Hi thanks for the reply here are the logs
OTViewIt logfile created on: 28/08/2008 5:57:10 PM - Run 1
OTViewIt by OldTimer - Version 1.0.0.15 Folder = C:\Documents and Settings\dugz\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
767.49 Mb Total Physical Memory | 501.15 Mb Available Physical Memory | 65.30% Memory free
1.83 Gb Paging File | 1.58 Gb Available in Paging File | 86.38% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.52 Gb Total Space | 2.84 Gb Free Space | 14.53% Space Free | Partition Type: FAT32
Drive D: | 9.30 Gb Total Space | 2.85 Gb Free Space | 30.65% Space Free | Partition Type: FAT32
Drive E: | 37.79 Gb Total Space | 16.64 Gb Free Space | 44.04% Space Free | Partition Type: NTFS
Drive F: | 17.73 Gb Total Space | 1.42 Gb Free Space | 8.03% Space Free | Partition Type: FAT32
Drive G: | 65.20 Gb Total Space | 2.75 Gb Free Space | 4.22% Space Free | Partition Type: FAT32
Drive H: | 111.26 Gb Total Space | 40.99 Gb Free Space | 36.84% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: HOME-9NTQ7IVYXR
Current User Name: dugz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
===== Processes - Non-Microsoft Only =====
[08/30/2005 09:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.) - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[07/05/2008 04:33 PM | 01,232,152 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgtray.exe
[07/05/2008 04:33 PM | 00,231,192 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
[03/06/2007 10:35 AM | 00,198,168 | ---- | M] (InterVideo Inc.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
[03/03/2007 01:48 PM | 00,067,056 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
[07/05/2008 04:33 PM | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgrsx.exe
[07/05/2008 04:33 PM | 00,873,752 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgemc.exe
===== Win32 Services - Non-Microsoft Only =====
(ATI Smart) ATI Smart [Auto | Stopped]
[08/30/2005 09:05 PM | 00,516,096 | ---- | M] () - C:\WINDOWS\system32\ati2sgag.exe
(avg8emc) AVG8 E-mail Scanner [Auto | Running]
[07/05/2008 04:33 PM | 00,873,752 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgemc.exe
(avg8wd) AVG8 WatchDog [Auto | Running]
[07/05/2008 04:33 PM | 00,231,192 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
(Capture Device Service) Capture Device Service [Auto | Running]
[03/06/2007 10:35 AM | 00,198,168 | ---- | M] (InterVideo Inc.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(UleadBurningHelper) Ulead Burning Helper [Auto | Running]
[03/03/2007 01:48 PM | 00,067,056 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
===== Driver Services - Non-Microsoft Only =====
(AvgLdx86) AVG AVI Loader Driver x86 [System | Running]
[07/05/2008 04:33 PM | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\System32\Drivers\avgldx86.sys
(AvgMfx86) AVG On-access Scanner Minifilter Driver x86 [System | Running]
[07/05/2008 04:33 PM | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\System32\Drivers\avgmfx86.sys
(AvgTdiX) AVG8 Network Redirector [Auto | Running]
[07/05/2008 04:33 PM | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\System32\Drivers\avgtdix.sys
(DCamUSBMke) USB Video Camera for Panasonic Digital Palmcorder [On_Demand | Stopped]
[12/18/2001 11:38 AM | 00,041,729 | ---- | M] (Matsushita Kotobuki Electronics Industries,Ltd.) - C:\WINDOWS\System32\Drivers\Mkeusbi.sys
(es1371) Creative AudioPCI (ES1371,ES1373) (WDM) [On_Demand | Running]
[08/17/2001 12:19 PM | 00,040,704 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\system32\drivers\es1371mp.sys
(MKEMUSB) Panasonic Digital Palmcorder [Auto | Stopped]
[08/08/2001 06:52 PM | 00,014,308 | ---- | M] (Matsushita Kotobuki Electronics Industries, Ltd.) - C:\WINDOWS\System32\Drivers\Mkemusb.sys
(pavboot) pavboot [Boot | Running]
[06/19/2008 05:24 PM | 00,028,544 | ---- | M] (Panda Security, S.L.) - C:\WINDOWS\system32\drivers\pavboot.sys
(rtl8029) Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver [On_Demand | Running]
[08/17/2001 12:12 PM | 00,019,017 | ---- | M] (Realtek Semiconductor Corporation) - C:\WINDOWS\System32\DRIVERS\RTL8029.SYS
(sfdrv01) StarForce Protection Environment Driver (version 1.x) [Boot | Running]
[08/11/2005 01:44 AM | 00,050,688 | ---- | M] (Protection Technology) - C:\WINDOWS\System32\drivers\sfdrv01.sys
(sfhlp02) StarForce Protection Helper Driver (version 2.x) [Boot | Running]
[05/17/2005 02:20 AM | 00,006,656 | ---- | M] (Protection Technology) - C:\WINDOWS\System32\drivers\sfhlp02.sys
(sfsync03) StarForce Protection Synchronization Driver (version 3.x) [Boot | Running]
[12/07/2005 04:11 AM | 00,035,328 | ---- | M] (Protection Technology) - C:\WINDOWS\System32\drivers\sfsync03.sys
(WmBEnum) Logitech Virtual Bus Enumerator Driver [On_Demand | Running]
[05/14/2003 01:42 PM | 00,010,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmBEnum.sys
(WmFilter) Logitech WingMan HID Filter Driver [On_Demand | Running]
[05/14/2003 01:42 PM | 00,021,216 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmFilter.sys
(WmHidLo) Logitech WingMan USB Filter Driver [On_Demand | Running]
[05/14/2003 01:42 PM | 00,013,920 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmHidLo.sys
(WmVirHid) Logitech Virtual Hid Device Driver [On_Demand | Stopped]
[05/14/2003 01:42 PM | 00,005,728 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmVirHid.sys
(WmXlCore) Logitech WingMan Translation Layer Driver [On_Demand | Running]
[05/14/2003 01:42 PM | 00,044,288 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmXlCore.sys
===== Run Keys =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/30/2005 09:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.)
"AVG8_TRAY" = C:\PROGRA~1\AVG\AVG8\avgtray.exe [07/05/2008 04:33 PM | 01,232,152 | ---- | M] (AVG Technologies CZ, s.r.o.)
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [12/11/2007 10:56 AM | 00,286,720 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"UVS11 Preload" = C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [07/23/2007 01:55 PM | 00,341,232 | ---- | M] (InterVideo Digital Technology Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
===== Startup Folders =====
[Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup]
[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[Default User.WINDOWS Startup Folder - C:\Documents and Settings\Default User.WINDOWS\Start Menu\Programs\Startup]
[All Users.WINDOWS Startup Folder - C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup]
[04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[dugz Startup Folder - C:\Documents and Settings\dugz\Start Menu\Programs\Startup]
[07/27/2008 08:45 PM | 00,225,280 | ---- | M] (Leader Technologies) - C:\Documents and Settings\dugz\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
===== BHO's =====
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [02/22/2008 04:25 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
HKLM CLSID: (AVG Security Toolbar) - [07/05/2008 04:33 PM | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
===== Toolbars =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"
HKLM CLSID: (AVG Security Toolbar) - [07/05/2008 04:33 PM | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"
HKLM CLSID: (AVG Security Toolbar) - [07/05/2008 04:33 PM | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"
HKLM CLSID: (AVG Security Toolbar) - [07/05/2008 04:33 PM | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
===== Policies =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun" = 67108863
"NoDriveTypeAutoRun" = 255
"NoDrives" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"DisableRegistryTools" = 0
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
===== Desktop Components =====
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"
===== Shared Task Scheduler =====
===== AppInit_Dlls =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls]
"avgrsstx.dll miqtqm.dll" - File not found
===== Lsa Authentication Packages =====
===== Lsa Security Packages =====
===== Authorized Applications List =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [04/14/2008 12:12 PM | 00,141,312 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [04/14/2008 06:53 AM | 00,558,080 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [04/14/2008 12:12 PM | 00,141,312 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [04/14/2008 06:53 AM | 00,558,080 | ---- | M] (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe [04/19/2008 07:21 AM | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe [07/03/2008 12:19 PM | 00,640,280 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe [07/05/2008 04:33 PM | 00,873,752 | ---- | M] (AVG Technologies CZ, s.r.o.)
===== HKLM Winlogon Settings =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [04/14/2008 12:12 PM | 01,033,728 | ---- | M] (Microsoft Corporation) C:\WINDOWS\Explorer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [04/14/2008 12:12 PM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [04/14/2008 12:12 PM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\System32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [04/14/2008 12:12 PM | 00,300,544 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
===== User's Winlogon Settings =====
===== Winlogon Notify Settings =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DllName" = C:\WINDOWS\system32\Ati2evxx.dll [08/31/2005 03:37 PM | 00,046,080 | ---- | M] (ATI Technologies Inc.)
===== Safeboot Options =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe
===== Disabled MsConfig Items =====
Unable to open key or key not present!
===== DNS Name Servers =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{1E71B8EA-6565-4189-BC64-A1D861E35BA5}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{261DDC14-8F6C-468B-B15D-5C58E9A4C22C}]
Servers: | Description: 1394 Net Adapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{5289CFDB-3CA3-41D0-8913-7388CE12C747}]
Servers: | Description: Realtek RTL8029(AS)-based Ethernet Adapter (Generic)
===== CDRom AutoRun Settings =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
===== Autorun Files on Drives =====
AUTOEXEC.BAT []
[05/13/2007 10:46 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ FAT32 ]
AUTOEXEC.BAT []
[02/24/2003 12:48 AM | 00,000,000 | ---- | M] () D:\AUTOEXEC.BAT [ FAT32 ]
Autoexec.glb [SET PATH=%PATH%;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG | ]
[03/15/2004 04:28 PM | 00,000,052 | ---- | M] () D:\Autoexec.glb [ FAT32 ]
AUTOEXEC._AV [SET PATH=%PATH%;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG | ]
[05/29/2004 01:06 AM | 00,000,052 | ---- | M] () D:\AUTOEXEC._AV [ FAT32 ]
===== MountPoints2 =====
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{235827f0-f2d7-11dc-84cb-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{235827f0-f2d7-11dc-84cb-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{235827f0-f2d7-11dc-84cb-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5275e110-5d3a-11dd-853d-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5275e110-5d3a-11dd-853d-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5275e110-5d3a-11dd-853d-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d4a050-f4b0-11dc-84ce-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d4a050-f4b0-11dc-84ce-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d4a050-f4b0-11dc-84ce-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3a82280-bcb0-11dc-8497-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3a82280-bcb0-11dc-8497-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3a82280-bcb0-11dc-8497-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e0-b430-11dc-8484-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e0-b430-11dc-8484-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e0-b430-11dc-8484-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e2-b430-11dc-8484-00a04b090913}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e2-b430-11dc-8484-00a04b090913}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [04/14/2008 12:12 PM | 08,461,312 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2db44e2-b430-11dc-8484-00a04b090913}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\Shell]
"" = AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\Shell\AutoRun]
"" = Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\Shell\AutoRun\command]
"" = K:\LaunchU3.exe File not found
===== Hosts File =====
HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
[Files/Folders - Created Within 30 days]
[08/23/2008 06:32 PM | -HSD | C] - C:\FOUND.000
[08/23/2008 08:24 PM | ---D | C] - C:\_OTMoveIt
[08/23/2008 08:32 PM | ---D | C] - C:\QooBox
[08/23/2008 07:51 PM | 00,028,544 | ---- | C] (Panda Security, S.L.) - C:\WINDOWS\System32\drivers\pavboot.sys
[2 C:\WINDOWS\System32\*.tmp files]
[08/17/2008 01:30 PM | 00,000,974 | ---- | C] () - C:\WINDOWS\System32\pid.inf
[08/17/2008 02:10 PM | ---D | C] - C:\WINDOWS\System32\en
[08/17/2008 02:10 PM | ---D | C] - C:\WINDOWS\System32\scripting
[08/23/2008 08:11 PM | 00,002,170 | ---- | C] () - C:\WINDOWS\System32\tmp.reg
[08/23/2008 08:11 PM | 00,025,600 | ---- | C] () - C:\WINDOWS\System32\WS2Fix.exe
[08/23/2008 08:11 PM | 00,051,200 | ---- | C] () - C:\WINDOWS\System32\dumphive.exe
[08/23/2008 08:11 PM | 00,053,248 | ---- | C] (
http://www.beyondlogic.org) - C:\WINDOWS\System32\Process.exe
[08/23/2008 08:11 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
[08/23/2008 08:11 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
[08/23/2008 08:11 PM | 00,086,528 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe
[08/23/2008 08:11 PM | 00,087,552 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
[08/23/2008 08:11 PM | 00,288,417 | ---- | C] (S!Ri) - C:\WINDOWS\System32\SrchSTS.exe
[08/23/2008 08:11 PM | 00,289,144 | ---- | C] (S!Ri) - C:\WINDOWS\System32\VCCLSID.exe
[08/28/2008 05:53 PM | 00,000,142 | ---- | C] () - C:\WINDOWS\System32\spupdsvc.inf
[4 C:\WINDOWS\*.tmp files]
[08/17/2008 02:10 PM | ---D | C] - C:\WINDOWS\l2schemas
[08/17/2008 02:20 PM | ---D | C] - C:\WINDOWS\Prefetch
[08/23/2008 08:32 PM | 00,028,672 | ---- | C] (NirSoft) - C:\WINDOWS\Nircmd.exe
[08/23/2008 08:32 PM | 00,049,152 | ---- | C] () - C:\WINDOWS\VFind.exe
[08/23/2008 08:32 PM | 00,068,096 | ---- | C] () - C:\WINDOWS\zip.exe
[08/23/2008 08:32 PM | 00,080,412 | ---- | C] () - C:\WINDOWS\grep.exe
[08/23/2008 08:32 PM | 00,089,504 | ---- | C] (Smallfrogs Studio) - C:\WINDOWS\fdsv.exe
[08/23/2008 08:32 PM | 00,098,816 | ---- | C] () - C:\WINDOWS\sed.exe
[08/23/2008 08:32 PM | 00,136,704 | ---- | C] (SteelWerX) - C:\WINDOWS\swsc.exe
[08/23/2008 08:32 PM | 00,161,792 | ---- | C] (SteelWerX) - C:\WINDOWS\swreg.exe
[08/23/2008 08:32 PM | 00,212,480 | ---- | C] (SteelWerX) - C:\WINDOWS\swxcacls.exe
[08/23/2008 08:33 PM | ---D | C] - C:\WINDOWS\erdnt
[08/23/2008 08:42 PM | ---D | C] - C:\WINDOWS\temp
[08/28/2008 05:52 PM | ---D | C] - C:\WINDOWS\LastGood
[08/23/2008 08:52 PM | ---D | C] - C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[08/23/2008 08:52 PM | ---D | C] - C:\Documents and Settings\dugz\Application Data\Malwarebytes
[08/23/2008 07:21 PM | 01,575,506 | -H-- | C] () - C:\Documents and Settings\dugz\Local Settings\Application Data\IconCache.db
[08/23/2008 09:12 PM | ---D | C] - C:\Documents and Settings\dugz\My Documents\Hijack
[08/23/2008 08:52 PM | 00,000,600 | ---- | C] () - C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[08/23/2008 08:10 PM | 01,572,180 | ---- | C] () - C:\Documents and Settings\dugz\Desktop\SmitfraudFix.exe
[08/23/2008 08:10 PM | ---D | C] - C:\Documents and Settings\dugz\Desktop\SmitfraudFix
[08/23/2008 08:29 PM | 02,720,466 | R--- | C] () - C:\Documents and Settings\dugz\Desktop\ComboFix.exe
[08/23/2008 08:41 PM | 00,000,399 | ---- | C] () - C:\Documents and Settings\dugz\Desktop\heavy weather 2.0 beta release.lnk
[08/23/2008 08:41 PM | 00,000,631 | ---- | C] () - C:\Documents and Settings\dugz\Desktop\Launch Logitech Gaming Software.lnk
[08/23/2008 08:41 PM | 00,001,379 | ---- | C] () - C:\Documents and Settings\dugz\Desktop\Windows Explorer.lnk
[08/23/2008 09:18 PM | 00,001,638 | ---- | C] () - C:\Documents and Settings\dugz\Desktop\HijackThis.lnk
[08/06/2008 09:11 PM | ---D | C] - C:\Program Files\rFactor
[08/08/2008 05:44 PM | ---D | C] - C:\Program Files\EasyWeather
[08/23/2008 08:52 PM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[08/23/2008 09:18 PM | ---D | C] - C:\Program Files\Trend Micro
[Files/Folders - Modified Within 30 days]
[08/17/2008 02:02 PM | 00,250,048 | RHS- | M] () - C:\ntldr
[08/21/2008 09:07 PM | 00,000,528 | ---- | M] () - C:\hpfr5550.xml
[08/23/2008 06:32 PM | -HSD | M] - C:\FOUND.000
[08/23/2008 08:24 PM | ---D | M] - C:\_OTMoveIt
[08/23/2008 08:32 PM | ---D | M] - C:\QooBox
[2 C:\WINDOWS\System32\*.tmp files]
[08/14/2008 09:52 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
[08/17/2008 02:10 PM | ---D | M] - C:\WINDOWS\System32\en
[08/17/2008 02:10 PM | ---D | M] - C:\WINDOWS\System32\scripting
[08/17/2008 02:20 PM | 00,253,472 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[08/17/2008 02:22 PM | 00,040,196 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[08/17/2008 02:22 PM | 00,311,934 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat
[08/17/2008 02:22 PM | 00,356,120 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI
[08/18/2008 12:19 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
[08/21/2008 11:41 PM | 00,087,552 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
[08/23/2008 08:12 PM | 00,002,170 | ---- | M] () - C:\WINDOWS\System32\tmp.reg
[08/28/2008 05:53 PM | 00,000,142 | ---- | M] () - C:\WINDOWS\System32\spupdsvc.inf
[08/28/2008 05:53 PM | 00,002,206 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
[4 C:\WINDOWS\*.tmp files]
[08/17/2008 02:10 PM | ---D | M] - C:\WINDOWS\l2schemas
[08/17/2008 02:17 PM | 00,002,675 | ---- | M] () - C:\WINDOWS\imsins.BAK
[08/17/2008 02:20 PM | ---D | M] - C:\WINDOWS\Prefetch
[08/23/2008 08:33 PM | ---D | M] - C:\WINDOWS\erdnt
[08/23/2008 08:41 PM | 00,000,227 | ---- | M] () - C:\WINDOWS\system.ini
[08/23/2008 08:42 PM | ---D | M] - C:\WINDOWS\temp
[08/28/2008 05:47 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[08/28/2008 05:52 PM | ---D | M] - C:\WINDOWS\LastGood
[08/28/2008 05:47 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[08/23/2008 08:52 PM | ---D | M] - C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[08/23/2008 08:52 PM | ---D | M] - C:\Documents and Settings\dugz\Application Data\Malwarebytes
[08/27/2008 08:46 PM | 00,125,440 | ---- | M] () - C:\Documents and Settings\dugz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/27/2008 09:17 PM | 01,575,506 | -H-- | M] () - C:\Documents and Settings\dugz\Local Settings\Application Data\IconCache.db
[08/23/2008 09:12 PM | ---D | M] - C:\Documents and Settings\dugz\My Documents\Hijack
[08/23/2008 08:52 PM | 00,000,600 | ---- | M] () - C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[08/17/2008 07:47 PM | 00,001,379 | ---- | M] () - C:\Documents and Settings\dugz\Desktop\Windows Explorer.lnk
[08/21/2008 11:59 PM | ---D | M] - C:\Documents and Settings\dugz\Desktop\SmitfraudFix
[08/23/2008 08:10 PM | 01,572,180 | ---- | M] () - C:\Documents and Settings\dugz\Desktop\SmitfraudFix.exe
[08/23/2008 08:29 PM | 02,720,466 | R--- | M] () - C:\Documents and Settings\dugz\Desktop\ComboFix.exe
[08/23/2008 09:18 PM | 00,001,638 | ---- | M] () - C:\Documents and Settings\dugz\Desktop\HijackThis.lnk
< End of report >
OTViewIt Extras logfile created on: 28/08/2008 5:57:10 PM - Run 1
OTViewIt by OldTimer - Version 1.0.0.15 Folder = C:\Documents and Settings\dugz\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
767.49 Mb Total Physical Memory | 501.15 Mb Available Physical Memory | 65.30% Memory free
1.83 Gb Paging File | 1.58 Gb Available in Paging File | 86.38% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.52 Gb Total Space | 2.84 Gb Free Space | 14.53% Space Free | Partition Type: FAT32
Drive D: | 9.30 Gb Total Space | 2.85 Gb Free Space | 30.65% Space Free | Partition Type: FAT32
Drive E: | 37.79 Gb Total Space | 16.64 Gb Free Space | 44.04% Space Free | Partition Type: NTFS
Drive F: | 17.73 Gb Total Space | 1.42 Gb Free Space | 8.03% Space Free | Partition Type: FAT32
Drive G: | 65.20 Gb Total Space | 2.75 Gb Free Space | 4.22% Space Free | Partition Type: FAT32
Drive H: | 111.26 Gb Total Space | 40.99 Gb Free Space | 36.84% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
===== File Associations =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - File not found -
.cmd [@ = cmdfile] - File not found -
.com [@ = ComFile] - File not found -
.exe [@ = exefile] - File not found -
.pif [@ = piffile] - File not found -
.scr [@ = scrfile] - File not found -
===== HKEY_LOCAL_MACHINE Uninstall List =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = Race Driver 3
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D2E05C0-064C-4F12-8173-6EBAD61E7F93}" = World of Outlaws Sprint Cars
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9919E625-F1EC-4945-AC40-83BEE74B78CC}" =
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4B338BD-4C93-4531-B5BB-7F0E5EB7340B}" =
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B9D129A6-EA21-11D4-85E7-0040053BA3BA}" = JavaPipe
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{F68794FD-9BBA-44FB-976C-4FCE2B447476}" = Palmcorder USB Device Driver 2.00
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.0
"AVIcodec" = AVIcodec (remove only)
"DivX DVD Ripper" = DivX DVD Ripper 1.2
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"HijackThis" = HijackThis 2.0.2
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"hp print screen utility" = hp print screen utility
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB911565" = Security Update for Windows Media Player 9 (KB911565)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
"KB936782_WMP11" = Security Update for Windows Media Player 11 (KB936782)
"KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127)
"KB939683" = Hotfix for Windows Media Player 11 (KB939683)
"KB941569" = Security Update for Windows XP (KB941569)
"KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615)
"KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533)
"KB946648" = Security Update for Windows XP (KB946648)
"KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864)
"KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB951978" = Update for Windows XP (KB951978)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"LimeWire" = LimeWire 4.16.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ST6UNST #1" = Two Stroke Engine Expansion Chamber Design Utility
"ST6UNST #2" = Crank Angle-Piston Displacement Table Construction Utility
"ST6UNST #3" = MOTA Demonstration
"WgaNotify" = Windows Genuine Advantage Notifications (KB905474)
"WinAce Archiver" = WinAce Archiver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
===== HKEY_CURRENT_USER Uninstall List =====
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SBS Modifieds" = SBS Modifieds
===== HKEY_USERS Uninstall List =====
===== HKEY_USERS Uninstall List =====
===== HKEY_USERS Uninstall List =====
===== HKEY_USERS Uninstall List =====
===== HKEY_USERS Uninstall List =====
[HKEY_USERS\S-1-5-21-1343024091-764733703-2147105715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SBS Modifieds" = SBS Modifieds
===== Winsock2 Catalogs =====
===== HKEY_LOCAL_MACHINE Protocol Defaults =====
===== HKEY_CURRENT_USER Protocol Defaults =====
===== HKEY_USERS Protocol Defaults =====
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell - shell protocol not assigned
===== HKEY_USERS Protocol Defaults =====
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell - shell protocol not assigned
===== HKEY_USERS Protocol Defaults =====
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell - shell protocol not assigned
===== HKEY_USERS Protocol Defaults =====
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell - shell protocol not assigned
===== HKEY_USERS Protocol Defaults =====
===== Protocol Handlers =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM - XPLPPFilter Class]
[07/05/2008 04:33 PM | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll
msdaipp: [HKLM - No CLSID value]
===== Protocol Filters =====
< End of report >