\volmgrx.sys -> [2008/01/19 07:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\vsmraid.sys -> [2006/11/02 09:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(WacomPen) Wacom Serial Pen HID Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\wacompen.sys -> [2006/11/02 08:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation)
(Wd) Microsoft Watchdog Timer Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\wd.sys -> [2006/11/02 09:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation)
(Wdf01000) Kernel Mode Driver Frameworks service [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\Wdf01000.sys -> [2008/01/19 07:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation)
(WmiAcpi) Microsoft Windows Management Interface for ACPI [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\wmiacpi.sys -> [2006/11/02 08:35:03 | 00,011,264 | ---- | M] (Microsoft Corporation)
(ws2ifsl) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\System32\drivers\ws2ifsl.sys -> [2008/01/19 05:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.sky.com -> 
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.bbc.co.uk/ -> 
HKEY_CURRENT_USER\: Main\\"StartPageCache" ->  -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> about:blank -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> 
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
::1             localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/01/12 19:38:22 | 00,063,128 | ---- | M] (Adobe Systems Incorporated)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2008/11/29 09:30:13 | 00,455,960 | ---- | M] (AVG Technologies CZ, s.r.o.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/01/28 11:43:28 | 01,554,256 | ---- | M] (Safer Networking Limited)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AVG8_TRAY" -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> [2008/11/29 09:35:31 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.)
"BbInstallUser" -> %ProgramFiles%\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe [C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe] -> [2008/10/22 16:11:16 | 00,049,824 | ---- | M] (Bluebeam Software, Inc.)
"BbPrintMonitor" -> %CommonProgramFiles%\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe [C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe] -> [2008/04/16 15:04:30 | 00,156,320 | ---- | M] (Bluebeam Software, Inc.)
"BVRPLiveUpdate" ->  [C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\PROGRA~2\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT] -> File not found
"HotKeysCmds" -> %SystemRoot%\System32\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2008/06/18 13:01:26 | 00,166,424 | ---- | M] (Intel Corporation)
"IgfxTray" -> %SystemRoot%\System32\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2008/06/18 13:01:34 | 00,141,848 | ---- | M] (Intel Corporation)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
"kdx" -> %ProgramFiles%\Kontiki\KHost.exe ["C:\Program Files\Kontiki\KHost.exe" -all] -> [2008/02/27 16:56:54 | 01,032,376 | ---- | M] (Kontiki Inc.)
"MediaBarFileManager" -> %ProgramFiles%\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe [C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe] -> [2007/06/25 10:55:12 | 00,030,024 | ---- | M] ()
"Persistence" -> %SystemRoot%\System32\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2008/06/18 13:01:30 | 00,133,656 | ---- | M] (Intel Corporation)
"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2008/11/04 10:30:50 | 00,413,696 | ---- | M] (Apple Inc.)
"RtHDVCpl" -> %SystemRoot%\RtHDVCpl.exe [RtHDVCpl.exe] -> [2007/04/10 09:01:32 | 04,431,872 | ---- | M] (Realtek Semiconductor)
"Skytel" -> %SystemRoot%\SkyTel.exe [Skytel.exe] -> [2007/04/04 10:22:46 | 01,822,720 | ---- | M] (Realtek Semiconductor Corp.)
"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> [2008/01/02 19:36:16 | 00,185,632 | ---- | M] (RealNetworks, Inc.)
"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 07:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ehTray.exe" -> %SystemRoot%\ehome\ehtray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/19 07:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
"IEPR" -> %SystemDrive%\Users\Admin\AppData\Local\TempImages\IEPR.exe [C:\Users\THECOL~1\AppData\Local\TempImages\IEPR.exe] -> File not found
"IMC" -> %ProgramFiles%\FriendFinder\FriendFinder Messenger 4\imc.exe [C:\Program Files\FriendFinder\FriendFinder Messenger 4\imc.exe] -> File not found
"kdx" -> %ProgramFiles%\Kontiki\KHost.exe [C:\Program Files\Kontiki\KHost.exe -all] -> [2008/02/27 16:56:54 | 01,032,376 | ---- | M] (Kontiki Inc.)
"Sidebar" -> %ProgramFiles%\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun] -> [2008/01/19 07:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
"Sony Ericsson PC Suite" ->  ["C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon] -> File not found
"SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/01/28 11:43:40 | 02,097,488 | RHS- | M] (Safer Networking Limited)
"WMPNSCFG" -> %ProgramFiles%\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/01/19 07:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [2] -> File not found
\\"ConsentPromptBehaviorUser" ->  [1] -> File not found
\\"EnableInstallerDetection" ->  [1] -> File not found
\\"EnableLUA" ->  [1] -> File not found
\\"EnableSecureUIAPaths" ->  [1] -> File not found
\\"EnableVirtualization" ->  [1] -> File not found
\\"PromptOnSecureDesktop" ->  [1] -> File not found
\\"ValidateAdminCodeSignatures" ->  [0] -> File not found
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"scforceoption" ->  [0] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"FilterAdministratorToken" ->  [0] -> File not found
\\"EnableUIADesktopToggle" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" ->  [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" ->  [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" ->  [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" ->  [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" ->  [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" ->  [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" ->  [17] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"LogonHoursAction" ->  [2] -> File not found
\\"DontDisplayLogonHoursWarnings" ->  [1] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000] -> [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08E730A4-FB02-45BD-A900-01E4AD8016F6}:Exec [HKLM] ->  [Button: Sky] -> File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search && Destroy Configuration] -> [2008/01/28 11:43:28 | 01,554,256 | ---- | M] (Safer Networking Limited)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4265 domain(s) found. -> 
internet .[about] -> Trusted sites -> 
mcafee.com .[http] -> Trusted sites -> 
mcafee.com .[https] -> Trusted sites -> 
31 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> 
{4C39376E-FA9D-4349-BACC-D305C1750EF3} [HKLM] -> http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab[EPUImageControl Class] -> 
{6F750202-1362-4815-A476-88533DE61D0C} [HKLM] -> http://www.kodakgallery.co.uk/downloads/BUM/BUM_WIN_IE_2/axofupld.cab[Kodak Gallery Easy Upload Manager Class] -> 
{6F750203-1362-4815-A476-88533DE61D0C} [HKLM] -> http://www.kodakgallery.co.uk/downloads/BUM/BUM_WIN_IE_2/axofupld.cab[Kodak Gallery Easy Upload Manager Class] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{26F2CF21-85FB-47A8-8E02-05671D9D0F79} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2008/11/29 09:30:19 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> %SystemRoot%\System32\igfxdev.dll -> [2008/06/18 12:18:24 | 00,204,800 | ---- | M] (Intel Corporation)
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
credssp.dll -> %SystemRoot%\System32\credssp.dll -> [2008/01/19 07:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
tspkg -> %SystemRoot%\System32\TSpkg.dll -> [2008/01/19 07:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/19 05:49:51 | 00,067,072 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [2006/09/18 21:43:36 | 00,000,024 | ---- | M] ()
J:\autorun.inf [[autorun] | open=wd_windows_tools\WDSetup.exe | ICON=AUTORUN\WDLOGO.ICO | ] -> J:\autorun.inf [ FAT32 ] -> [2008/04/01 13:53:24 | 00,000,071 | -H-- | M] ()
J:\autorun [] -> J:\autorun [ FAT32 ] -> [2008/04/25 20:42:26 | 00,000,000 | ---D | M]
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\J
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\shell\AutoRun\command
\J\shell\AutoRun\command\\"" -> J:\wd_windows_tools\WDSetup.exe [J:\wd_windows_tools\WDSetup.exe] -> [2008/03/31 10:39:56 | 01,774,550 | ---- | M] (Western Digital Corporation                                                                                                                    )
\{184ab975-8359-11dd-aadd-9848f6bf6327}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{184ab975-8359-11dd-aadd-9848f6bf6327}\shell
\{184ab975-8359-11dd-aadd-9848f6bf6327}\shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{184ab975-8359-11dd-aadd-9848f6bf6327}\shell\AutoRun\command
\{184ab975-8359-11dd-aadd-9848f6bf6327}\shell\AutoRun\command\\"" -> K:\LOCKv220.exe [K:\LOCKv220.exe] -> File not found
\{7480fbf7-444a-11dd-81a2-ba711d2fdb07}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7480fbf7-444a-11dd-81a2-ba711d2fdb07}\shell\AutoRun\command
\{7480fbf7-444a-11dd-81a2-ba711d2fdb07}\shell\AutoRun\command\\"" -> J:\wd_windows_tools\WDSetup.exe [J:\wd_windows_tools\WDSetup.exe] -> [2008/03/31 10:39:56 | 01,774,550 | ---- | M] (Western Digital Corporation                                                                                                                    )
 
 
[Files/Folders - Created Within 30 Days]
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/12/16 08:12:53 | 00,000,000 | ---D | C]
Bonjour -> %ProgramFiles%\Bonjour -> [2008/12/16 08:09:03 | 00,000,000 | ---D | C]
Apple -> %UserProfile%\AppData\Local\Apple -> [2008/12/16 08:08:52 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/12/16 08:05:03 | 00,647,677 | ---- | C] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/12/14 15:08:35 | 00,001,879 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2008/12/14 15:08:33 | 00,000,000 | ---D | C]
tzres.dll -> %SystemRoot%\System32\tzres.dll -> [2008/12/09 19:59:43 | 00,002,048 | ---- | C] (Microsoft Corporation)
gdi32.dll -> %SystemRoot%\System32\gdi32.dll -> [2008/12/09 19:51:20 | 00,296,960 | ---- | C] (Microsoft Corporation)
Apphlpdm.dll -> %SystemRoot%\System32\Apphlpdm.dll -> [2008/12/09 19:51:15 | 00,028,672 | ---- | C] (Microsoft Corporation)
GameUXLegacyGDFs.dll -> %SystemRoot%\System32\GameUXLegacyGDFs.dll -> [2008/12/09 19:51:14 | 04,240,384 | ---- | C] (Microsoft)
shell32.dll -> %SystemRoot%\System32\shell32.dll -> [2008/12/09 19:51:08 | 11,580,928 | ---- | C] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/12/09 19:51:02 | 02,927,104 | ---- | C] (Microsoft Corporation)
mshtml.dll -> %SystemRoot%\System32\mshtml.dll -> [2008/12/09 19:50:57 | 03,578,880 | ---- | C] (Microsoft Corporation)
ieframe.dll -> %SystemRoot%\System32\ieframe.dll -> [2008/12/09 19:50:56 | 06,068,736 | ---- | C] (Microsoft Corporation)
urlmon.dll -> %SystemRoot%\System32\urlmon.dll -> [2008/12/09 19:50:56 | 01,166,336 | ---- | C] (Microsoft Corporation)
wininet.dll -> %SystemRoot%\System32\wininet.dll -> [2008/12/09 19:50:55 | 00,827,392 | ---- | C] (Microsoft Corporation)
mstime.dll -> %SystemRoot%\System32\mstime.dll -> [2008/12/09 19:50:55 | 00,671,232 | ---- | C] (Microsoft Corporation)
iertutil.dll -> %SystemRoot%\System32\iertutil.dll -> [2008/12/09 19:50:55 | 00,270,336 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> %SystemRoot%\System32\mshtml.tlb -> [2008/12/09 19:50:54 | 01,383,424 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> %SystemRoot%\System32\jsproxy.dll -> [2008/12/09 19:50:54 | 00,028,160 | ---- | C] (Microsoft Corporation)
mf.dll -> %SystemRoot%\System32\mf.dll -> [2008/12/09 19:50:52 | 02,868,736 | ---- | C] (Microsoft Corporation)
WMVCORE.DLL -> %SystemRoot%\System32\WMVCORE.DLL -> [2008/12/09 19:50:51 | 02,386,944 | ---- | C] (Microsoft Corporation)
WMNetMgr.dll -> %SystemRoot%\System32\WMNetMgr.dll -> [2008/12/09 19:50:50 | 00,996,352 | ---- | C] (Microsoft Corporation)
logagent.exe -> %SystemRoot%\System32\logagent.exe -> [2008/12/09 19:50:50 | 00,094,720 | ---- | C] (Microsoft Corporation)
iTunes.lnk -> %SystemDrive%\Users\Public\Desktop\iTunes.lnk -> [2008/12/07 13:05:39 | 00,002,413 | ---- | C] ()
iPod -> %ProgramFiles%\iPod -> [2008/12/07 13:05:14 | 00,000,000 | ---D | C]
iTunes -> %ProgramFiles%\iTunes -> [2008/12/07 13:05:11 | 00,000,000 | ---D | C]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2008/12/07 13:05:11 | 00,000,000 | ---D | C]
$AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [2008/12/01 20:28:12 | 00,000,000 | -H-D | C]
AVG Free 8.0.lnk -> %SystemDrive%\Users\Public\Desktop\AVG Free 8.0.lnk -> [2008/11/29 09:30:24 | 00,001,652 | ---- | C] ()
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2008/11/29 09:30:19 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.)
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [2008/11/29 09:30:17 | 30,722,404 | ---- | C] ()
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [2008/11/29 09:30:17 | 06,061,540 | ---- | C] ()
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [2008/11/29 09:30:17 | 00,334,743 | ---- | C] ()
avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2008/11/29 09:30:17 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.)
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [2008/11/29 09:30:17 | 00,091,203 | ---- | C] ()
Avg -> %SystemRoot%\System32\drivers\Avg -> [2008/11/29 09:30:17 | 00,000,000 | ---D | C]
avg8 -> %AllUsersProfile%\avg8 -> [2008/11/29 09:30:11 | 00,000,000 | ---D | C]
AVG -> %ProgramFiles%\AVG -> [2008/11/29 09:30:11 | 00,000,000 | ---D | C]
connect.dll -> %SystemRoot%\System32\connect.dll -> [2008/11/27 20:38:15 | 01,645,568 | ---- | C] (Microsoft Corporation)
WindowsCodecs.dll -> %SystemRoot%\System32\WindowsCodecs.dll -> [2008/11/27 20:37:42 | 00,712,704 | ---- | C] (Microsoft Corporation)
PhotoMetadataHandler.dll -> %SystemRoot%\System32\PhotoMetadataHandler.dll -> [2008/11/27 20:37:42 | 00,425,472 | ---- | C] (Microsoft Corporation)
WindowsCodecsExt.dll -> %SystemRoot%\System32\WindowsCodecsExt.dll -> [2008/11/27 20:37:42 | 00,347,136 | ---- | C] (Microsoft Corporation)
PortableDeviceApi.dll -> %SystemRoot%\System32\PortableDeviceApi.dll -> [2008/11/27 20:37:32 | 00,241,152 | ---- | C] (Microsoft Corporation)
wuauclt.exe -> %SystemRoot%\System32\wuauclt.exe -> [2008/11/19 18:21:45 | 00,051,224 | ---- | C] (Microsoft Corporation)
wups2.dll -> %SystemRoot%\System32\wups2.dll -> [2008/11/19 18:21:45 | 00,043,544 | ---- | C] (Microsoft Corporation)
wuaueng.dll -> %SystemRoot%\System32\wuaueng.dll -> [2008/11/19 18:21:44 | 01,809,944 | ---- | C] (Microsoft Corporation)
wucltux.dll -> %SystemRoot%\System32\wucltux.dll -> [2008/11/19 18:21:44 | 01,524,736 | ---- | C] (Microsoft Corporation)
wuapi.dll -> %SystemRoot%\System32\wuapi.dll -> [2008/11/19 18:21:26 | 00,561,688 | ---- | C] (Microsoft Corporation)
wudriver.dll -> %SystemRoot%\System32\wudriver.dll -> [2008/11/19 18:21:26 | 00,083,456 | ---- | C] (Microsoft Corporation)
wups.dll -> %SystemRoot%\System32\wups.dll -> [2008/11/19 18:21:26 | 00,034,328 | ---- | C] (Microsoft Corporation)
wuwebv.dll -> %SystemRoot%\System32\wuwebv.dll -> [2008/11/19 18:21:17 | 00,162,064 | ---- | C] (Microsoft Corporation)
wuapp.exe -> %SystemRoot%\System32\wuapp.exe -> [2008/11/19 18:21:17 | 00,031,232 | ---- | C] (Microsoft Corporation)
Malwarebytes -> %AppData%\Malwarebytes -> [2008/11/18 20:52:06 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/11/18 20:52:03 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware.lnk -> %SystemDrive%\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/18 20:52:03 | 00,000,823 | ---- | C] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/11/18 20:52:01 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/11/18 20:52:00 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Malwarebytes -> [2008/11/18 20:52:00 | 00,000,000 | ---D | C]
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/11/18 20:50:11 | 02,372,472 | ---- | C] (Malwarebytes Corporation                                    )
 
[Files/Folders - Modified Within 30 Days]
1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> 
C:\ProgramData\Microsoft\Network\Downloader\ -> C:\ProgramData\Microsoft\Network\Downloader -> [2006/11/02 13:04:06 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [2008/12/16 08:13:32 | 04,194,304 | ---- | M] ()
qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [2008/12/16 08:13:32 | 04,194,304 | ---- | M] ()
C:\ProgramData\Microsoft\Office\Data\ -> C:\ProgramData\Microsoft\Office\Data -> [2007/11/03 15:34:52 | 00,000,000 | ---D | M]
data.dat -> C:\ProgramData\Microsoft\Office\Data\data.dat -> [2007/11/03 15:34:52 | 00,001,372 | ---- | M] ()
C:\ProgramData\Microsoft\RAC\PublishedData\ -> C:\ProgramData\Microsoft\RAC\PublishedData -> [2007/10/09 18:48:25 | 00,000,000 | ---D | M]
PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [2008/12/16 08:08:32 | 00,023,736 | ---- | M] ()
PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [2008/12/16 08:08:32 | 00,000,000 | ---- | M] ()
PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [2008/12/16 08:08:32 | 00,000,000 | ---- | M] ()
PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [2008/12/16 08:08:32 | 00,008,760 | ---- | M] ()
PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [2008/12/16 08:08:32 | 00,006,900 | ---- | M] ()
PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [2008/12/16 08:08:32 | 00,177,216 | ---- | M] ()
C:\ProgramData\Microsoft\User Account Pictures\ -> C:\ProgramData\Microsoft\User Account Pictures -> [2008/12/12 22:11:26 | 00,000,000 | ---D | M]
Kiddies.dat -> C:\ProgramData\Microsoft\User Account Pictures\Kiddies.dat -> [2008/12/12 22:11:26 | 00,000,000 | ---- | M] ()
The Colyers 1.dat -> C:\ProgramData\Microsoft\User Account Pictures\The Colyers 1.dat -> [2008/12/10 20:46:09 | 00,000,000 | ---- | M] ()
The Colyers.dat -> C:\ProgramData\Microsoft\User Account Pictures\The Colyers.dat -> [2007/10/08 19:25:36 | 00,000,000 | ---- | M] ()
User_Feed_Synchronization-{BFAD5074-38C2-4D93-8C80-423E6C030314}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{BFAD5074-38C2-4D93-8C80-423E6C030314}.job -> [2008/12/16 08:15:00 | 00,000,430 | -H-- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/12/16 08:05:09 | 00,647,677 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/12/16 07:57:54 | 00,690,960 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/12/16 07:57:54 | 00,599,942 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/12/16 07:57:54 | 00,105,448 | ---- | M] ()
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [2008/12/16 07:55:27 | 30,722,404 | ---- | M] ()
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [2008/12/16 07:55:27 | 00,091,203 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2008/12/16 07:53:34 | 00,003,296 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2008/12/16 07:53:34 | 00,003,296 | -H-- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/16 07:53:29 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/16 07:53:25 | 00,067,584 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/12/16 07:53:22 | 16,006,43072 | -HS- | M] ()
IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [2008/12/14 16:15:54 | 02,829,176 | -H-- | M] ()
Finances.xls -> J:\Documents\Finances.xls -> [2008/12/14 16:15:42 | 00,071,168 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/12/14 15:08:35 | 00,001,879 | ---- | M] ()
iTunes.lnk -> %SystemDrive%\Users\Public\Desktop\iTunes.lnk -> [2008/12/12 21:48:52 | 00,002,413 | ---- | M] ()
mrt.exe -> %SystemRoot%\System32\mrt.exe -> [2008/12/02 21:26:30 | 17,593,280 | ---- | M] (Microsoft Corporation)
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [2008/11/29 09:35:32 | 00,334,743 | ---- | M] ()
AVG Free 8.0.lnk -> %SystemDrive%\Users\Public\Desktop\AVG Free 8.0.lnk -> [2008/11/29 09:30:24 | 00,001,652 | ---- | M] ()
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2008/11/29 09:30:19 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [2008/11/29 09:30:17 | 06,061,540 | ---- | M] ()
avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2008/11/29 09:30:17 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> [2008/11/29 09:30:17 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.)
Malwarebytes' Anti-Malware.lnk -> %SystemDrive%\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/18 20:52:03 | 00,000,823 | ---- | M] ()
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/11/18 20:50:29 | 02,372,472 | ---- | M] (Malwarebytes Corporation                                    )
[File - Lop Check]
C:\Windows\Tasks\ -> C:\Windows\Tasks -> [2008/03/09 11:54:14 | 00,000,000 | ---D | M]
SA.DAT -> C:\Windows\Tasks\SA.DAT -> [2008/12/16 07:53:29 | 00,000,006 | -H-- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2008/12/14 16:16:14 | 00,032,608 | ---- | M] ()
User_Feed_Synchronization-{BFAD5074-38C2-4D93-8C80-423E6C030314}.job -> C:\Windows\Tasks\User_Feed_Synchronization-{BFAD5074-38C2-4D93-8C80-423E6C030314}.job -> [2008/12/16 08:15:00 | 00,000,430 | -H-- | M] ()
[File - Purity Scan]
 
[CatchMe Rootkit Scan by GMER]
Rootkit scan error - could not find scan log
Rootkit scan error - could not find scan log
 
< End of report >
[/code]