Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help with google copy-book.com redirect [Solved]

Started by ace101 , Dec 12 2008 04:27 PM

  • This topic is locked This topic is locked

#1
ace101
Posted 12 December 2008 - 04:27 PM

ace101

    Member

  • Member
  • PipPip
  • 24 posts
Hi,
I need help in fixing my PC out. I have tried quite a few things now for the past 2 -3 weeks but am going no were. Any google searches are redirected to copy-book.com unless I right click them and open in a new tab in firefox or chrome.

I have got the hijackthis information & will paste it below.

It would be really grateful if someone would be able to help me out.

Thanks.

EDIT: also my AVG has stopped auto updating. I am having to do this manually now & sometimes the online site does not let me download the files.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:10 PM, on 12-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common
Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper
Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Intel Application
Accelerator\iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://www.skybroadband.com
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page
= http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page
=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page
=
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = local.,;*.local
R3 - URLSearchHook: (no name) -
{BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class -
{074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program
Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program
Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess -
{5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper -
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program
Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in -
{D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program
Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Contribute Toolbar -
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program
Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel
Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI
Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
-startup
O4 - HKLM\..\Run: [ISUSScheduler]
"C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe"
-start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo
AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [DLCCCATS] rundll32
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,
_RunDLLEntry@16
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program
Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdotf.exe]
C:\WINDOWS\system32\kdotf.exe
O4 - HKLM\..\Run: [NI.GSCNS]
"C:\DOCUME~1\SMSHAH~1\LOCALS~1\Temp\winvsnet.tmp"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoft32] win32sys.exe
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\S
M SHAH\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [gadcom] "C:\Documents and Settings\S M
SHAH\Application Data\gadcom\gadcom.exe"
61A847B5BBF728173599284503996897C881250221C8670836AC4FA7
C8833201749139
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe
(User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Sky -
{08E730A4-FB02-45BD-A900-01E4AD8016F6} -
http://www.skybroadband.com (file missing)
O9 - Extra button: Blog This -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program
Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program
Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antispyexpert.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.spyguardpro.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusremover2008.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.antispyexpert.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.spyguardpro.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusremover2008.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
http://messenger.zon...kr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
(SysProWmi Class) -
http://support.euro....iler/SysPro.CAB
O16 - DPF: {08829741-43FC-4ADB-90E2-9F980695253B}
(Data_Version_Check.RegProcs) -
http://www.hadleyhea...Version_Check.o
cx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zon...erStatsPAClient
.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows
Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers
Class) -
http://messenger.zon...kr.cab56986.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B}
(DownloadManager Control) -
http://dlmanager.aka...t/dlmanager/ver
sions/activex/dlm-activex-2.0.5.1.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}
(CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} -
http://www1.snapfish...shUKActivia.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
http://messenger.zon...SS.cab69309.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcaf...sctl/4,0,0,101/
mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire
Showdown Class) -
http://messenger.zon...ireShowdown.cab
56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl
Class) -
http://messenger.zon...O1/GAME_UNO1.ca
b
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
http://messenger.zon...rStatsClient.ca
b31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial
cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN
Games - Installer) -
http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative
Toolbox Plug-in) -
http://bmm.imgag.com.../crusher-uk.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zon...erStatsPAClient
.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
(Minesweeper Flags Class) -
http://messenger.zon...weeper.cab56986.
cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{656B1367-F289-425A-8E80-5
CF03C3192F0}: NameServer = 85.255.112.11;85.255.112.93
O17 -
HKLM\System\CCS\Services\Tcpip\..\{7C97D980-C813-42D6-A5C8-
4AC6B9248F51}: NameServer = 85.255.112.11;85.255.112.93
O17 -
HKLM\System\CCS\Services\Tcpip\..\{88CB960A-5419-4539-B401-
B9C1BED697BB}: NameServer = 85.255.112.11;85.255.112.93
O18 - Protocol: grooveLocalGWS -
{88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program
Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner -
{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program
Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program
Files\Common Files\Adobe Systems
Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems
Incorporated - C:\Program Files\Common Files\Adobe\Adobe
Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -
C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec
Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ,
s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ,
s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. -
C:\Program Files\Common
Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - C:\Program
Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative
Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program
Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: dlcc_device - Unknown owner -
C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program
Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. -
C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation -
C:\Program Files\Intel\Intel Application
Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown
owner - C:\Program
Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown
owner - C:\Program
Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KService - Kontiki Inc. - C:\Program
Files\Kontiki\KService.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) -
LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program
Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) -
Unknown owner - C:\Program Files\McAfee\Common
Framework\FrameworkService.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file
missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program
Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program
Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner -
C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC
Connectivity Solution\ServiceLayer.exe
O23 - Service: TVersityMediaServer - Unknown owner -
C:\Program Files\TVersity\Media Server\MediaServer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point
Software Technologies LTD -
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

--
End of file - 17995 bytes


Edited by ace101, 12 December 2008 - 04:29 PM.

  • 0

Advertisements

#2
Jimmy2012
Posted 20 December 2008 - 11:56 AM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101, and welcome to Geeks to go. :)
Sorry about the delay.

Lets get a fresh look at your computer.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

  • 0

#3
ace101
Posted 20 December 2008 - 07:19 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hello ace101, and welcome to Geeks to go. :)
Sorry about the delay.

Lets get a fresh look at your computer.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)


Hi, thanks for the reply. no worrys about the delay it been a busy month.
I downloaded the link you sent me and ran it, but it does not complete. It gets an error at performing registry dump. The error is "Link -1: Error: error parsing function call". I have reset the PC and tried again but I got the same result.
  • 0

#4
Jimmy2012
Posted 20 December 2008 - 09:49 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,
That's no problem, please try this program.




Download OTViewIt to your desktop.
  • Close all windows and open it
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
  • You may need to use two posts to get it all on the forum

  • 0

#5
ace101
Posted 21 December 2008 - 08:06 AM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
[quote name='OTViewIt.Txt']OTViewIt logfile created on: 21-12-2008 1:59:37 PM - Run
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\ADMIN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.82 Gb Available in Paging File | 95.53% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.24 Gb Total Space | 60.41 Gb Free Space | 26.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2005-05-10 12:31:22 | 00,241,664 | ---- | M] (Stardock) -- C:\Program Files\Common Files\Stardock\SDMCP.exe
[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2005-02-16 17:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[2005-07-22 19:03:00 | 00,425,984 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
[2004-03-18 08:33:26 | 00,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
[2008-10-01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2007-01-31 20:11:41 | 00,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
[2006-08-28 12:36:22 | 00,071,216 | ---- | M] () -- C:\Program Files\McAfee\MSC\mclogcln.exe
[2008-09-02 22:58:27 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[2007-03-06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
[2007-08-21 10:00:20 | 00,057,344 | ---- | M] (Cepstral, LLC) -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
[1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
[2007-10-16 20:04:12 | 01,094,936 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[2006-10-18 18:16:44 | 00,177,720 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
[2004-06-29 11:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
[2008-10-28 23:18:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008-02-27 17:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
[2008-05-28 11:32:34 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
[2008-02-28 14:31:50 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
[2008-05-28 11:32:30 | 00,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
[2006-07-19 16:48:46 | 00,554,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
[2006-08-18 19:35:58 | 00,175,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mclogsrv.exe
[2006-08-18 19:36:06 | 00,669,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcupdmgr.exe
[2006-08-28 11:09:34 | 02,131,496 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2006-08-14 19:50:32 | 00,345,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
[2006-08-18 19:35:26 | 00,470,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcpromgr.exe
[2006-07-16 16:22:06 | 00,231,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
[2006-08-14 16:24:08 | 00,140,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2006-08-14 19:48:28 | 00,622,160 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2006-08-18 19:35:42 | 00,187,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mctskshd.exe
[2006-08-18 19:35:50 | 00,300,656 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcusrmgr.exe
[2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2006-08-24 01:58:02 | 00,804,392 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
[2008-04-17 18:13:44 | 05,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
[2007-08-08 08:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
[2006-11-02 20:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe
[2000-06-26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
[2006-08-18 19:35:00 | 00,558,704 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
[2008-10-16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\wuauclt.exe
[2005-06-21 20:19:38 | 00,491,520 | ---- | M] () -- C:\WINDOWS\SYSTEM32\dlcccoms.exe
[2008-04-14 00:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
[2008-12-21 13:58:58 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006-12-15 18:34:52 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2008-08-15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4 [On_Demand | Stopped])
[2008-10-01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007-10-24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2005-10-28 21:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2007-01-31 20:11:41 | 00,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
[2001-09-10 19:08:50 | 00,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE -- (C-DillaSrv [Disabled | Stopped])
[2007-03-06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
[2007-08-21 10:00:20 | 00,057,344 | ---- | M] (Cepstral, LLC) -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe -- (Cepstral License Server [Auto | Running])
[2007-10-24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (CLTNetCnService [Disabled | Stopped])
[1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[2007-10-16 20:04:12 | 01,094,936 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running])
[2005-06-21 20:19:38 | 00,491,520 | ---- | M] () -- C:\WINDOWS\SYSTEM32\dlcccoms.exe -- (dlcc_device [On_Demand | Running])
[2006-10-18 18:16:44 | 00,177,720 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi [Auto | Stop_Pending])
[2006-08-14 16:52:32 | 00,337,488 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy [On_Demand | Stopped])
[2008-10-18 15:30:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2007-01-30 20:52:07 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2004-06-29 11:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon [Auto | Running])
[2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Running])
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Running])
[2008-10-01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
[2008-10-28 23:18:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008-02-27 17:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe -- (KService [Auto | Running])
[2007-01-31 20:11:41 | 02,975,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
[2008-05-28 11:32:34 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint [Auto | Running])
[2008-02-28 14:31:50 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn [Auto | Running])
[2006-07-19 16:48:46 | 00,554,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service [Auto | Running])
File not found -- -- (McAfeeFramework [Auto | Stopped])
[2006-08-18 19:35:58 | 00,175,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mclogsrv.exe -- (McLogManagerService [Auto | Running])
[2006-08-18 19:36:06 | 00,669,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcupdmgr.exe -- (mcmispupdmgr [Auto | Running])
[2006-08-28 11:09:34 | 02,131,496 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2006-08-14 19:50:32 | 00,345,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [Auto | Running])
[2006-08-18 19:35:26 | 00,470,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcpromgr.exe -- (mcpromgr [Auto | Running])
[2006-07-16 16:22:06 | 00,231,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector [Auto | Running])
[2006-08-14 16:24:08 | 00,140,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2006-08-14 19:48:28 | 00,622,160 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [Auto | Running])
[2006-08-18 19:35:42 | 00,187,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mctskshd.exe -- (mctskshd.exe [Auto | Running])
[2006-08-18 19:35:50 | 00,300,656 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcusrmgr.exe -- (mcusrmgr [Auto | Running])
[2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2007-08-24 05:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
[2006-08-24 01:58:02 | 00,804,392 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2002-12-17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [On_Demand | Stopped])
[2002-12-17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
[2008-04-17 18:13:44 | 05,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL [Auto | Running])
[2007-08-08 08:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
[2007-08-03 11:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
[2007-08-24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006-11-02 20:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe -- (ProtexisLicensing [Auto | Running])
[2006-11-06 14:21:10 | 00,210,432 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
[2002-12-17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
[2008-07-22 16:59:42 | 00,794,624 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [On_Demand | Stopped])
[2007-03-03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Disabled | Stopped])
[2007-10-18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007-10-25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2000-06-26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe -- (WMDM PMSP Service [Auto | Running])
[2006-10-18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services ==========

[2005-09-02 13:43:54 | 00,827,008 | R--- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Running])
[2008-04-13 18:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
[2005-03-15 11:00:00 | 00,277,504 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\SYSTEM32\DRIVERS\SAA713x.sys -- (713xTVCard [Auto | Stopped])
[2003-12-08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
[2004-08-07 17:15:47 | 00,070,688 | R--- | M] (THOMSON) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
[2001-08-17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde [Boot | Stopped])
[2008-04-13 18:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp [Boot | Stopped])
[2004-03-10 14:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\asapiW2k.sys -- (ASAPIW2k [On_Demand | Running])
[2001-08-17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc [Boot | Stopped])
[2001-08-17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550 [Boot | Stopped])
[2007-02-06 14:01:48 | 00,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32 [System | Running])
[2005-10-29 03:12:31 | 01,391,104 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2008-04-13 18:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
[2005-09-20 12:47:00 | 00,041,600 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\avera800.sys -- (avera800 [On_Demand | Stopped])
[2004-05-29 17:41:54 | 00,186,112 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
[2007-05-26 10:22:35 | 00,163,712 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\vidstub.sys -- (BootScreen [Boot | Running])
[2001-11-06 14:20:00 | 00,265,512 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\BT848.sys -- (BT848 [Auto | Stopped])
[2006-11-01 17:45:14 | 00,219,264 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\SYSTEM32\DRIVERS\BTCamDrv.sys -- (BTCAMDRV [On_Demand | Stopped])
[2001-03-07 18:30:00 | 00,018,944 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\bttuner.sys -- (BTTUNER [Auto | Stopped])
[1999-07-21 17:28:00 | 00,013,308 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\btxbar.sys -- (BTXBAR [Auto | Stopped])
[2001-09-10 19:09:46 | 00,057,392 | ---- | M] (Macrovision) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANT.SYS -- (C-Dilla [On_Demand | Stopped])
[2005-03-03 17:11:20 | 00,008,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA [On_Demand | Stopped])
[2007-12-10 02:00:00 | 00,009,072 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
[2007-12-10 02:00:00 | 00,009,200 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
[2004-03-08 11:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
[2008-04-21 12:38:14 | 00,241,280 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp [System | Running])
[2001-08-17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde [Boot | Stopped])
[2006-10-30 11:32:22 | 00,835,568 | ---- | M] (Authentium, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Css-Dvp.sys -- (CSS DVP [Auto | Running])
[2003-02-20 16:22:38 | 00,135,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k [On_Demand | Running])
[2003-03-26 15:33:58 | 00,498,688 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
[2003-03-27 10:58:56 | 00,287,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])
[2003-02-20 16:24:18 | 00,006,144 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
[2003-02-20 16:24:34 | 00,135,248 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
[2001-08-17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k [Boot | Stopped])
[2005-04-22 03:22:00 | 00,088,352 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys -- (drvmcdb [Boot | Running])
[2005-04-21 02:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm [Auto | Running])
[2008-04-21 12:38:14 | 00,025,930 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K [On_Demand | Running])
[2001-08-17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS -- (E100B [On_Demand | Stopped])
[2006-11-25 09:00:00 | 00,387,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
[2003-02-20 16:24:46 | 00,116,000 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia [On_Demand | Running])
[2008-04-17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[1996-04-03 19:33:26 | 00,005,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\giveio.sys -- (giveio [Boot | Running])
[2003-03-26 15:31:40 | 00,823,616 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
[2003-03-26 15:32:02 | 00,141,536 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\hap16v2k.sys -- (hap16v2k [On_Demand | Running])
[2001-06-01 11:19:46 | 00,019,008 | ---- | M] (Nokia Mobile Phones Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\hdr1usb.sys -- (HDR1USB [On_Demand | Stopped])
[2004-06-29 11:17:16 | 00,477,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS -- (iaStor [Boot | Running])
[2004-03-05 22:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51 [On_Demand | Running])
[2004-03-05 22:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52 [On_Demand | Running])
[2004-06-15 22:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53 [On_Demand | Running])
[2006-03-13 18:35:12 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped])
[2006-03-13 18:35:18 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped])
[2006-03-13 18:35:20 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped])
[2006-03-13 18:35:26 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped])
[2006-03-13 18:35:28 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750obex.sys -- (k750obex [On_Demand | Stopped])
[2008-04-13 18:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid [System | Running])
[2004-03-03 08:50:00 | 00,014,095 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LCcfltr.sys -- (LCcfltr [On_Demand | Running])
[2004-03-03 08:50:00 | 00,037,887 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsb.sys -- (LHidUsb [On_Demand | Running])
[2005-03-09 20:50:16 | 00,033,792 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\libusb0.sys -- (libusb0 [On_Demand | Stopped])
[2008-02-28 14:31:52 | 00,012,856 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo [Auto | Running])
[2008-02-28 14:31:08 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMImirr.sys -- (LMImirr [On_Demand | Stopped])
[2008-05-28 11:33:14 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP [Disabled | Stopped])
[2008-03-07 12:39:50 | 00,045,848 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver [Auto | Running])
[2008-11-23 21:09:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs -- (LVUVC [On_Demand | Stopped])
[2005-06-02 19:28:38 | 00,171,008 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
[2006-07-08 15:46:16 | 00,084,744 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2006-08-14 16:25:30 | 00,033,928 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2006-08-14 16:25:48 | 00,162,504 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfehidk.sys -- (mfehidk [On_Demand | Running])
[2006-08-14 16:25:56 | 00,031,752 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
[2006-08-14 16:26:04 | 00,037,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2008-04-21 12:38:14 | 00,030,662 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K [On_Demand | Stopped])
[2001-08-17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2004-03-05 22:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt [On_Demand | Running])
[2008-04-13 18:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mpe.sys -- (MPE [On_Demand | Stopped])
[2006-07-17 21:56:26 | 00,104,024 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys -- (MPFP [System | Running])
[2001-08-17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x [Boot | Stopped])
[2008-04-13 18:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
[2008-11-16 19:14:18 | 00,027,904 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisprot.sys -- (Ndisprot [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,009,216 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdc.sys -- (Nokia USB Generic [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,012,800 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcm.sys -- (Nokia USB Modem [On_Demand | Stopped])
[2006-10-10 08:54:34 | 00,138,240 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcd.sys -- (Nokia USB Phone Parent [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,012,800 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcj.sys -- (Nokia USB Port [On_Demand | Stopped])
[2004-08-03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv [On_Demand | Stopped])
[2002-11-08 13:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci [System | Running])
[2003-03-26 15:32:32 | 00,189,504 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv [On_Demand | Running])
[2004-07-16 15:47:14 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI [System | Running])
[2007-04-16 23:31:48 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\SYSTEM32\DRIVERS\pcouffin.sys -- (pcouffin [On_Demand | Running])
[2004-04-05 16:10:10 | 00,009,340 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\pctvnet.sys -- (pctvnet [On_Demand | Running])
[2003-03-06 09:10:34 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -- (PfModNT [Auto | Running])
[2004-08-04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink [On_Demand | Running])
[2008-04-21 12:38:14 | 00,144,250 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2K [System | Running])
[2008-02-06 02:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001-08-17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080 [Boot | Stopped])
[2001-08-17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160 [Boot | Stopped])
[2001-08-17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280 [Boot | Stopped])
[2007-04-03 13:59:30 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616bus.sys -- (s616bus [On_Demand | Stopped])
[2007-04-03 13:59:36 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mdfl.sys -- (s616mdfl [On_Demand | Stopped])
[2007-04-03 13:59:38 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mdm.sys -- (s616mdm [On_Demand | Stopped])
[2007-04-03 13:59:40 | 00,100,360 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mgmt.sys -- (s616mgmt [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616nd5.sys -- (s616nd5 [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616obex.sys -- (s616obex [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616unic.sys -- (s616unic [On_Demand | Stopped])
[2006-03-18 02:24:59 | 00,026,844 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
[2006-11-10 10:54:10 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\SE2Cbus.sys -- (SE2Cbus [On_Demand | Stopped])
[2007-02-08 13:55:40 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1bus.sys -- (sea1bus [On_Demand | Stopped])
[2007-02-08 13:55:50 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mdfl.sys -- (sea1mdfl [On_Demand | Stopped])
[2007-02-08 13:55:52 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mdm.sys -- (sea1mdm [On_Demand | Stopped])
[2007-02-08 13:56:00 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mgmt.sys -- (sea1mgmt [On_Demand | Stopped])
[2007-02-08 13:56:02 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1nd5.sys -- (sea1nd5 [On_Demand | Stopped])
[2007-02-08 13:56:06 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1obex.sys -- (sea1obex [On_Demand | Stopped])
[2007-02-08 13:56:20 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1unic.sys -- (sea1unic [On_Demand | Stopped])
[2007-11-13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
[2008-04-13 18:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp [Boot | Stopped])
[2001-08-17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2001-08-17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow [Boot | Stopped])
[2006-09-24 13:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\SYSTEM32\speedfan.sys -- (speedfan [Boot | Running])
[2008-07-10 16:07:34 | 00,717,296 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys -- (sptd [Boot | Running])
[2005-05-13 10:37:28 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5 [System | Running])
[2005-05-13 10:37:20 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln [System | Running])
[2005-01-24 15:38:00 | 00,052,384 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])
[2005-01-24 15:38:04 | 00,006,064 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])
[2005-01-24 15:38:04 | 00,084,512 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])
[2001-08-17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810 [Boot | Stopped])
[2001-08-17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx [Boot | Stopped])
[2001-08-17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi [Boot | Stopped])
[2001-08-17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3 [Boot | Stopped])
[2005-05-31 05:33:00 | 00,025,725 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
[2005-05-31 05:33:00 | 00,034,845 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
[2005-05-31 05:33:00 | 00,004,125 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
[2005-05-31 05:33:00 | 00,002,241 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
[2005-05-31 05:33:00 | 00,086,876 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
[2005-05-31 05:33:00 | 00,015,069 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
[2005-05-31 05:33:00 | 00,006,365 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
[2005-05-31 05:33:00 | 00,098,716 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
[2005-05-31 05:33:00 | 00,100,605 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
[2007-12-04 15:44:00 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\SYSTEM32\DRIVERS\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped])
[2004-03-28 18:50:22 | 00,052,352 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xbus.sys -- (U81xbus [On_Demand | Stopped])
[2004-03-28 18:51:38 | 00,006,064 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmdfl.sys -- (U81xmdfl [On_Demand | Stopped])
[2004-03-28 18:51:42 | 00,084,480 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmdm.sys -- (U81xmdm [On_Demand | Stopped])
[2004-03-28 18:52:38 | 00,077,472 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmgmt.sys -- (U81xmgmt [On_Demand | Stopped])
[2004-03-28 18:53:30 | 00,075,456 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xobex.sys -- (U81xobex [On_Demand | Stopped])
[2008-04-21 12:38:14 | 00,206,464 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (Udfreadr_xp [System | Running])
[2001-08-17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra [Boot | Stopped])
[2001-08-17 12:58:12 | 00,022,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\umaxpcls.sys -- (UMAXPCLS [Auto | Stopped])
[2008-04-13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
[2008-04-13 18:46:20 | 00,121,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbvideo.sys -- (usbvideo [On_Demand | Stopped])
[2004-08-04 05:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS -- (WS2IFSL [System | Running])
[2005-11-30 11:50:14 | 00,392,316 | ---- | M] (Vimicro Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbVM305.sys -- (ZSMC0305 [On_Demand | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://www.msn.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.skybroadband.com
"Page_Transitions"=
"Search Page"=http://www.google.com
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Start Page"=http://www.msn.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = local.,;*.local

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{074C1DC5-9320-4A9A-947D-C042949C6216} (HKLM) -- C:\Program Files\Adobe [2008-10-18 16:24:09 | 00,000,000 | ---D | M]
{5CA3D70E-1895-11CF-8E15-001234567890} (HKLM) -- C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (HKLM) -- c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" (HKLM) -- C:\Program Files\Adobe [2008-10-18 16:24:09 | 00,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{D0943516-5076-4020-A3B5-AEFAF26AB263}" (HKLM) -- C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL (Microsoft Corporation)
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
"C:\WINDOWS\system32\kdotf.exe"=C:\WINDOWS\system32\kdotf.exe File not found
"DLCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 ()
"dlccmon.exe"="C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" (Dell)
"IAAnotif"=C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe (Intel Corporation)
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start (InstallShield Software Corporation)
"McLogLch_exe"=C:\Program Files\McAfee\MSC\McLogLch.exe ()
"NI.GSCNS"="C:\DOCUME~1\ADMIN~1\LOCALS~1\Temp\winvsnet.tmp" File not found
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gadcom"="C:\Documents and Settings\ADMIN\Application Data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139 File not found
"Google Update"="C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)

========== (O4) RunServices Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft32"=win32sys.exe File not found

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_CURRENT_USER\Software\policies\microsoft\internet explorer\Control Panel]
"Colors"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=223

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableRegistryTools"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2008-07-30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08E730A4-FB02-45BD-A900-01E4AD8016F6}: Button: Sky -- File not found
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blog This -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blog This in Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007-12-13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007-12-13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] -> [Sky] -> File not found
CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> [Reg Error: Value MenuText does not exist or could not be read.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.micro...d...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
amaena.com: * in Trusted sites
antimalwareguard.com: * in Trusted sites
antispyexpert.com: * in Trusted sites
avsystemcare.com: * in Trusted sites
gomyhit.com: * in Trusted sites
imageservr.com: * in Trusted sites
imagesrvr.com: * in Trusted sites
onerateld.com: * in Trusted sites
safetydownload.com: * in Trusted sites
spyguardpro.com: * in Trusted sites
storageguardsoft.com: * in Trusted sites
trustedantivirus.com: * in Trusted sites
virusremover2008.com: * in Trusted sites
virusschlacht.com: * in Trusted sites
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
amaena.com: * in Trusted sites
antimalwareguard.com: * in Trusted sites
antispyexpert.com: * in Trusted sites
avsystemcare.com: * in Trusted sites
gomyhit.com: * in Trusted sites
imageservr.com: * in Trusted sites
imagesrvr.com: * in Trusted sites
onerateld.com: * in Trusted sites
safetydownload.com: * in Trusted sites
spyguardpro.com: * in Trusted sites
storageguardsoft.com: * in Trusted sites
trustedantivirus.com: * in Trusted sites
virusremover2008.com: * in Trusted sites
virusschlacht.com: * in Trusted sites

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{00B71CFB-6864-4346-A978-C0A14556272C}: http://messenger.zon...kr.cab31267.cab -- Reg Error: Key does not exist or could not be opened.
{01A88BB1-1174-41EC-ACCB-963509EAE56B}: http://support.euro....iler/SysPro.CAB -- SysProWmi Class
{08829741-43FC-4ADB-90E2-9F980695253B}: http://www.hadleyhea...rsion_Check.ocx -- Data_Version_Check.RegProcs
{14B87622-7E19-4EA8-93B3-97215F77A6BC}: http://messenger.zon...nt.cab31267.cab -- MessengerStatsClient Class
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macr...director/sw.cab -- Shockwave ActiveX Control
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft....k/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{20A60F0D-9AFA-4515-A0FD-83BD84642501}: http://messenger.zon...kr.cab56986.cab -- Checkers Class
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B}: http://dlmanager.aka...vex-2.0.5.1.cab -- DownloadManager Control
{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}: http://dl.tvunetworks.com/TVUAx.cab -- CTVUAxCtrl Object
{406B5949-7190-4245-91A9-30A17DE16AD0}: http://www1.snapfish...shUKActivia.cab -- Reg Error: Key does not exist or could not be opened.
{4A85DBE0-BFB2-4119-8401-186A7C6EB653}: http://messenger.zon...SS.cab69309.cab --
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}: http://download.mcaf...01/mcinsctl.cab -- Reg Error: Key does not exist or could not be opened.
{5C051655-FCD5-4969-9182-770EA5AA5565}: http://messenger.zon...wn.cab56986.cab -- Solitaire Showdown Class
{5D6F45B3-9043-443D-A792-115447494D24}: http://messenger.zon...1/GAME_UNO1.cab -- UnoCtrl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}: http://messenger.zon...nt.cab31267.cab -- Reg Error: Key does not exist or could not be opened.
{A90A5822-F108-45AD-8482-9BC8B12DD539}: http://www.crucial.c.../cpcScanner.cab -- Crucial cpcScan
{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zon...ro.cab56649.cab -- MSN Games - Installer
{BD8667B7-38D8-4C77-B580-18C3E146372C}: http://bmm.imgag.com.../crusher-uk.cab -- Creative Toolbox Plug-in
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zon...nt.cab56907.cab -- MessengerStatsClient Class
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_06
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macr...ash/swflash.cab -- Shockwave Flash Object
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}: http://messenger.zon...er.cab56986.cab -- Minesweeper Flags Class

========== (O17) DNS Name Servers ==========

{0FFDEB40-37DF-44DE-94BC-4FBEFE089172} (Servers: | Desc
  • 0

#6
ace101
Posted 21 December 2008 - 08:07 AM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

OTViewIt Extras logfile created on: 21-12-2008 1:59:37 PM - Run
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\ADMIN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.82 Gb Available in Paging File | 95.53% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.24 Gb Total Space | 60.41 Gb Free Space | 26.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=0
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008-04-14 00:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008-04-13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Messenger (Phone)
[2007-11-28 16:27:10 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007-10-02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008-04-14 00:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger
[2008-08-23 05:56:15 | 00,635,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer
File not found -- C:\Program Files\Lemonade Tycoon 2\Lemonade2.exe:*:Disabled:Lemonade2
[2005-04-13 01:20:04 | 00,049,250 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_03\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary
[2005-08-26 14:55:58 | 00,049,250 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary
File not found -- C:\Program Files\KONAMI\Pro Evolution Soccer 5\PES5.exe:*:Enabled:pes5.exe
File not found -- C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager
File not found -- C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio
File not found -- C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile
File not found -- C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi
[2008-04-14 00:12:25 | 01,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MMC.EXE:*:Enabled:Microsoft Management Console
[2008-10-29 15:35:34 | 00,199,616 | ---- | M] (Vuze Inc.) -- C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
[2008-04-14 00:12:18 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DPVSETUP.EXE:*:Enabled:Microsoft DirectPlay Voice Test
[2008-04-14 00:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\RUNDLL32.EXE:*:Enabled:Run a DLL as an App
[2005-06-21 20:19:38 | 00,491,520 | ---- | M] () -- C:\WINDOWS\SYSTEM32\dlcccoms.exe:*:Enabled:Dell 924 Server
[2005-06-16 15:19:02 | 00,172,032 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\dlccPSWX.EXE:*:Enabled:Dell 924 Printer Status
[2008-04-13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service
[2007-07-13 08:43:10 | 00,728,576 | ---- | M] (ParetoLogic) -- C:\Program Files\XoftSpySE\XoftSpy.exe:*:Enabled:XoftSpySE
[2008-05-21 03:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
[2007-08-28 23:23:36 | 00,340,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove
[2008-05-21 04:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
File not found -- C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:*:Enabled:iolo Firewall®
File not found -- C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:*:Enabled:iolo AntiVirus®
File not found -- C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection
[2006-04-27 15:44:44 | 00,331,776 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe
[2006-04-27 15:44:40 | 00,692,224 | ---- | M] ( ) -- C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe
[2005-08-30 16:51:54 | 00,036,864 | ---- | M] ( ) -- C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe
[2006-03-09 13:07:22 | 00,020,480 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe
File not found -- C:\Program Files\Common Files\Sogou PXP\p2psvr.exe:*:Enabled:Sogou P4P Service
[2008-09-18 19:01:52 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
File not found -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Messenger (Phone)
[2008-01-15 05:20:56 | 00,183,160 | ---- | M] (Adobe Systems Incorporated ) -- C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe:*:Disabled:Adobe After Effects CS3
File not found -- C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
File not found -- C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
File not found -- C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
[2008-02-27 17:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service
[2008-12-18 22:15:13 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[2006-04-27 15:47:14 | 00,065,536 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService
[2008-08-28 09:18:24 | 03,660,848 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client
[2008-05-11 11:19:30 | 05,423,104 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule
[2008-07-22 16:59:42 | 00,794,624 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server
[2007-08-03 11:50:14 | 00,767,272 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home
[2007-11-28 16:27:10 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007-10-02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008-10-01 17:57:04 | 14,258,472 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008-08-14 06:58:34 | 00,611,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Disabled:Adobe CSI CS4
[2008-08-15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Disabled:Adobe Version Cue CS4 Server
File not found -- C:\Documents and Settings\ADMIN\Local Settings\Temp\PortChkPES2009EUPS3.exe:*:Enabled:Port Checker
[2005-08-12 13:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:*:Enabled:CLI Application (Command Line Interface)
[2008-10-28 23:18:03 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary
[2008-04-14 00:12:21 | 00,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice
[2006-08-28 11:09:34 | 02,131,496 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007-08-24 06:01:46 | 00,224,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} (HKLM) [Local Groove Web Services Protocol])
ipp: [HKLM - No CLSID value]
[2007-08-28 22:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2007-10-18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
msdaipp: [HKLM - No CLSID value]
[2007-08-28 22:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2007-08-28 22:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2006-10-26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])
[2007-10-18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[2007-10-23 12:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2006-10-26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}"=Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}"=Adobe XMP DVA Panels CS3
"{036AA4D4-6D32-11D4-9875-00105ACE7734}"=Logitech iTouch Software
"{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}"=Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}"=Adobe Extension Manager CS4
"{05675D95-1567-4E00-A818-DB08064EA088}"=Sony Ericsson PC Suite
"{05D60953-9012-44DF-A1A6-9DD97AD6580A}"=Corel Painter X
"{083E277B-7976-4C5A-894E-C84A0966F14A}"=Adobe Setup
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}"=kuler
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}"=Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}"=Adobe CSI CS4
"{1188B123-D884-43D5-8E8E-A7B9852DDDA2}"=Cepstral Allison 4.2.0
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}"=Adobe Photoshop Album 2.0 Starter Edition
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}"=Sonic DLA
"{14F70205-1940-4000-88C7-BE799A6B2CAD}"=Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}"=Adobe SGM CS4
"{15C768E2-AB61-4DE3-952F-6B237A834951}"=Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}"=Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}"=AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}"=Windows Live Mail
"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}"=Adobe After Effects CS3 Presets
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}"=Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}"=Adobe Version Cue CS4 Server
"{1BA16E5A-72B9-44B7-9FDA-FB6CE7FF6C0C}"=Camtasia Studio 4
"{1CF28795-FDB8-47BB-AFEA-63F85DFCD0C9}"=Nokia Software Updater
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}"=Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}"=Adobe InDesign CS4 Icon Handler
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}"=Picture Package
"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}"=Adobe Flash CS4 STI-en
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{2360F2E3-7BBE-44C2-BBA0-C0DEA046B53A}"=trendcam.com
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}"=Adobe ExtendScript Toolkit 2
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}"=Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}"=Java™ 6 Update 10
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}"=Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2CFE4799-CB85-456C-AABE-9BA2D02D81DB}"=Sky Broadband
"{2E086814-7392-4E0F-ADB8-54A81E47406C}"=Broadcom Advanced Control Suite 2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}"=Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150030}"=J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0150050}"=J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}"=Java™ 6 Update 6
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}"=EN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{353073E8-1185-4823-8F3A-A1F4AF6DD2CD}"=Roxio DVDit Pro HD
"{35BDEFF1-A610-4956-A00D-15453C116395}"=Internet Explorer Default Page
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}"=PDF Settings CS4
"{385198CD-D735-498A-B8FF-470A11BF9087}"=Cepstral Callie 4.2.0
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}"=Adobe Media Player
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}"=Adobe Setup
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}"=Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}"=Adobe Flash Player 10 ActiveX
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}"=Macromedia Flash MX
"{3D047C15-C859-45F7-81CE-F2681778069B}"=iPod for Windows 2006-01-10
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}"=Adobe Color - Photoshop Specific CS4
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}"=Adobe Photoshop CS3
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}"=Adobe WinSoft Linguistics Plugin
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}"=Yht USB PC Camera
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}"=Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}"=Pixel Bender Toolkit
"{439800C9-FD42-4EA3-94D2-063DF0926873}"=Match-Up!
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}"=Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}"=Adobe After Effects CS4
"{48EB9208-593D-4DC7-B613-9C5A210D87BA}"=Sony Sound Forge 8.0b
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}"=Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}"=Adobe SING CS4
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}"=SmartSound Quicktracks Plugin
"{4BC14A37-586A-4AB3-A458-874AAE29337C}"=Adobe Setup
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}"=Macromedia Fireworks 8
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}"=FontNav
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}"=InterVideo DeviceService
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}"=Adobe Soundbooth CS4 Codecs
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}"=Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}"=Adobe Color EU Extra Settings CS4
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1"=iolo technologies' System Mechanic
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}"=Adobe Media Encoder CS4 Exporter
"{56F3E1FF-54FE-4384-A153-6CCABA097814}"=Creative MediaSource
"{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}"=Adobe Flash Player 9 ActiveX
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}"=Dell Driver Reset Tool
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}"=Sony USB Driver
"{5E6417D0-960A-4C18-9CB8-DD7678BDB8D0}"=Srt2Sup a4.03
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}"=Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}"=Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}"=Adobe Creative Suite 4 Master Collection
"{63218538-4A69-497F-8455-904261B0E9E4}"=CorelDRAW Graphics Suite X3
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}"=Windows Genuine Advantage v1.3.0254.0
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}"=Norton 360
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}"=Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}"=Adobe Photoshop CS4 Support
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}"=Adobe Setup
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}"=Sonic Express Labeler
"{67A48ED5-0B6A-470A-995C-B8F1942E8AB9}"=Diskeeper 2008 Pro Premier
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}"=Adobe After Effects CS4 Third Party Content
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD 5.3
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}"=AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}"=Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{702F1CE2-2751-4E8A-AB2D-53262AE0EF05}"=ATI Catalyst Control Center
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}"=MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}"=Adobe OnLocation CS4
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}"=Dell System Restore
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}"=Ulead VideoStudio 7 Trial
"{78B283AC-7F3C-41ED-9102-28E12CE08026}"=Audiator3
"{78E33B36-2103-49FC-B058-8CF44B6E75FD}"=Authentium AntiVirus SDK - 2
"{793D1D88-6141-43DE-BE58-59BCE31B4090}"=Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}"=Adobe InDesign CS4 Common Base Files
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}"=Zune Desktop Theme
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}"=LogMeIn
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}"=ISScript
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}"=Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}"=Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}"=Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}"=Suite Shared Configuration CS4
"{862E85C6-3A84-444C-A9B8-456E8115C392}"=SketchUp 5 Transportation Library
"{87532CAB-7932-4F84-8937-823337622807}"=Adobe Illustrator CS4
"{8851E12C-0EF9-11D4-A788-009027ABA5D0}"=Easy CD Creator 5 Platinum
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}"=PrimoPDF Redistribution Package
"{88F93347-0F9B-4FED-BA71-6C2A4CDFE61D}"=Ulead DVD MovieFactory 2 Trial
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}"=VIMICRO USB PC Camera V
"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}"=Nero 8
"{8B7443F5-E141-42A0-AB61-ED2331AAD606}"=4oD
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}"=Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}"=QuickTime
"{8EB8E60B-315D-44EB-A896-10D88602EE46}"=Adobe Setup
"{8F6E4272-B797-4523-8A4E-9FF01E1E0B16}"=Ulead DVD MovieFactory 5
"{90120000-0010-0409-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}"=Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}"=Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}"=Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}"=Intel Application Accelerator
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}"=RollerCoaster Tycoon® 3
"{9176251A-4CC1-4DDB-B343-B487195EB397}"=Windows Live Writer
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}"=Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}"=Adobe CMaps CS4
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}"=Microsoft Flight Simulator X
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}"=Apple Mobile Device Support
"{9B97F3A0-993F-4453-BCA8-E0DAFBE57845}"=Theory Interactive
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{9E491AB7-4589-48CA-9CBB-874CB2788391}"=Studio 9
"{9F8FDE1A-FA91-43F2-887B-CF080156D57E}"=Adobe Setup
"{9FC1345B-490E-4C9A-B200-6EFF7A91AE4A}"=TextSpeech Pro Resources
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}"=VC 9.0 Runtime
"{A3E77D20-647C-40E2-B69B-C120D4D58190}"=G5a922EN
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}"=Microsoft Visual C++ 2005 Redistributable
"{A6EC82A0-1414-475D-8AFD-469089F3080D}"=Adobe Contribute CS4
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{A9212616-FCA2-4173-BD99-5C741EB3A068}"=Ulead DVD PictureShow 2 Trial
"{AB2347E4-153B-4194-AA3B-97C0A662B369}"=PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A81200000003}"=Adobe Reader 8.1.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}"=ABBYY FineReader 6.0 Sprint
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}"=MSXML 6.0 Parser
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}"=Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}"=Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}"=Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}"=Connect
"{B3940EA5-7872-487E-AF15-CF20DBD65F1B}"=RapidLeecher
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}"=Adobe Setup
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}"=Microsoft XML Parser
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}"=Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}"=Adobe Bridge 1.0
"{B7757137-0A71-4A9F-8A82-1AE4A1B73420}"=Nokia Connectivity Cable Driver
"{B9F4561A-924D-4510-A85A-BB0960C338CB}"=Adobe Asset Services CS4
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1"=ConvertXtoDVD 2.1.14.223
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}"=Adobe Output Module
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}"=Nokia Connectivity Cable Driver
"{BE9B7A3D-BB08-427D-9B3E-508568EE90D9}"=gdShutdown
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}"=Adobe Media Encoder CS4 Additional Exporter
"{C306F174-32A9-4E68-A846-7CF464EBE953}"=Windows Live Local Add-in for Microsoft Office Outlook (Beta)
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}"=Adobe Default Language CS4
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}"=Sony Ericsson Device Data
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}"=VBA
"{C9E9625A-47B5-4DED-A851-B394B51279FA}"=MatchWare OpenMind 2.0 Home
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}"=Photoshop Camera Raw
"{CE3B8E96-B0AF-4871-9178-1519B58E3A93}"=Vimicro USB PC Camera (ZC0301PLH)
"{CF72DC2F-F292-4D2B-B4E8-7D2060F095DA}"=ArtRage
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D466F3D9-510C-4729-B7D4-2E70490E4CDF}"=BBC iPlayer Download Manager
"{D499F8DE-3F31-4900-9157-61061613704B}"=Adobe Premiere Pro CS4
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}"=Adobe XMP Panels CS3
"{D6BF6477-8369-489F-8DE6-3731F4B88560}"=Sony Ericsson PC Suite
"{D76D1828-BBA0-4BD9-8181-5ACC617DC5F2}"=Virtual Earth 3D (Beta)
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}"=Dell ResourceCD
"{D7A53E41-3F32-4A44-989C-53DDEBB2130C}"=Adobe Extension Manager CS3
"{DC358646-85FD-4923-B13F-E623511B0D08}"=Cepstral Millie 4.2.0
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}"=iTunes
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}"=Adobe Media Encoder CS4
"{E09B48B5-E141-427A-AB0C-D3605127224A}"=Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E16110F7-1C85-4675-99F4-7938F832C825}"=Adobe Fireworks CS3
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{E82BF103-904F-49C0-B77F-6EC110B71E87}"=Sound Blaster Audigy 2
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}"=Adobe Setup
"{E9CF8701-483A-4344-8119-0002BD0992A8}"=MySQL Server 5.0
"{EB0202F7-016A-410C-ADE4-40F848CCC661}"=Adobe After Effects CS3
"{EC68232E-C74E-4F1A-B296-DFD2E1944E10}"=Adobe Setup
"{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}"=LogMeIn
"{EDAA5D11-FAA6-425A-AF9D-0D7B5FCDCD74}"=SketchUp 5 Landscape Architecture Library
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}"=Adobe Stock Photos 1.0
"{EE353798-E875-42E0-B58D-7E6696182EA8}"=Adobe Media Encoder CS4 Dolby
"{EEFE551E-A6C7-4A2A-8C92-C805523B3B0C}"=Sony Ericsson Drivers
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}"=Adobe Dreamweaver CS3
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}"=Adobe Search for Help
"{F1C9C7F7-0D56-40B2-A276-152762D39BCA}"=Adobe Setup
"{F231900D-AA65-4B7C-8CCA-E72D30608354}"=Microsoft Scoreboard
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}"=Pinnacle MediaCenter
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}"=Update Manager
"{F6E99614-F042-4459-82B7-8B38B2601356}"=Adobe Flash CS4
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}"=ImageMixer VCD2
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}"=Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}"=Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}"=Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}"=Adobe Fonts All
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}"=Adobe Setup
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}"=Disc2Phone
"4CFD94C379217A02D5EA067615FF789CD731BCDB"=Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
"4oD"=4oD
"AAA Logo 2008_is1"=AAA Logo 2008 2.0
"Able2Doc Professional v4.0"=Able2Doc Professional v4.0
"Acoustica CD/DVD Label Maker"=Acoustica CD/DVD Label Maker
"Acoustica MP3 Audio Mixer"=Acoustica MP3 Audio Mixer
"Acoustica MP3 Audio Mixer 2.13"=Acoustica MP3 Audio Mixer 2.13
"Ad-Aware SE Professional"=Ad-Aware SE Professional
"Adobe AIR"=Adobe AIR
"Adobe Atmosphere Player"=Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Adobe_0b36ff97a89684768f1da4defc9f237"=Adobe Encore CS4 Codecs
"Adobe_3e054d2218e7aa282c2369d939e58ff"=Adobe ExtendScript Toolkit 2
"Adobe_435a6af7459cb02a9c1138113a26e93"=Adobe Dreamweaver CS3
"Adobe_5aab5a491a3a52ae624fd639f6aaa95"=Adobe After Effects CS4 Third Party Content
"Adobe_5d83aea83f5009a0d267d337e3f55fe"=Adobe After Effects CS3
"Adobe_5eba9bbdf1514a06b1a4c79a2920188"=Adobe Media Encoder CS4 Exporter
"Adobe_6c8e2cb4fd241c55406016127a6ab2e"=Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1"=Adobe Photoshop CS3
"Adobe_7774cb1e022c49962995a9014500066"=Adobe Media Encoder CS4 Importer
"Adobe_9f42804f89f9a287eff5269cd426478"=Adobe Soundbooth CS4 Codecs
"Adobe_b2d6abde968e6f277ddbfd501383e02"=Adobe Creative Suite 4 Master Collection
"Adobe_bbef028176efa5abf0233d3e1747be8"=Adobe Fireworks CS3
"Advanced Text To Speech_is1"=Advanced Text To Speech V3.60 Build 020122
"A-Level Chemistry"=A-Level Chemistry
"All ATI Software"=ATI - Software Uninstall Utility
"Analyse-it for Excel"=Analyse-it for Microsoft Excel
"Anim-FX"=Anim-FX
"A-PDF Merger_is1"=A-PDF Merger 2.4
"Ashampoo Movie Shrink & Burn 2"=Ashampoo Movie Shrink & Burn 2
"ATI Display Driver"=ATI Display Driver
"AVI MPEG RM WMV Joiner_is1"=AVI/MPEG/RM/WMV Joiner 4.81
"AVI MPEG RM WMV Splitter_is1"=AVI/MPEG/RM/WMV Splitter 4.28
"Azureus"=Azureus
"BBC iPlayer Download Manager"=BBC iPlayer Download Manager
"Belltech Label Maker Pro 2.1.2_is1"=Belltech Label Maker Pro 2.1.2
"blackhunt.zip"=blackhunt.zip
"Boilsoft AVI to VCD SVCD DVD Converter_is1"=Boilosft AVI to VCD SVCD DVD Converter 3.61
"BootSkin"=BootSkin
"Bus Driver"=Bus Driver 1.0
"CCleaner"=CCleaner (remove only)
"CD/DVD-ROM Generator"=CD/DVD-ROM Generator 1.20
"Click to Convert 5.8"=Click to Convert 5.8
"ClubDJ Pro"=ClubDJ Pro
"Collab"=Collab
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Adobe Media Player
"Cycore FX 1.0.1 for After Effects"=Cycore FX 1.0.1 for After Effects
"dBpowerAMP Music Converter"=dBpowerAMP Music Converter
"dBpowerAMP WMA V9.1 Codec"=dBpowerAMP WMA V9.1 Codec
"Dell Photo AIO Printer 924"=Dell Photo AIO Printer 924
"DesktopX"=DesktopX
"DirectXMediaRuntime"=DirectX Media Runtime 5.1
"DJ Mix Pro"=DJ Mix Pro
"dMC Power Pack"=dMC Power Pack
"DriverAgent"=DriverAgent Plugin for Netscape by TouchStone Software
"Driving Test Success - All Tests_is1"=Driving Test Success 2007/8
"DVD Decrypter"=DVD Decrypter (Remove Only)
"ENTERPRISE"=Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1"=EVEREST Home Edition v2.20
"Exampro EA_CHEM"=Exampro Edexcel GCE Chemistry
"FL Studio 8"=FL Studio 8
"Flash Decompiler Trillix_is1"=Flash Decompiler Trillix
"FlashDiskManager"=FlashDiskManager 3.0
"Foxit PDF Editor"=Foxit PDF Editor
"Free PS Convert driver_is1"=Free PS Convert driver 8.15
"FSX_Screensaver"=FSX_Screensaver
"GanttProject"=GanttProject
"Google Updater"=Google Updater
"GreenBox_is1"=GreenBox 1.0
"HijackThis"=HijackThis 2.0.2
"Hollywood FX for Studio"=Pinnacle Hollywood FX for Studio
"HP Photo Printing Software"=HP Photo Printing Software
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"iDump"=iDump Build: 24
"ie7"=Windows Internet Explorer 7
"IL Download Manager"=IL Download Manager
"Image2PDF v3.2_is1"=Image2PDF v3.2
"Infix2"=Infix2
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}"=Broadcom Advanced Control Suite 2
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}"=iPod for Windows 2006-01-10
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}"=SmartSound Quicktracks Plugin
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}"=Microsoft Flight Simulator X
"Intel® 537EP V9x DF PCI Modem"=Intel® 537EP V9x DF PCI Modem
"IsoBuster_is1"=IsoBuster 1.8
"Keylight 1.1v1 for After Effects_is1"=Keylight 1.1v1 for After Effects 7.0
"LHTTSENG"=L&H TTS3000 British English
"LimeWire"=LimeWire PRO 4.18.8
"LiveReg"=LiveReg (Symantec Corporation)
"LiveUpdate"=LiveUpdate 3.2 (Symantec Corporation)
"LogonStudio"=LogonStudio
"Magic Bullet Suite 2.0"=Magic Bullet Suite 2.0
"Magic Bullet Suite 2.1"=Magic Bullet Suite 2.1
"Magic ISO Maker v5.3 (build 0229)"=Magic ISO Maker v5.3 (build 0229)
"MAP"=MAP
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Migo Recover Lost Data3"=Migo Recover Lost Data
"Mix-FX"=Mix-FX
"Movkit Batch Video Converter_is1"=Movkit Batch Video Converter 2.8.8
"Mozilla ActiveX Control v1.7.12"=Mozilla ActiveX Control v1.7.12
"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)
"MP3 Stream Creator_is1"=MP3 Stream Creator 2.0
"MSC"=McAfee SecurityCenter
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS"=Microsoft Text-to-Speech Engine 4.0 (English)
"NeroMultiInstaller!UninstallKey"=Nero Suite
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NokiaFREE Unlock Codes Calculator"=NokiaFREE Unlock Codes Calculator
"novaPDF Professional Desktop 5 printer_is1"=novaPDF Professional Desktop 5.3 printer
"P2P TV Recorder_is1"=P2P TV Recorder
"PCDJ Home Edition"=PCDJ Home Edition
"PhotoWatermark Professional_is1"=PhotoWatermark Professional 7
"Picasa2"=Picasa 2
"PoiZone"=PoiZone
"PowerISO"=PowerISO
"PrimoPDF3.0"=PrimoPDF
"RealPlayer 6.0"=RealPlayer
"Recover My Files_is1"=Recover My Files
"RegCure"=RegCure 1.5.0.0
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"ScriptOcean Flash Menu Wizard"=ScriptOcean Flash Menu Wizard 2.0
"ShareGuard_is1"=ShareGuard V3.6
"SimpleCenter 4.1.4.0067"=SimpleCenter 4.1.4.0067
"SoftickPPP"=Softick PPP 2.21 (remove only)
"SopCast"=SopCast 3.0.1
"SopCore"=SopCore 1.1.1
"SpeedFan"=SpeedFan (remove only)
"Spybot - Search & Destroy_is1"=Spybot - Search & Destroy 1.3
"StreetPlugin"=Learn2 Player (Uninstall Only)
"SymSetupTemp.{2D617065-1C52-4240-B5BC-C0AE12157777}"=Norton 360
"SystemRequirementsLab"=System Requirements Lab
"Text to Speech Maker_is1"=Text to Speech Maker version 1.6.2
"The Logo Creator v4"=The Logo Creator v4
"The Logo Creator v5"=The Logo Creator v5
"TomTomActivation"=[Activation] v0.3 Beta 3
"Total Challenge"=Total Challenge 1.0
"Toxic Biohazard"=Toxic Biohazard
"Trapcode Shine"=Trapcode Shine
"Trapcode Shine Premiere Pro"=Trapcode Shine Premiere Pro
"tv_enua"=Lernout & Hauspie TruVoice American English TTS Engine
"TVersity Codec Pack"=TVersity Codec Pack 1.2
"TVersity Media Server "=TVersity Media Server 1.0.0.3 RC2
"Virtual DJ - Atomix Productions"=Virtual DJ - Atomix Productions
"Vuze"=Vuze
"WAV to MP3 Encoder"=WAV to MP3 Encoder
"WIC"=Windows Imaging Component
"WindowBlinds"=WindowBlinds
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"Windows XP Service Pack"=Windows XP Service Pack 3
"WinImage"=WinImage
"WinISO_is1"=WinISO 5.3
"WinRAR archiver"=WinRAR archiver
"WinUHA_is1"=WinUHA 2.0 RC1 (2005.02.27)
"WinZip"=WinZip
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Word 2 PDF 1"=Word 2 PDF 1
"Wudf01005"=Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xilisoft Video Converter"=Xilisoft Video Converter 3
"XoftSpySE"=XoftSpySE

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8bd3fa93fb1ac53b"=Graboid Video
"Flash EXE Builder 1.0"=Flash EXE Builder 1.0(remove only)
"Google Chrome"=Google Chrome
"mpowerplayer"=mpowerplayer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20-12-2008 10:56:55 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:56:56 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:56:56 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:57:01 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:57:01 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:57:13 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established

Error - 20-12-2008 10:57:13 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 10:57:14 AM | Computer Name = ADMIN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 20-12-2008 11:02:07 AM | Computer Name = ADMIN | Source = MsiInstaller | ID = 11921
Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi'
(DvpApi) could not be stopped. Verify that you have sufficient privileges to stop
system services.

Error - 20-12-2008 9:19:46 PM | Computer Name = ADMIN | Source = MsiInstaller | ID = 11921
Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi'
(DvpApi) could not be stopped. Verify that you have sufficient privileges to stop
system services.

[ OSession Events ]
Error - 22-07-2006 1:50:33 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.3820.1003, Microsoft Office Version: 12.0.3820.1004. This session lasted 34
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30-12-2006 1:34:38 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 102
seconds with 60 seconds of active time. This session ended with a crash.

Error - 20-03-2007 2:45:15 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1409
seconds with 300 seconds of active time. This session ended with a crash.

Error - 10-04-2007 12:57:30 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 2, Application Name: Microsoft Office Access, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 0
seconds with 360 seconds of active time. This session ended with a crash.

Error - 11-05-2007 1:06:30 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27-05-2007 11:42:39 AM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01-06-2007 12:27:23 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 78
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11-06-2007 2:30:51 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20-06-2007 4:27:09 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03-04-2008 5:13:00 PM | Computer Name = ADMIN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2714
seconds with 1260 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21-12-2008 9:54:59 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = The BtCap, WDM Video Capture service failed to start due to the following
error: %%1058

Error - 21-12-2008 9:54:59 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = The BtTuner, WDM TvTuner service failed to start due to the following
error: %%1058

Error - 21-12-2008 9:54:59 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = The BtXBar, WDM Crossbar service failed to start due to the following
error: %%1058

Error - 21-12-2008 9:54:59 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = The McAfee Framework Service service failed to start due to the following
error: %%2

Error - 21-12-2008 9:56:14 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7022
Description = The dvpapi service hung on starting.

Error - 21-12-2008 9:56:14 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7022
Description = The KService service hung on starting.

Error - 21-12-2008 9:56:14 AM | Computer Name = ADMIN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error - 21-12-2008 9:56:35 AM | Computer Name = ADMIN | Source = HTTP | ID = 15005
Description = Unable to bind to the underlying transport for 0.0.0.0:2869. The IP
Listen-Only list may contain a reference to an interface which may not exist on
this machine. The data field contains the error number.

Error - 21-12-2008 9:56:35 AM | Computer Name = ADMIN | Source = HTTP | ID = 15005
Description = Unable to bind to the underlying transport for 0.0.0.0:2869. The IP
Listen-Only list may contain a reference to an interface which may not exist on
this machine. The data field contains the error number.

Error - 21-12-2008 9:56:37 AM | Computer Name = ADMIN | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.


< End of report >


  • 0

#7
Jimmy2012
Posted 21 December 2008 - 11:39 AM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

Your OTViewIt.Txt got cutoff, please re-post it in your next reply. Only copy/paste the text below this line.

========== (O17) DNS Name Servers ==========
  • 0

#8
ace101
Posted 21 December 2008 - 11:46 AM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
oh yeah. sorry about that. The rest of it:
[quote name='OTViewIt.Txt']========== (O17) DNS Name Servers ==========

{0FFDEB40-37DF-44DE-94BC-4FBEFE089172} (Servers: | Description: 1394 Net Adapter)
{520B899B-F4CE-4E04-BD0D-0C17FE596736} (Servers: | Description: Sony Ericsson Device 616 USB Ethernet Emulation (NDIS 5))
{656B1367-F289-425A-8E80-5CF03C3192F0} (Servers: 85.255.112.11;85.255.112.93 | Description: )
{7C97D980-C813-42D6-A5C8-4AC6B9248F51} (Servers: 85.255.112.11;85.255.112.93 | Description: )
{88CB960A-5419-4539-B401-B9C1BED697BB} (Servers: 85.255.112.11;85.255.112.93 | Description: Broadcom NetXtreme 57xx Gigabit Controller)
{A8E285F7-DEFF-4DAF-AFCD-00558BCB37B2} (Servers: | Description: Sony Ericsson Device 0A1 USB Ethernet Emulation (NDIS 5))

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=wbsys.dll
>[2007-07-11 15:06:58 | 00,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\SYSTEM32\wbsys.dll

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\SYSTEM32\ati2evxx.dll (ATI Technologies Inc.)
LMIinit: "DllName" = LMIinit.dll -- File not found
MCPClient: "DllName" = C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll -- C:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
NavLogon: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found
WBSrv: "DllName" = C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock)

========== (O21) SSODL Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"0aMCPClient"={F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} (HKLM) -- C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT [SET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter | PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ]
[2006-05-26 17:17:31 | 00,000,145 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d8b5438-7dc3-11dd-8f07-00308d000000}\Shell\AutoRun\command]
""=G:\InstallTomTomHOME.exe -- File not found




[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{655b9aee-d39d-11d9-a96a-0090d0b47572}\Shell\AutoRun\command]
""=FlashDrive



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce201ed9-5bf3-11dd-8ed8-00308d000000}\Shell\AutoRun\command]
""=G:\InstallTomTomHOME.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell\AutoRun\command]
""=G:\RunMe.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Program Files\*.tmp files]
[2008-12-21 13:58:55 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe
[2008-12-21 01:05:48 | 00,000,000 | ---D | C] -- C:\rsit
[2008-12-21 01:05:33 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\RSIT.exe
[2008-12-20 12:58:33 | 00,019,374 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2008-12-20 12:51:56 | 00,037,832 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2008-12-20 12:51:56 | 00,033,928 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2008-12-20 12:51:56 | 00,031,752 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2008-12-20 12:51:55 | 00,162,504 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2008-12-20 12:51:55 | 00,084,744 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2008-12-20 12:51:51 | 00,104,024 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2008-12-20 12:51:50 | 00,001,808 | ---- | C] () -- C:\WINDOWS\System32\subst.inf
[2008-12-20 12:51:41 | 00,000,358 | -H-- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2008-12-20 12:51:41 | 00,000,270 | -H-- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2008-12-20 12:51:28 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2008-12-20 12:51:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2008-12-20 12:49:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg7
[2008-12-19 10:36:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Jinit Shah - Unit 10
[2008-12-17 15:40:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 10
[2008-12-15 18:15:27 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Agenda.doc
[2008-12-15 16:17:39 | 00,017,529 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth 2.docx
[2008-12-13 13:24:38 | 00,015,070 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth Â.docx
[2008-12-12 22:35:06 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\marks for unit 8.doc
[2008-12-12 16:13:58 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2008-12-12 15:53:39 | 00,000,000 | ---D | C] -- C:\ComboFix
[2008-12-12 15:52:10 | 02,872,923 | R--- | C] () -- C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe
[2008-12-12 15:50:15 | 29,422,344 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\setupeng.exe
[2008-12-11 22:04:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 10 old
[2008-12-11 20:51:14 | 00,695,808 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Presentation1.ppt
[2008-12-09 22:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 8
[2008-12-09 18:28:16 | 00,751,614 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Microsoft Word - Project Plan Log [2].pdf
[2008-12-09 10:36:25 | 73,581,9776 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\21[2008]DvDrip-aXXo.avi
[2008-12-07 11:25:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\My Documents\myphotobook
[2008-11-29 14:40:52 | 00,000,000 | ---D | C] -- C:\Program Files\iolo
[2008-11-27 23:14:37 | 00,062,464 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Project Definition.doc
[2008-11-27 23:08:15 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Minutes.doc
[2008-11-27 20:21:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\New Folder (3)
[2008-11-27 16:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\100JVCGR
[2008-11-26 23:11:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Adobe Premiere Pro Auto-Save
[2008-11-26 22:53:46 | 25,827,862 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 03.flv
[2008-11-26 22:46:07 | 28,124,120 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 01.flv
[2008-11-26 22:38:05 | 00,315,973 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled0.prproj
[2008-11-26 22:13:18 | 26,497,4834 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid 2.avi
[2008-11-26 22:10:45 | 00,362,777 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.prproj
[2008-11-26 22:10:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Encoded Files
[2008-11-26 22:10:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Adobe Premiere Pro Preview Files
[2008-11-26 21:57:42 | 00,003,319 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.xmp
[2008-11-26 21:57:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Untitled
[2008-11-26 21:56:46 | 13,305,553 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.ncor
[2008-11-26 21:52:02 | 00,976,444 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\CS4fix_Swift.on.ForumW.org(2).rar
[2008-11-26 21:26:32 | 10,028,9546 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.mpg
[2008-11-25 18:39:04 | 00,069,606 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\INFORPOINTTT.lbl
[2008-11-24 23:10:39 | 48,601,262 | ---- | C] ( ) -- C:\Documents and Settings\ADMIN\Desktop\Information Point .exe
[2008-11-24 22:06:58 | 00,132,020 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\jinit-co-uk-certificate.pdf
[2008-11-23 17:24:35 | 00,124,624 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\xml_slide_show_198.zip
[2008-11-23 17:20:09 | 00,849,225 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\flash_animation_with_xml_file_1407.zip
[2008-11-23 17:16:18 | 00,413,002 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\slide_gallery_beta_1524.zip
[2008-11-23 17:13:43 | 00,274,207 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\as_3.0_xml_slideshow_1576.zip
[2008-11-23 17:11:05 | 00,424,428 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_show_1792.zip
[2008-11-23 17:06:27 | 02,270,293 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_gallery_1826.zip
[2008-11-23 00:50:54 | 00,630,928 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.flv
[2008-11-23 00:46:10 | 00,229,549 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.mp4
[2008-11-23 00:13:23 | 34,274,128 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Video 3.avi
[2008-11-22 23:25:19 | 87,566,824 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Video 2.avi
[2008-11-22 23:19:40 | 00,957,779 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\plzz wrkk.mp4
[2008-11-22 23:16:16 | 00,352,478 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\PLZ WRK.flv
[2008-11-22 21:34:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2008-11-22 21:34:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2008-11-22 21:31:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2008-11-22 21:31:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008-11-22 21:29:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008-11-22 20:51:51 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2008-11-22 20:51:51 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2008-11-22 20:51:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2008-11-22 20:51:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2008-11-22 09:37:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\100MSDCF
[2008-11-22 09:36:14 | 00,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cwhnt.sys
[2008-11-22 09:36:14 | 00,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cwh.sys
[2008-11-22 09:36:13 | 00,061,600 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cbus.sys
[2008-11-21 17:03:34 | 00,348,160 | ---- | C] (DGP) -- C:\WINDOWS\System32\MEnc.ocx
[2008-11-21 17:03:34 | 00,348,160 | ---- | C] (DevPower Development Tools) -- C:\WINDOWS\System32\FlatBtn6.ocx
[2008-11-21 17:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\WAV to MP3 Encoder
[2008-11-21 14:08:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\New Folder (2)

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2008-12-21 13:58:58 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe
[2008-12-21 13:55:21 | 00,000,065 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2008-12-21 13:53:23 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2008-12-21 13:53:23 | 00,000,438 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2008-12-21 13:53:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008-12-21 13:53:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2008-12-21 13:53:12 | 32,192,96256 | -HS- | M] () -- C:\hiberfil.sys
[2008-12-21 01:22:58 | 00,032,088 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,032,088 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2008-12-21 01:22:58 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2008-12-21 01:22:58 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
[2008-12-21 01:22:58 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
[2008-12-21 01:22:38 | 00,019,374 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2008-12-20 16:36:53 | 00,000,580 | ---- | M] () -- C:\Documents and Settings\ADMIN\My Documents\My Sharing Folders.lnk
[2008-12-20 12:51:42 | 00,000,270 | -H-- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2008-12-20 12:51:41 | 00,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2008-12-20 12:47:49 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008-12-20 12:34:45 | 00,000,435 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2008-12-17 18:15:11 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\RSIT.exe
[2008-12-17 13:59:25 | 04,481,358 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000000-00001102-00000004-10031102}.CDF
[2008-12-17 13:59:25 | 04,481,358 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000000-00001102-00000004-10031102}.BAK
[2008-12-15 18:15:27 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Agenda.doc
[2008-12-15 17:51:24 | 00,017,529 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth 2.docx
[2008-12-14 00:29:17 | 00,015,070 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth Â.docx
[2008-12-12 22:35:08 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\marks for unit 8.doc
[2008-12-12 22:34:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-12 10:43:43 | 02,872,923 | R--- | M] () -- C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe
[2008-12-12 04:23:03 | 29,422,344 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\setupeng.exe
[2008-12-11 20:51:26 | 00,695,808 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Presentation1.ppt
[2008-12-11 15:40:43 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008-12-10 10:52:51 | 00,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008-12-10 10:52:49 | 00,219,648 | ---- | M] () -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-09 18:28:19 | 00,751,614 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Microsoft Word - Project Plan Log [2].pdf
[2008-12-01 23:16:29 | 00,200,704 | -HS- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\ADMIN\Desktop\Thumbs.db:encryptable
[2008-12-01 18:17:16 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2008-11-29 23:50:05 | 00,249,848 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\backgorund.jpg
[2008-11-29 16:01:54 | 00,110,736 | ---- | M] () -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008-11-29 15:57:51 | 02,412,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-11-27 23:14:37 | 00,062,464 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Project Definition.doc
[2008-11-27 23:08:15 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Minutes.doc
[2008-11-27 21:02:40 | 00,069,606 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\INFORPOINTTT.lbl
[2008-11-26 23:31:26 | 48,601,262 | ---- | M] ( ) -- C:\Documents and Settings\ADMIN\Desktop\Information Point .exe
[2008-11-26 23:15:01 | 00,362,777 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.prproj
[2008-11-26 23:10:39 | 25,827,862 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 03.flv
[2008-11-26 22:51:48 | 28,124,120 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 01.flv
[2008-11-26 22:38:51 | 00,315,973 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled0.prproj
[2008-11-26 22:15:11 | 26,497,4834 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid 2.avi
[2008-11-26 21:57:42 | 00,003,319 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.xmp
[2008-11-26 21:57:01 | 13,305,553 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.ncor
[2008-11-26 21:52:36 | 00,976,444 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\CS4fix_Swift.on.ForumW.org(2).rar
[2008-11-26 21:30:06 | 10,028,9546 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.mpg
[2008-11-26 21:26:31 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2008-11-24 23:21:06 | 00,935,776 | ---- | M] () -- C:\WINDOWS\System32\Incinerator.dll
[2008-11-24 22:06:59 | 00,132,020 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\jinit-co-uk-certificate.pdf
[2008-11-23 21:09:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2008-11-23 21:08:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2008-11-23 17:24:36 | 00,124,624 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\xml_slide_show_198.zip
[2008-11-23 17:20:16 | 00,849,225 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\flash_animation_with_xml_file_1407.zip
[2008-11-23 17:16:18 | 00,413,002 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\slide_gallery_beta_1524.zip
[2008-11-23 17:13:43 | 00,274,207 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\as_3.0_xml_slideshow_1576.zip
[2008-11-23 17:11:05 | 00,424,428 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_show_1792.zip
[2008-11-23 17:06:33 | 02,270,293 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_gallery_1826.zip
[2008-11-23 00:52:47 | 00,630,928 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.flv
[2008-11-23 00:48:50 | 00,229,549 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.mp4
[2008-11-23 00:28:44 | 34,274,128 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Video 3.avi
[2008-11-22 23:34:23 | 87,566,824 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Video 2.avi
[2008-11-22 23:21:40 | 00,957,779 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\plzz wrkk.mp4
[2008-11-22 23:17:02 | 00,352,478 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\PLZ WRK.flv
[2008-11-22 21:09:54 | 00,001,754 | ---- | M] () -- C:\WINDOWS\WIN.INI
< End of report >OTViewIt logfile created on: 21-12-2008 1:59:37 PM - Run
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\ADMIN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.82 Gb Available in Paging File | 95.53% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.24 Gb Total Space | 60.41 Gb Free Space | 26.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2005-05-10 12:31:22 | 00,241,664 | ---- | M] (Stardock) -- C:\Program Files\Common Files\Stardock\SDMCP.exe
[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
[2005-02-16 17:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[2005-07-22 19:03:00 | 00,425,984 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
[2004-03-18 08:33:26 | 00,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
[2008-10-01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2007-01-31 20:11:41 | 00,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
[2006-08-28 12:36:22 | 00,071,216 | ---- | M] () -- C:\Program Files\McAfee\MSC\mclogcln.exe
[2008-09-02 22:58:27 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[2007-03-06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
[2007-08-21 10:00:20 | 00,057,344 | ---- | M] (Cepstral, LLC) -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
[1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
[2007-10-16 20:04:12 | 01,094,936 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[2006-10-18 18:16:44 | 00,177,720 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
[2004-06-29 11:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
[2008-10-28 23:18:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008-02-27 17:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
[2008-05-28 11:32:34 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
[2008-02-28 14:31:50 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
[2008-05-28 11:32:30 | 00,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
[2006-07-19 16:48:46 | 00,554,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
[2006-08-18 19:35:58 | 00,175,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mclogsrv.exe
[2006-08-18 19:36:06 | 00,669,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcupdmgr.exe
[2006-08-28 11:09:34 | 02,131,496 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2006-08-14 19:50:32 | 00,345,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
[2006-08-18 19:35:26 | 00,470,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcpromgr.exe
[2006-07-16 16:22:06 | 00,231,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
[2006-08-14 16:24:08 | 00,140,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2006-08-14 19:48:28 | 00,622,160 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2006-08-18 19:35:42 | 00,187,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mctskshd.exe
[2006-08-18 19:35:50 | 00,300,656 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcusrmgr.exe
[2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2006-08-24 01:58:02 | 00,804,392 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
[2008-04-17 18:13:44 | 05,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
[2007-08-08 08:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
[2006-11-02 20:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe
[2000-06-26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
[2006-08-18 19:35:00 | 00,558,704 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
[2008-10-16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\wuauclt.exe
[2005-06-21 20:19:38 | 00,491,520 | ---- | M] () -- C:\WINDOWS\SYSTEM32\dlcccoms.exe
[2008-04-14 00:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
[2008-12-21 13:58:58 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006-12-15 18:34:52 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2008-08-15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4 [On_Demand | Stopped])
[2008-10-01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007-10-24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2005-10-29 03:06:24 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2005-10-28 21:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2007-01-31 20:11:41 | 00,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
[2001-09-10 19:08:50 | 00,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE -- (C-DillaSrv [Disabled | Stopped])
[2007-03-06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
[2007-08-21 10:00:20 | 00,057,344 | ---- | M] (Cepstral, LLC) -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe -- (Cepstral License Server [Auto | Running])
[2007-10-24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (CLTNetCnService [Disabled | Stopped])
[1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[2007-10-16 20:04:12 | 01,094,936 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running])
[2005-06-21 20:19:38 | 00,491,520 | ---- | M] () -- C:\WINDOWS\SYSTEM32\dlcccoms.exe -- (dlcc_device [On_Demand | Running])
[2006-10-18 18:16:44 | 00,177,720 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi [Auto | Stop_Pending])
[2006-08-14 16:52:32 | 00,337,488 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy [On_Demand | Stopped])
[2008-10-18 15:30:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2007-01-30 20:52:07 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2004-06-29 11:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon [Auto | Running])
[2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Running])
[2008-11-24 18:29:36 | 00,595,824 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Running])
[2008-10-01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
[2008-10-28 23:18:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008-02-27 17:56:54 | 03,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe -- (KService [Auto | Running])
[2007-01-31 20:11:41 | 02,975,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
[2008-05-28 11:32:34 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint [Auto | Running])
[2008-02-28 14:31:50 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn [Auto | Running])
[2006-07-19 16:48:46 | 00,554,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service [Auto | Running])
File not found -- -- (McAfeeFramework [Auto | Stopped])
[2006-08-18 19:35:58 | 00,175,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mclogsrv.exe -- (McLogManagerService [Auto | Running])
[2006-08-18 19:36:06 | 00,669,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcupdmgr.exe -- (mcmispupdmgr [Auto | Running])
[2006-08-28 11:09:34 | 02,131,496 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2006-08-14 19:50:32 | 00,345,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [Auto | Running])
[2006-08-18 19:35:26 | 00,470,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcpromgr.exe -- (mcpromgr [Auto | Running])
[2006-07-16 16:22:06 | 00,231,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector [Auto | Running])
[2006-08-14 16:24:08 | 00,140,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2006-08-14 19:48:28 | 00,622,160 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [Auto | Running])
[2006-08-18 19:35:42 | 00,187,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mctskshd.exe -- (mctskshd.exe [Auto | Running])
[2006-08-18 19:35:50 | 00,300,656 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcusrmgr.exe -- (mcusrmgr [Auto | Running])
[2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2007-08-24 05:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
[2006-08-24 01:58:02 | 00,804,392 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2002-12-17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [On_Demand | Stopped])
[2002-12-17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
[2008-04-17 18:13:44 | 05,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL [Auto | Running])
[2007-08-08 08:25:08 | 00,836,904 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
[2007-08-03 11:51:18 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
[2007-08-24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006-11-02 20:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe -- (ProtexisLicensing [Auto | Running])
[2006-11-06 14:21:10 | 00,210,432 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
[2002-12-17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
[2008-07-22 16:59:42 | 00,794,624 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [On_Demand | Stopped])
[2007-03-03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Disabled | Stopped])
[2007-10-18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007-10-25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2000-06-26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe -- (WMDM PMSP Service [Auto | Running])
[2006-10-18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services ==========

[2005-09-02 13:43:54 | 00,827,008 | R--- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Running])
[2008-04-13 18:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
[2005-03-15 11:00:00 | 00,277,504 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\SYSTEM32\DRIVERS\SAA713x.sys -- (713xTVCard [Auto | Stopped])
[2003-12-08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
[2004-08-07 17:15:47 | 00,070,688 | R--- | M] (THOMSON) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
[2001-08-17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde [Boot | Stopped])
[2008-04-13 18:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp [Boot | Stopped])
[2004-03-10 14:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\asapiW2k.sys -- (ASAPIW2k [On_Demand | Running])
[2001-08-17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc [Boot | Stopped])
[2001-08-17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550 [Boot | Stopped])
[2007-02-06 14:01:48 | 00,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32 [System | Running])
[2005-10-29 03:12:31 | 01,391,104 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2008-04-13 18:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
[2005-09-20 12:47:00 | 00,041,600 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\avera800.sys -- (avera800 [On_Demand | Stopped])
[2004-05-29 17:41:54 | 00,186,112 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
[2007-05-26 10:22:35 | 00,163,712 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\vidstub.sys -- (BootScreen [Boot | Running])
[2001-11-06 14:20:00 | 00,265,512 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\BT848.sys -- (BT848 [Auto | Stopped])
[2006-11-01 17:45:14 | 00,219,264 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\SYSTEM32\DRIVERS\BTCamDrv.sys -- (BTCAMDRV [On_Demand | Stopped])
[2001-03-07 18:30:00 | 00,018,944 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\bttuner.sys -- (BTTUNER [Auto | Stopped])
[1999-07-21 17:28:00 | 00,013,308 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\btxbar.sys -- (BTXBAR [Auto | Stopped])
[2001-09-10 19:09:46 | 00,057,392 | ---- | M] (Macrovision) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANT.SYS -- (C-Dilla [On_Demand | Stopped])
[2005-03-03 17:11:20 | 00,008,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA [On_Demand | Stopped])
[2007-12-10 02:00:00 | 00,009,072 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
[2007-12-10 02:00:00 | 00,009,200 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
[2004-03-08 11:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
[2008-04-21 12:38:14 | 00,241,280 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp [System | Running])
[2001-08-17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde [Boot | Stopped])
[2006-10-30 11:32:22 | 00,835,568 | ---- | M] (Authentium, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Css-Dvp.sys -- (CSS DVP [Auto | Running])
[2003-02-20 16:22:38 | 00,135,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k [On_Demand | Running])
[2003-03-26 15:33:58 | 00,498,688 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
[2003-03-27 10:58:56 | 00,287,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])
[2003-02-20 16:24:18 | 00,006,144 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
[2003-02-20 16:24:34 | 00,135,248 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
[2001-08-17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k [Boot | Stopped])
[2005-04-22 03:22:00 | 00,088,352 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys -- (drvmcdb [Boot | Running])
[2005-04-21 02:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm [Auto | Running])
[2008-04-21 12:38:14 | 00,025,930 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K [On_Demand | Running])
[2001-08-17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS -- (E100B [On_Demand | Stopped])
[2006-11-25 09:00:00 | 00,387,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
[2003-02-20 16:24:46 | 00,116,000 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia [On_Demand | Running])
[2008-04-17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[1996-04-03 19:33:26 | 00,005,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\giveio.sys -- (giveio [Boot | Running])
[2003-03-26 15:31:40 | 00,823,616 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
[2003-03-26 15:32:02 | 00,141,536 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\hap16v2k.sys -- (hap16v2k [On_Demand | Running])
[2001-06-01 11:19:46 | 00,019,008 | ---- | M] (Nokia Mobile Phones Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\hdr1usb.sys -- (HDR1USB [On_Demand | Stopped])
[2004-06-29 11:17:16 | 00,477,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS -- (iaStor [Boot | Running])
[2004-03-05 22:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51 [On_Demand | Running])
[2004-03-05 22:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52 [On_Demand | Running])
[2004-06-15 22:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53 [On_Demand | Running])
[2006-03-13 18:35:12 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped])
[2006-03-13 18:35:18 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped])
[2006-03-13 18:35:20 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped])
[2006-03-13 18:35:26 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped])
[2006-03-13 18:35:28 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\k750obex.sys -- (k750obex [On_Demand | Stopped])
[2008-04-13 18:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid [System | Running])
[2004-03-03 08:50:00 | 00,014,095 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LCcfltr.sys -- (LCcfltr [On_Demand | Running])
[2004-03-03 08:50:00 | 00,037,887 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsb.sys -- (LHidUsb [On_Demand | Running])
[2005-03-09 20:50:16 | 00,033,792 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\libusb0.sys -- (libusb0 [On_Demand | Stopped])
[2008-02-28 14:31:52 | 00,012,856 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo [Auto | Running])
[2008-02-28 14:31:08 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMImirr.sys -- (LMImirr [On_Demand | Stopped])
[2008-05-28 11:33:14 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP [Disabled | Stopped])
[2008-03-07 12:39:50 | 00,045,848 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver [Auto | Running])
[2008-11-23 21:09:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs -- (LVUVC [On_Demand | Stopped])
[2005-06-02 19:28:38 | 00,171,008 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
[2006-07-08 15:46:16 | 00,084,744 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2006-08-14 16:25:30 | 00,033,928 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2006-08-14 16:25:48 | 00,162,504 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfehidk.sys -- (mfehidk [On_Demand | Running])
[2006-08-14 16:25:56 | 00,031,752 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
[2006-08-14 16:26:04 | 00,037,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2008-04-21 12:38:14 | 00,030,662 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K [On_Demand | Stopped])
[2001-08-17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2004-03-05 22:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt [On_Demand | Running])
[2008-04-13 18:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mpe.sys -- (MPE [On_Demand | Stopped])
[2006-07-17 21:56:26 | 00,104,024 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys -- (MPFP [System | Running])
[2001-08-17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x [Boot | Stopped])
[2008-04-13 18:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
[2008-11-16 19:14:18 | 00,027,904 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisprot.sys -- (Ndisprot [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,009,216 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdc.sys -- (Nokia USB Generic [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,012,800 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcm.sys -- (Nokia USB Modem [On_Demand | Stopped])
[2006-10-10 08:54:34 | 00,138,240 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcd.sys -- (Nokia USB Phone Parent [On_Demand | Stopped])
[2006-10-10 08:54:32 | 00,012,800 | ---- | M] (Nokia) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcj.sys -- (Nokia USB Port [On_Demand | Stopped])
[2004-08-03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv [On_Demand | Stopped])
[2002-11-08 13:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci [System | Running])
[2003-03-26 15:32:32 | 00,189,504 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv [On_Demand | Running])
[2004-07-16 15:47:14 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI [System | Running])
[2007-04-16 23:31:48 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\SYSTEM32\DRIVERS\pcouffin.sys -- (pcouffin [On_Demand | Running])
[2004-04-05 16:10:10 | 00,009,340 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\SYSTEM32\DRIVERS\pctvnet.sys -- (pctvnet [On_Demand | Running])
[2003-03-06 09:10:34 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -- (PfModNT [Auto | Running])
[2004-08-04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink [On_Demand | Running])
[2008-04-21 12:38:14 | 00,144,250 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2K [System | Running])
[2008-02-06 02:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001-08-17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080 [Boot | Stopped])
[2001-08-17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160 [Boot | Stopped])
[2001-08-17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280 [Boot | Stopped])
[2007-04-03 13:59:30 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616bus.sys -- (s616bus [On_Demand | Stopped])
[2007-04-03 13:59:36 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mdfl.sys -- (s616mdfl [On_Demand | Stopped])
[2007-04-03 13:59:38 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mdm.sys -- (s616mdm [On_Demand | Stopped])
[2007-04-03 13:59:40 | 00,100,360 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616mgmt.sys -- (s616mgmt [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616nd5.sys -- (s616nd5 [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616obex.sys -- (s616obex [On_Demand | Stopped])
[2007-04-03 13:59:42 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\s616unic.sys -- (s616unic [On_Demand | Stopped])
[2006-03-18 02:24:59 | 00,026,844 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
[2006-11-10 10:54:10 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\SE2Cbus.sys -- (SE2Cbus [On_Demand | Stopped])
[2007-02-08 13:55:40 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1bus.sys -- (sea1bus [On_Demand | Stopped])
[2007-02-08 13:55:50 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mdfl.sys -- (sea1mdfl [On_Demand | Stopped])
[2007-02-08 13:55:52 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mdm.sys -- (sea1mdm [On_Demand | Stopped])
[2007-02-08 13:56:00 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1mgmt.sys -- (sea1mgmt [On_Demand | Stopped])
[2007-02-08 13:56:02 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1nd5.sys -- (sea1nd5 [On_Demand | Stopped])
[2007-02-08 13:56:06 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1obex.sys -- (sea1obex [On_Demand | Stopped])
[2007-02-08 13:56:20 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\sea1unic.sys -- (sea1unic [On_Demand | Stopped])
[2007-11-13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
[2008-04-13 18:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp [Boot | Stopped])
[2001-08-17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2001-08-17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow [Boot | Stopped])
[2006-09-24 13:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\SYSTEM32\speedfan.sys -- (speedfan [Boot | Running])
[2008-07-10 16:07:34 | 00,717,296 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys -- (sptd [Boot | Running])
[2005-05-13 10:37:28 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WIND
  • 0

#9
ace101
Posted 21 December 2008 - 11:49 AM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

717,296 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys -- (sptd [Boot | Running])
[2005-05-13 10:37:28 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5 [System | Running])
[2005-05-13 10:37:20 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln [System | Running])
[2005-01-24 15:38:00 | 00,052,384 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])
[2005-01-24 15:38:04 | 00,006,064 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])
[2005-01-24 15:38:04 | 00,084,512 | ---- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])
[2001-08-17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810 [Boot | Stopped])
[2001-08-17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx [Boot | Stopped])
[2001-08-17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi [Boot | Stopped])
[2001-08-17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3 [Boot | Stopped])
[2005-05-31 05:33:00 | 00,025,725 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
[2005-05-31 05:33:00 | 00,034,845 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
[2005-05-31 05:33:00 | 00,004,125 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
[2005-05-31 05:33:00 | 00,002,241 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
[2005-05-31 05:33:00 | 00,086,876 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
[2005-05-31 05:33:00 | 00,015,069 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
[2005-05-31 05:33:00 | 00,006,365 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
[2005-05-31 05:33:00 | 00,098,716 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
[2005-05-31 05:33:00 | 00,100,605 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
[2007-12-04 15:44:00 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\SYSTEM32\DRIVERS\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped])
[2004-03-28 18:50:22 | 00,052,352 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xbus.sys -- (U81xbus [On_Demand | Stopped])
[2004-03-28 18:51:38 | 00,006,064 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmdfl.sys -- (U81xmdfl [On_Demand | Stopped])
[2004-03-28 18:51:42 | 00,084,480 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmdm.sys -- (U81xmdm [On_Demand | Stopped])
[2004-03-28 18:52:38 | 00,077,472 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xmgmt.sys -- (U81xmgmt [On_Demand | Stopped])
[2004-03-28 18:53:30 | 00,075,456 | R--- | M] (MCCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\U81xobex.sys -- (U81xobex [On_Demand | Stopped])
[2008-04-21 12:38:14 | 00,206,464 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (Udfreadr_xp [System | Running])
[2001-08-17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra [Boot | Stopped])
[2001-08-17 12:58:12 | 00,022,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\umaxpcls.sys -- (UMAXPCLS [Auto | Stopped])
[2008-04-13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
[2008-04-13 18:46:20 | 00,121,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbvideo.sys -- (usbvideo [On_Demand | Stopped])
[2004-08-04 05:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS -- (WS2IFSL [System | Running])
[2005-11-30 11:50:14 | 00,392,316 | ---- | M] (Vimicro Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbVM305.sys -- (ZSMC0305 [On_Demand | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://www.msn.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.skybroadband.com
"Page_Transitions"=
"Search Page"=http://www.google.com
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Start Page"=http://www.msn.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = local.,;*.local

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{074C1DC5-9320-4A9A-947D-C042949C6216} (HKLM) -- C:\Program Files\Adobe [2008-10-18 16:24:09 | 00,000,000 | ---D | M]
{5CA3D70E-1895-11CF-8E15-001234567890} (HKLM) -- C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (HKLM) -- c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" (HKLM) -- C:\Program Files\Adobe [2008-10-18 16:24:09 | 00,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{D0943516-5076-4020-A3B5-AEFAF26AB263}" (HKLM) -- C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL (Microsoft Corporation)
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
"C:\WINDOWS\system32\kdotf.exe"=C:\WINDOWS\system32\kdotf.exe File not found
"DLCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 ()
"dlccmon.exe"="C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" (Dell)
"IAAnotif"=C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe (Intel Corporation)
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start (InstallShield Software Corporation)
"McLogLch_exe"=C:\Program Files\McAfee\MSC\McLogLch.exe ()
"NI.GSCNS"="C:\DOCUME~1\ADMIN~1\LOCALS~1\Temp\winvsnet.tmp" File not found
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gadcom"="C:\Documents and Settings\ADMIN\Application Data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139 File not found
"Google Update"="C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)

========== (O4) RunServices Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft32"=win32sys.exe File not found

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_CURRENT_USER\Software\policies\microsoft\internet explorer\Control Panel]
"Colors"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=223

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableRegistryTools"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2008-07-30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08E730A4-FB02-45BD-A900-01E4AD8016F6}: Button: Sky -- File not found
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blog This -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blog This in Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007-12-13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007-12-13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] -> [Sky] -> File not found
CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> [Reg Error: Value MenuText does not exist or could not be read.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 00:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.micro...d...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
amaena.com: * in Trusted sites
antimalwareguard.com: * in Trusted sites
antispyexpert.com: * in Trusted sites
avsystemcare.com: * in Trusted sites
gomyhit.com: * in Trusted sites
imageservr.com: * in Trusted sites
imagesrvr.com: * in Trusted sites
onerateld.com: * in Trusted sites
safetydownload.com: * in Trusted sites
spyguardpro.com: * in Trusted sites
storageguardsoft.com: * in Trusted sites
trustedantivirus.com: * in Trusted sites
virusremover2008.com: * in Trusted sites
virusschlacht.com: * in Trusted sites
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
amaena.com: * in Trusted sites
antimalwareguard.com: * in Trusted sites
antispyexpert.com: * in Trusted sites
avsystemcare.com: * in Trusted sites
gomyhit.com: * in Trusted sites
imageservr.com: * in Trusted sites
imagesrvr.com: * in Trusted sites
onerateld.com: * in Trusted sites
safetydownload.com: * in Trusted sites
spyguardpro.com: * in Trusted sites
storageguardsoft.com: * in Trusted sites
trustedantivirus.com: * in Trusted sites
virusremover2008.com: * in Trusted sites
virusschlacht.com: * in Trusted sites

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{00B71CFB-6864-4346-A978-C0A14556272C}: http://messenger.zon...kr.cab31267.cab -- Reg Error: Key does not exist or could not be opened.
{01A88BB1-1174-41EC-ACCB-963509EAE56B}: http://support.euro....iler/SysPro.CAB -- SysProWmi Class
{08829741-43FC-4ADB-90E2-9F980695253B}: http://www.hadleyhea...rsion_Check.ocx -- Data_Version_Check.RegProcs
{14B87622-7E19-4EA8-93B3-97215F77A6BC}: http://messenger.zon...nt.cab31267.cab -- MessengerStatsClient Class
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macr...director/sw.cab -- Shockwave ActiveX Control
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft....k/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{20A60F0D-9AFA-4515-A0FD-83BD84642501}: http://messenger.zon...kr.cab56986.cab -- Checkers Class
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B}: http://dlmanager.aka...vex-2.0.5.1.cab -- DownloadManager Control
{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}: http://dl.tvunetworks.com/TVUAx.cab -- CTVUAxCtrl Object
{406B5949-7190-4245-91A9-30A17DE16AD0}: http://www1.snapfish...shUKActivia.cab -- Reg Error: Key does not exist or could not be opened.
{4A85DBE0-BFB2-4119-8401-186A7C6EB653}: http://messenger.zon...SS.cab69309.cab --
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}: http://download.mcaf...01/mcinsctl.cab -- Reg Error: Key does not exist or could not be opened.
{5C051655-FCD5-4969-9182-770EA5AA5565}: http://messenger.zon...wn.cab56986.cab -- Solitaire Showdown Class
{5D6F45B3-9043-443D-A792-115447494D24}: http://messenger.zon...1/GAME_UNO1.cab -- UnoCtrl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}: http://messenger.zon...nt.cab31267.cab -- Reg Error: Key does not exist or could not be opened.
{A90A5822-F108-45AD-8482-9BC8B12DD539}: http://www.crucial.c.../cpcScanner.cab -- Crucial cpcScan
{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zon...ro.cab56649.cab -- MSN Games - Installer
{BD8667B7-38D8-4C77-B580-18C3E146372C}: http://bmm.imgag.com.../crusher-uk.cab -- Creative Toolbox Plug-in
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zon...nt.cab56907.cab -- MessengerStatsClient Class
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_06
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_10
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macr...ash/swflash.cab -- Shockwave Flash Object
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}: http://messenger.zon...er.cab56986.cab -- Minesweeper Flags Class

========== (O17) DNS Name Servers ==========

{0FFDEB40-37DF-44DE-94BC-4FBEFE089172} (Servers: | Description: 1394 Net Adapter)
{520B899B-F4CE-4E04-BD0D-0C17FE596736} (Servers: | Description: Sony Ericsson Device 616 USB Ethernet Emulation (NDIS 5))
{656B1367-F289-425A-8E80-5CF03C3192F0} (Servers: 85.255.112.11;85.255.112.93 | Description: )
{7C97D980-C813-42D6-A5C8-4AC6B9248F51} (Servers: 85.255.112.11;85.255.112.93 | Description: )
{88CB960A-5419-4539-B401-B9C1BED697BB} (Servers: 85.255.112.11;85.255.112.93 | Description: Broadcom NetXtreme 57xx Gigabit Controller)
{A8E285F7-DEFF-4DAF-AFCD-00558BCB37B2} (Servers: | Description: Sony Ericsson Device 0A1 USB Ethernet Emulation (NDIS 5))

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=wbsys.dll
>[2007-07-11 15:06:58 | 00,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\SYSTEM32\wbsys.dll

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\SYSTEM32\ati2evxx.dll (ATI Technologies Inc.)
LMIinit: "DllName" = LMIinit.dll -- File not found
MCPClient: "DllName" = C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll -- C:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
NavLogon: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found
WBSrv: "DllName" = C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock)

========== (O21) SSODL Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"0aMCPClient"={F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} (HKLM) -- C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT [SET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter | PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ]
[2006-05-26 17:17:31 | 00,000,145 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d8b5438-7dc3-11dd-8f07-00308d000000}\Shell\AutoRun\command]
""=G:\InstallTomTomHOME.exe -- File not found




[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{655b9aee-d39d-11d9-a96a-0090d0b47572}\Shell\AutoRun\command]
""=FlashDrive



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce201ed9-5bf3-11dd-8ed8-00308d000000}\Shell\AutoRun\command]
""=G:\InstallTomTomHOME.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}\Shell\AutoRun\command]
""=G:\RunMe.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Program Files\*.tmp files]
[2008-12-21 13:58:55 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe
[2008-12-21 01:05:48 | 00,000,000 | ---D | C] -- C:\rsit
[2008-12-21 01:05:33 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\RSIT.exe
[2008-12-20 12:58:33 | 00,019,374 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2008-12-20 12:51:56 | 00,037,832 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2008-12-20 12:51:56 | 00,033,928 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2008-12-20 12:51:56 | 00,031,752 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2008-12-20 12:51:55 | 00,162,504 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2008-12-20 12:51:55 | 00,084,744 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2008-12-20 12:51:51 | 00,104,024 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2008-12-20 12:51:50 | 00,001,808 | ---- | C] () -- C:\WINDOWS\System32\subst.inf
[2008-12-20 12:51:41 | 00,000,358 | -H-- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2008-12-20 12:51:41 | 00,000,270 | -H-- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2008-12-20 12:51:28 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2008-12-20 12:51:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2008-12-20 12:49:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg7
[2008-12-19 10:36:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Jinit Shah - Unit 10
[2008-12-17 15:40:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 10
[2008-12-15 18:15:27 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Agenda.doc
[2008-12-15 16:17:39 | 00,017,529 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth 2.docx
[2008-12-13 13:24:38 | 00,015,070 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth Â.docx
[2008-12-12 22:35:06 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\marks for unit 8.doc
[2008-12-12 16:13:58 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2008-12-12 15:53:39 | 00,000,000 | ---D | C] -- C:\ComboFix
[2008-12-12 15:52:10 | 02,872,923 | R--- | C] () -- C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe
[2008-12-12 15:50:15 | 29,422,344 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\setupeng.exe
[2008-12-11 22:04:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 10 old
[2008-12-11 20:51:14 | 00,695,808 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Presentation1.ppt
[2008-12-09 22:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Unit 8
[2008-12-09 18:28:16 | 00,751,614 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Microsoft Word - Project Plan Log [2].pdf
[2008-12-09 10:36:25 | 73,581,9776 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\21[2008]DvDrip-aXXo.avi
[2008-12-07 11:25:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\My Documents\myphotobook
[2008-11-29 14:40:52 | 00,000,000 | ---D | C] -- C:\Program Files\iolo
[2008-11-27 23:14:37 | 00,062,464 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Project Definition.doc
[2008-11-27 23:08:15 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Minutes.doc
[2008-11-27 20:21:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\New Folder (3)
[2008-11-27 16:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\100JVCGR
[2008-11-26 23:11:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Adobe Premiere Pro Auto-Save
[2008-11-26 22:53:46 | 25,827,862 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 03.flv
[2008-11-26 22:46:07 | 28,124,120 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 01.flv
[2008-11-26 22:38:05 | 00,315,973 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled0.prproj
[2008-11-26 22:13:18 | 26,497,4834 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid 2.avi
[2008-11-26 22:10:45 | 00,362,777 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.prproj
[2008-11-26 22:10:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Encoded Files
[2008-11-26 22:10:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Adobe Premiere Pro Preview Files
[2008-11-26 21:57:42 | 00,003,319 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.xmp
[2008-11-26 21:57:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\Untitled
[2008-11-26 21:56:46 | 13,305,553 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.ncor
[2008-11-26 21:52:02 | 00,976,444 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\CS4fix_Swift.on.ForumW.org(2).rar
[2008-11-26 21:26:32 | 10,028,9546 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.mpg
[2008-11-25 18:39:04 | 00,069,606 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\INFORPOINTTT.lbl
[2008-11-24 23:10:39 | 48,601,262 | ---- | C] ( ) -- C:\Documents and Settings\ADMIN\Desktop\Information Point .exe
[2008-11-24 22:06:58 | 00,132,020 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\jinit-co-uk-certificate.pdf
[2008-11-23 17:24:35 | 00,124,624 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\xml_slide_show_198.zip
[2008-11-23 17:20:09 | 00,849,225 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\flash_animation_with_xml_file_1407.zip
[2008-11-23 17:16:18 | 00,413,002 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\slide_gallery_beta_1524.zip
[2008-11-23 17:13:43 | 00,274,207 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\as_3.0_xml_slideshow_1576.zip
[2008-11-23 17:11:05 | 00,424,428 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_show_1792.zip
[2008-11-23 17:06:27 | 02,270,293 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_gallery_1826.zip
[2008-11-23 00:50:54 | 00,630,928 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.flv
[2008-11-23 00:46:10 | 00,229,549 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.mp4
[2008-11-23 00:13:23 | 34,274,128 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Video 3.avi
[2008-11-22 23:25:19 | 87,566,824 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\Video 2.avi
[2008-11-22 23:19:40 | 00,957,779 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\plzz wrkk.mp4
[2008-11-22 23:16:16 | 00,352,478 | ---- | C] () -- C:\Documents and Settings\ADMIN\Desktop\PLZ WRK.flv
[2008-11-22 21:34:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2008-11-22 21:34:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2008-11-22 21:31:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2008-11-22 21:31:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008-11-22 21:29:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008-11-22 20:51:51 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2008-11-22 20:51:51 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2008-11-22 20:51:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2008-11-22 20:51:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2008-11-22 09:37:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\100MSDCF
[2008-11-22 09:36:14 | 00,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cwhnt.sys
[2008-11-22 09:36:14 | 00,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cwh.sys
[2008-11-22 09:36:13 | 00,061,600 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Cbus.sys
[2008-11-21 17:03:34 | 00,348,160 | ---- | C] (DGP) -- C:\WINDOWS\System32\MEnc.ocx
[2008-11-21 17:03:34 | 00,348,160 | ---- | C] (DevPower Development Tools) -- C:\WINDOWS\System32\FlatBtn6.ocx
[2008-11-21 17:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\WAV to MP3 Encoder
[2008-11-21 14:08:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Desktop\New Folder (2)

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2008-12-21 13:58:58 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Desktop\OTViewIt.exe
[2008-12-21 13:55:21 | 00,000,065 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2008-12-21 13:53:23 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2008-12-21 13:53:23 | 00,000,438 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2008-12-21 13:53:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008-12-21 13:53:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2008-12-21 13:53:12 | 32,192,96256 | -HS- | M] () -- C:\hiberfil.sys
[2008-12-21 01:22:58 | 00,032,088 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,032,088 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,031,440 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000000-00001102-00000004-10031102}.rfx
[2008-12-21 01:22:58 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2008-12-21 01:22:58 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2008-12-21 01:22:58 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
[2008-12-21 01:22:58 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
[2008-12-21 01:22:38 | 00,019,374 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2008-12-20 16:36:53 | 00,000,580 | ---- | M] () -- C:\Documents and Settings\ADMIN\My Documents\My Sharing Folders.lnk
[2008-12-20 12:51:42 | 00,000,270 | -H-- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2008-12-20 12:51:41 | 00,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2008-12-20 12:47:49 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008-12-20 12:34:45 | 00,000,435 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2008-12-17 18:15:11 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\RSIT.exe
[2008-12-17 13:59:25 | 04,481,358 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000000-00001102-00000004-10031102}.CDF
[2008-12-17 13:59:25 | 04,481,358 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000000-00001102-00000004-10031102}.BAK
[2008-12-15 18:15:27 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Agenda.doc
[2008-12-15 17:51:24 | 00,017,529 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth 2.docx
[2008-12-14 00:29:17 | 00,015,070 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\You recieved a free Amazon voucher worth Â.docx
[2008-12-12 22:35:08 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\marks for unit 8.doc
[2008-12-12 22:34:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-12 10:43:43 | 02,872,923 | R--- | M] () -- C:\Documents and Settings\ADMIN\Desktop\ComboFix.exe
[2008-12-12 04:23:03 | 29,422,344 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\setupeng.exe
[2008-12-11 20:51:26 | 00,695,808 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Presentation1.ppt
[2008-12-11 15:40:43 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008-12-10 10:52:51 | 00,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008-12-10 10:52:49 | 00,219,648 | ---- | M] () -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-09 18:28:19 | 00,751,614 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Microsoft Word - Project Plan Log [2].pdf
[2008-12-01 23:16:29 | 00,200,704 | -HS- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\ADMIN\Desktop\Thumbs.db:encryptable
[2008-12-01 18:17:16 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2008-11-29 23:50:05 | 00,249,848 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\backgorund.jpg
[2008-11-29 16:01:54 | 00,110,736 | ---- | M] () -- C:\Documents and Settings\ADMIN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008-11-29 15:57:51 | 02,412,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-11-27 23:14:37 | 00,062,464 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Project Definition.doc
[2008-11-27 23:08:15 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Minutes.doc
[2008-11-27 21:02:40 | 00,069,606 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\INFORPOINTTT.lbl
[2008-11-26 23:31:26 | 48,601,262 | ---- | M] ( ) -- C:\Documents and Settings\ADMIN\Desktop\Information Point .exe
[2008-11-26 23:15:01 | 00,362,777 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.prproj
[2008-11-26 23:10:39 | 25,827,862 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 03.flv
[2008-11-26 22:51:48 | 28,124,120 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Sequence 01.flv
[2008-11-26 22:38:51 | 00,315,973 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled0.prproj
[2008-11-26 22:15:11 | 26,497,4834 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid 2.avi
[2008-11-26 21:57:42 | 00,003,319 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.xmp
[2008-11-26 21:57:01 | 13,305,553 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Untitled.ncor
[2008-11-26 21:52:36 | 00,976,444 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\CS4fix_Swift.on.ForumW.org(2).rar
[2008-11-26 21:30:06 | 10,028,9546 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\pharmacy vid.mpg
[2008-11-26 21:26:31 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2008-11-24 23:21:06 | 00,935,776 | ---- | M] () -- C:\WINDOWS\System32\Incinerator.dll
[2008-11-24 22:06:59 | 00,132,020 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\jinit-co-uk-certificate.pdf
[2008-11-23 21:09:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2008-11-23 21:08:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2008-11-23 17:24:36 | 00,124,624 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\xml_slide_show_198.zip
[2008-11-23 17:20:16 | 00,849,225 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\flash_animation_with_xml_file_1407.zip
[2008-11-23 17:16:18 | 00,413,002 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\slide_gallery_beta_1524.zip
[2008-11-23 17:13:43 | 00,274,207 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\as_3.0_xml_slideshow_1576.zip
[2008-11-23 17:11:05 | 00,424,428 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_show_1792.zip
[2008-11-23 17:06:33 | 02,270,293 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\simple_slide_gallery_1826.zip
[2008-11-23 00:52:47 | 00,630,928 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.flv
[2008-11-23 00:48:50 | 00,229,549 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Reina goal.mp4
[2008-11-23 00:28:44 | 34,274,128 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Video 3.avi
[2008-11-22 23:34:23 | 87,566,824 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\Video 2.avi
[2008-11-22 23:21:40 | 00,957,779 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\plzz wrkk.mp4
[2008-11-22 23:17:02 | 00,352,478 | ---- | M] () -- C:\Documents and Settings\ADMIN\Desktop\PLZ WRK.flv
[2008-11-22 21:09:54 | 00,001,754 | ---- | M] () -- C:\WINDOWS\WIN.INI
< End of report >


  • 0

#10
Jimmy2012
Posted 21 December 2008 - 11:56 AM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

Please post a new HijackThis log in your next reply.
  • 0

Advertisements

#11
ace101
Posted 21 December 2008 - 11:59 AM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hi,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:58:01 PM, on 21-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\McAfee\MSC\McLogCln.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skybroadband.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,;*.local
R3 - URLSearchHook: (no name) - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdotf.exe] C:\WINDOWS\system32\kdotf.exe
O4 - HKLM\..\Run: [NI.GSCNS] "C:\DOCUME~1\ADMIN~1\LOCALS~1\Temp\winvsnet.tmp"
O4 - HKLM\..\Run: [McLogLch_exe] C:\Program Files\McAfee\MSC\McLogLch.exe
O4 - HKLM\..\RunServices: [Microsoft32] win32sys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [gadcom] "C:\Documents and Settings\ADMIN\Application Data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antispyexpert.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.spyguardpro.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusremover2008.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.antispyexpert.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.spyguardpro.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusremover2008.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro....iler/SysPro.CAB
O16 - DPF: {08829741-43FC-4ADB-90E2-9F980695253B} (Data_Version_Check.RegProcs) - http://www.hadleyhea...rsion_Check.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.aka...vex-2.0.5.1.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www1.snapfish...shUKActivia.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zon...SS.cab69309.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com.../crusher-uk.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{656B1367-F289-425A-8E80-5CF03C3192F0}: NameServer = 85.255.112.11;85.255.112.93
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C97D980-C813-42D6-A5C8-4AC6B9248F51}: NameServer = 85.255.112.11;85.255.112.93
O17 - HKLM\System\CCS\Services\Tcpip\..\{88CB960A-5419-4539-B401-B9C1BED697BB}: NameServer = 85.255.112.11;85.255.112.93
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (file missing)
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 18292 bytes


  • 0

#12
Jimmy2012
Posted 21 December 2008 - 12:19 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt and a new HijackThis log in your next reply for further review.
  • 0

#13
ace101
Posted 21 December 2008 - 02:45 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hi, thanks for that google searches seem to work ok now. I had a problem with the internet & could not connect after the combofix, but was able to fix this by putting the DNS server back in. Below is what you asked for:

ComboFix 08-12-20.05 - ADMIN 2008-12-21 18:53:26.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2389 [GMT 0:00]
Running from: c:\documents and settings\ADMIN\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\ADMIN\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\pdfxls2.dll
c:\documents and settings\ADMIN\Application Data\gadcom
c:\documents and settings\ADMIN\Application Data\NI.GSCNS
c:\documents and settings\ADMIN\Application Data\NI.GSCNS\dl.ini
c:\documents and settings\ADMIN\Application Data\NI.GSCNS\settings.ini
c:\documents and settings\ADMIN\Application Data\p4p
c:\documents and settings\ADMIN\Application Data\p4p\dlmgr.dat
c:\documents and settings\ADMIN\Application Data\p4p\rss.opml
c:\program files\Common Files\{68EED~1
c:\program files\OneStepSearch
C:\resycled
c:\resycled\boot.com
c:\temp\FT62
c:\windows\system32\dPI19
c:\windows\system32\pac.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ONESTEP_SEARCH_SERVICE
-------\Legacy_OREANS32


((((((((((((((((((((((((( Files Created from 2008-11-21 to 2008-12-21 )))))))))))))))))))))))))))))))
.

2008-12-21 01:05 . 2008-12-21 01:05 <DIR> d-------- C:\rsit
2008-12-20 12:58 . 2008-12-21 18:59 19,874 --a------ c:\windows\SYSTEM32\Config.MPF
2008-12-20 12:51 . 2008-12-20 12:51 <DIR> d-------- c:\program files\McAfee.com
2008-12-20 12:51 . 2008-12-20 12:51 <DIR> d-------- c:\program files\Common Files\McAfee
2008-12-20 12:51 . 2006-08-14 16:25 162,504 --a------ c:\windows\SYSTEM32\DRIVERS\mfehidk.sys
2008-12-20 12:51 . 2006-07-17 21:56 104,024 --a------ c:\windows\SYSTEM32\DRIVERS\Mpfp.sys
2008-12-20 12:51 . 2006-07-08 15:46 84,744 --a------ c:\windows\SYSTEM32\DRIVERS\mfeavfk.sys
2008-12-20 12:51 . 2006-08-14 16:26 37,832 --a------ c:\windows\SYSTEM32\DRIVERS\mfesmfk.sys
2008-12-20 12:51 . 2006-08-14 16:25 33,928 --a------ c:\windows\SYSTEM32\DRIVERS\mfebopk.sys
2008-12-20 12:51 . 2006-08-14 16:25 31,752 --a------ c:\windows\SYSTEM32\DRIVERS\mferkdk.sys
2008-12-20 12:51 . 2006-08-22 18:39 1,808 --a------ c:\windows\SYSTEM32\subst.inf
2008-12-20 12:49 . 2008-12-20 12:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg7
2008-12-12 16:13 . 2008-12-12 16:13 <DIR> d-------- c:\program files\Alwil Software
2008-11-29 14:40 . 2008-11-29 14:40 <DIR> d-------- c:\program files\iolo
2008-11-22 21:34 . 2008-11-23 21:09 0 --a------ c:\windows\SYSTEM32\DRIVERS\lvuvc.hs
2008-11-22 21:34 . 2008-11-23 21:08 0 --a------ c:\windows\SYSTEM32\DRIVERS\logiflt.iad
2008-11-22 21:31 . 2008-11-29 14:53 <DIR> d-------- c:\program files\Common Files\LogiShrd
2008-11-22 21:31 . 2008-11-22 21:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Logitech
2008-11-22 21:29 . 2008-11-29 14:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\LogiShrd
2008-11-22 20:51 . 2008-04-13 19:45 60,032 --a------ c:\windows\SYSTEM32\DRIVERS\USBAUDIO.sys
2008-11-22 20:51 . 2008-04-13 19:45 60,032 --a------ c:\windows\SYSTEM32\DLLCACHE\usbaudio.sys
2008-11-22 20:51 . 2008-04-14 01:12 20,992 --a------ c:\windows\SYSTEM32\dshowext.ax
2008-11-22 20:51 . 2008-04-14 01:12 20,992 --a------ c:\windows\SYSTEM32\DLLCACHE\dshowext.ax
2008-11-22 09:36 . 2006-11-10 10:54 61,600 -ra------ c:\windows\SYSTEM32\DRIVERS\SE2Cbus.sys
2008-11-22 09:36 . 2006-11-10 10:54 5,872 -ra------ c:\windows\SYSTEM32\DRIVERS\SE2Cwhnt.sys
2008-11-22 09:36 . 2006-11-10 10:54 5,872 -ra------ c:\windows\SYSTEM32\DRIVERS\SE2Cwh.sys
2008-11-21 17:03 . 2008-11-21 17:03 <DIR> d-------- c:\program files\WAV to MP3 Encoder
2008-11-21 17:03 . 2001-12-12 11:35 348,160 --a------ c:\windows\SYSTEM32\MEnc.ocx
2008-11-21 17:03 . 2002-08-22 23:27 348,160 --a------ c:\windows\SYSTEM32\FlatBtn6.ocx

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-21 18:59 --------- d-----w c:\documents and settings\All Users\Application Data\Kontiki
2008-12-21 01:01 --------- d-----w c:\program files\LogMeIn
2008-12-20 13:33 --------- d-----w c:\program files\McAfee
2008-12-20 12:52 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2008-12-20 12:49 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-12-18 19:41 --------- d--h--w c:\documents and settings\ADMIN\Application Data\IFViewer
2008-12-17 19:53 --------- d-----w c:\program files\Dl_cats
2008-12-12 20:25 --------- d-----w c:\program files\Flash EXE Builder 1.0
2008-11-29 15:27 --------- d-----w c:\program files\Corel
2008-11-29 15:27 --------- d-----w c:\program files\Common Files\Corel
2008-11-29 15:18 --------- d-----w c:\program files\Macromedia
2008-11-29 15:18 --------- d-----w c:\program files\Common Files\Macromedia
2008-11-29 14:54 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-29 14:53 --------- d-----w c:\program files\Logitech
2008-11-29 14:42 --------- d-----w c:\documents and settings\ADMIN\Application Data\iolo
2008-11-29 14:41 --------- d-----w c:\documents and settings\All Users\Application Data\iolo
2008-11-20 23:17 --------- d-----w c:\program files\Trend Micro
2008-11-20 17:34 --------- d-----w c:\program files\Rapidown
2008-11-20 17:34 --------- d-----w c:\program files\MP3 Stream Creator
2008-11-16 19:19 --------- d-----w c:\documents and settings\ADMIN\Application Data\Azureus
2008-11-16 19:17 --------- d-----w c:\program files\Azureus
2008-11-16 19:17 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus
2008-11-16 19:14 27,904 ----a-w c:\windows\system32\drivers\ndisprot.sys
2008-11-16 19:08 --------- d--h--w c:\documents and settings\ADMIN\Application Data\FVSTemp
2008-11-16 19:04 --------- d--h--w c:\documents and settings\ADMIN\Application Data\IFBuilder
2008-11-16 17:44 --------- d-----w c:\program files\Chameleon Flash Pro edition
2008-11-15 00:35 --------- d-----w c:\program files\DivX
2008-11-13 17:10 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-01 18:01 --------- d-----w c:\program files\XoftSpySE
2008-11-01 13:15 --------- d-----w c:\program files\Vimicro
2008-10-28 23:18 --------- d-----w c:\program files\Java
2008-10-28 22:30 --------- d-----w c:\program files\Kontiki
2008-10-28 22:30 --------- d-----w c:\program files\Channel4
2008-10-28 22:29 --------- d-----w c:\documents and settings\All Users\Application Data\Channel4
2008-10-28 17:30 --------- d-----w c:\program files\Diskeeper Corporation
2008-10-28 17:30 --------- d-----w c:\documents and settings\All Users\Application Data\Diskeeper Corporation
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-22 12:28 --------- d-----w c:\program files\Microsoft Silverlight
2008-01-26 22:26 2,025 ----a-w c:\program files\tcshineppro.log
2008-01-26 22:03 36,868 ----a-w c:\program files\uninst-Echospace.exe
2008-01-26 21:54 36,868 ----a-w c:\program files\uninst-Starglow.exe
2008-01-26 15:17 3,920 ----a-w c:\program files\mbsuite21.log
2008-01-26 15:16 6,844 ----a-w c:\program files\mbsuite20.log
2007-04-16 23:31 87,608 ----a-w c:\documents and settings\ADMIN\Application Data\ezpinst.exe
2007-04-16 23:31 47,360 ----a-w c:\documents and settings\ADMIN\Application Data\pcouffin.sys
2007-04-08 13:27 56 --sha-w c:\documents and settings\All Users\Application Data\dc64vg9.sys
2006-09-02 11:53 836 ----a-w c:\documents and settings\ADMIN\Application Data\ViewerApp.dat
2006-07-15 17:19 24,192 ----a-w c:\documents and settings\ADMIN\usbsermptxp.sys
2006-07-15 17:19 22,768 ----a-w c:\documents and settings\ADMIN\usbsermpt.sys
2006-05-03 17:22 114,545,029 ----a-w c:\documents and settings\ADMIN\Tom Tom 5 Mobile.zip
2006-04-28 22:06 650,880 ----a-w c:\documents and settings\ADMIN\Desktop.zip
2003-11-03 17:07 499,712 ----a-w c:\program files\msvcp71.dll
2003-11-03 17:07 348,160 ----a-w c:\program files\msvcr71.dll
2003-05-30 09:22 344,064 ----a-r c:\program files\msvcr70.dll
2002-01-05 03:40 487,424 ----a-w c:\program files\msvcp70.dll
2007-03-17 20:25 122,880 ----a-w c:\program files\mozilla firefox\plugins\lwf215p.dll
2007-08-09 13:08 8,784 ----a-w c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 13:10 245,408 ----a-w c:\program files\mozilla firefox\plugins\unicows.dll
2008-04-14 00:12 50,688 --sha-w c:\windows\twain_32.dll
2007-05-02 17:16 168 --sh--r c:\windows\SYSTEM32\0B85437DDC.sys
2007-05-10 20:45 88 --sh--r c:\windows\SYSTEM32\A910C4817B.sys
2008-09-08 21:11 6,840 --sha-w c:\windows\SYSTEM32\KGyGaAvL.sys
2008-04-14 00:11 1,028,096 --sha-w c:\windows\SYSTEM32\mfc42.dll
2008-04-14 00:12 57,344 --sha-w c:\windows\SYSTEM32\msvcirt.dll
2008-04-14 00:12 413,696 --sha-w c:\windows\SYSTEM32\msvcp60.dll
2008-04-14 00:12 343,040 --sha-w c:\windows\SYSTEM32\msvcrt.dll
2008-04-14 00:12 551,936 --sha-w c:\windows\SYSTEM32\oleaut32.dll
2008-04-14 00:12 84,992 --sha-w c:\windows\SYSTEM32\olepro32.dll
2008-04-14 00:12 11,776 --sha-w c:\windows\SYSTEM32\regsvr32.exe
2008-09-04 17:59 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008090420080905\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Google Update"="c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2005-02-16 81920]
"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"McLogLch_exe"="c:\program files\McAfee\MSC\McLogLch.exe" [2006-08-28 140848]
"AsioReg"="CTASIO.DLL" [2003-02-20 c:\windows\SYSTEM32\CTASIO.DLL]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\SYSTEM32\narrator.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\\WINDOWS\\system32\\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2007-11-27 18:14 176128 c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= IR41_32.DLL
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\ADMIN\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^VirtualExpander.lnk]
backup=c:\windows\pss\VirtualExpander.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioloDelayModule
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2008-04-21 12:38 684032 c:\program files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 06:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 04:46 378224 c:\progra~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
--a------ 2005-08-05 14:15 61440 c:\windows\VM305_STI.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]
--a------ 2008-04-21 12:38 131157 c:\progra~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2005-05-31 05:33 122941 c:\windows\SYSTEM32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-02 22:58 133104 c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 06:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
--a------ 2008-02-28 14:31 63048 c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogonStudio]
--a------ 2002-09-03 17:38 987187 c:\program files\WinCustomize\LogonStudio\LogonStudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
--a------ 2005-08-12 16:16 1121792 c:\program files\McAfee\SpamKiller\MSKDetct.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-08-08 08:25 1828136 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV 300i Antenna Power]
--a------ 2005-07-06 19:09 90112 c:\program files\Pinnacle\Shared Files\drivers\Tools\PCTV 300i Antenna Power.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-10 14:26 406016 c:\windows\SYSTEM32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
--a------ 2006-04-27 15:47 65536 c:\program files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sclauncher]
--a------ 2007-01-30 10:30 94208 c:\program files\SimpleCenter\bin\win\sclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2007-02-20 13:06 741376 c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-08-28 09:18 3660848 c:\program files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
--a------ 2003-02-20 16:45 28672 c:\windows\SYSTEM32\CTHELPER.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Java\\jre1.5.0_03\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_05\\bin\\javaw.exe"=
"c:\\WINDOWS\\SYSTEM32\\MMC.EXE"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"=
"c:\\WINDOWS\\SYSTEM32\\dlcccoms.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\dlccPSWX.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\XoftSpySE\\XoftSpy.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Adobe\\Adobe After Effects CS3\\Support Files\\AfterFX.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\helpctr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"54321:TCP"= 54321:TCP:Azureus
"54321:UDP"= 54321:UDP:Azureus
"51414:TCP"= 51414:TCP:Limwire
"41952:TCP"= 41952:TCP:Media server
"5353:TCP"= 5353:TCP:*:Disabled:Adobe CSI CS4
"3703:TCP"= 3703:TCP:*:Disabled:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:*:Disabled:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:*:Disabled:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:*:Disabled:Adobe Version Cue CS4 Server

R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys []
R2 Cepstral License Server;Cepstral License Server;"c:\program files\Cepstral\bin\CepstralLicSrv.exe" [2007-08-21 57344]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-11-29 595824]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-11-29 595824]
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2008-09-01 45848]
R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-02-28 827008]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\Drivers\LCcFltr.Sys [2006-09-17 14095]
R3 pctvnet;Pinnacle PCTV Ethernet Driver;c:\windows\system32\DRIVERS\pctvnet.sys [2006-02-28 9340]
S2 713xTVCard;SAA7134 TV Card;c:\windows\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
S2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2005-02-06 265512]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\BTTUNER.sys [2005-02-06 18944]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.sys [2005-02-06 13308]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;"c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service [2008-08-15 284016]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);c:\windows\system32\Drivers\avera800.sys [2006-01-21 41600]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\DRIVERS\BTCamDrv.sys [2006-12-21 219264]
S3 HDR1USB;Nokia Music Player HDR-1™;c:\windows\system32\Drivers\hdr1usb.sys [2001-06-01 19008]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-01-22 33792]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-16 27904]
S3 ramirr;ramirr;c:\windows\system32\DRIVERS\ramirr.sys []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\DRIVERS\sea1bus.sys [2008-05-24 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\DRIVERS\sea1mdfl.sys [2008-05-24 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\DRIVERS\sea1mdm.sys [2008-05-24 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sea1mgmt.sys [2008-05-24 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\DRIVERS\sea1nd5.sys [2008-05-24 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\sea1obex.sys [2008-05-24 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\DRIVERS\sea1unic.sys [2008-05-24 90800]
S3 ZSMC0305;VIMICRO USB PC Camera V;c:\windows\system32\Drivers\usbVM305.sys [2007-10-17 392316]
S4 LMIRfsClientNP;LMIRfsClientNP; []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d8b5438-7dc3-11dd-8f07-00308d000000}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{655b9aee-d39d-11d9-a96a-0090d0b47572}]
\Shell\AutoRun\command - FlashDrive

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce201ed9-5bf3-11dd-8ed8-00308d000000}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}]
\Shell\AutoRun\command - G:\RunMe.exe
.
Contents of the 'Scheduled Tasks' folder

2008-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-21 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 22:58]

2008-12-20 c:\windows\Tasks\McDefragTask.job
- c:\windows\system32\defrag.exe [2008-04-14 00:12]

2008-12-20 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2006-08-17 13:18]

2008-12-21 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-10-07 01:55]

2008-07-10 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-10-07 01:55]

2008-12-21 c:\windows\Tasks\XoftSpySE 2.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 08:43]

2008-12-01 c:\windows\Tasks\XoftSpySE.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 08:43]
.
- - - - ORPHANS REMOVED - - - -

ShellIconOverlayIdentifiers-{E4000AC4-5E5F-4956-807A-C5854405D64F} - %SystemRoot%\system32\VirtualExpander\VEShellExt.dll
HKLM-Run-c:\windows\system32\kdotf.exe - c:\windows\system32\kdotf.exe
Notify-LMIinit - LMIinit.dll
Notify-NavLogon - (no file)
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe
MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTProAgent.exe
MSConfigStartUp-McAfeeUpdaterUI - c:\program files\McAfee\Common Framework\UdaterUI.exe
MSConfigStartUp-SMSystemAnalyzer - c:\program files\iolo\System Mechanic 7\SMSystemAnalyzer.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local.,;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com -
Trusted Zone: *.amaena.com
Trusted Zone: *.antimalwareguard.com
Trusted Zone: *.antispyexpert.com
Trusted Zone: *.avsystemcare.com
Trusted Zone: *.gomyhit.com
Trusted Zone: *.imageservr.com
Trusted Zone: *.imagesrvr.com
Trusted Zone: *.onerateld.com
Trusted Zone: *.safetydownload.com
Trusted Zone: *.spyguardpro.com
Trusted Zone: *.storageguardsoft.com
Trusted Zone: *.trustedantivirus.com
Trusted Zone: *.virusremover2008.com
Trusted Zone: *.virusschlacht.com
Trusted Zone: *.amaena.com
Trusted Zone: *.antimalwareguard.com
Trusted Zone: *.antispyexpert.com
Trusted Zone: *.avsystemcare.com
Trusted Zone: *.gomyhit.com
Trusted Zone: *.imageservr.com
Trusted Zone: *.imagesrvr.com
Trusted Zone: *.onerateld.com
Trusted Zone: *.safetydownload.com
Trusted Zone: *.spyguardpro.com
Trusted Zone: *.storageguardsoft.com
Trusted Zone: *.trustedantivirus.com
Trusted Zone: *.virusremover2008.com
Trusted Zone: *.virusschlacht.com

c:\windows\Downloaded Program Files\Data_Version_Check.ocx - O16 -: {08829741-43FC-4ADB-90E2-9F980695253B}
hxxp://www.hadleyhealthcare.co.uk/Data/Data_Version_Check.ocx
FF - ProfilePath - c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\
FF - prefs.js: browser.search.selectedEngine - eBay.co.uk
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayAccessService.dll
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayFormSubmitObserver.dll
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\[email protected]\plugins\npRACtrl.dll
FF - plugin: c:\program files\Google\Google Updater\1.4.681.27779\npCIDetect7.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npagent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPinzomia.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nptnt.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll

ATTENTION: FIREFOX POLICES IS IN FORCE
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-21 19:00:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(884)
c:\windows\system32\Ati2evxx.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\progra~1\COMMON~1\Stardock\SDMCP.exe
c:\windows\SYSTEM32\ati2evxx.exe
c:\progra~1\McAfee\MSC\mclogcln.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\SYSTEM32\cisvc.exe
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\program files\Intel\Intel Application Accelerator\IAANTmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Kontiki\KService.exe
c:\program files\LogMeIn\x86\ramaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Common Files\McAfee\HackerWatch\HWAPI.exe
c:\progra~1\McAfee\MSC\mclogsrv.exe
c:\progra~1\McAfee\MSC\mcupdmgr.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\McAfee\VIRUSS~1\mcods.exe
c:\progra~1\McAfee\MSC\mcpromgr.exe
c:\progra~1\COMMON~1\McAfee\RedirSvc\RedirSvc.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\progra~1\McAfee\MSC\mctskshd.exe
c:\progra~1\McAfee\MSC\mcusrmgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MpfSrv.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SYSTEM32\PSIService.exe
c:\windows\SYSTEM32\MsPMSPSv.exe
c:\windows\SYSTEM32\dlcccoms.exe
c:\windows\SYSTEM32\msiexec.exe
c:\progra~1\McAfee\VIRUSS~1\mcvsshld.exe
c:\windows\SYSTEM32\msiexec.exe
.
**************************************************************************
.
Completion time: 2008-12-21 19:18:26 - machine was rebooted [ADMIN]
ComboFix-quarantined-files.txt 2008-12-21 19:18:20

Pre-Run: 66,277,752,832 bytes free
Post-Run: 66,506,113,024 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

518 --- E O F --- 2008-11-13 17:32:26


  • 0

#14
ace101
Posted 21 December 2008 - 02:46 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:03 PM, on 21-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\McAfee\MSC\McLogCln.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\system32\msiexec.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [McLogLch_exe] C:\Program Files\McAfee\MSC\McLogLch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antispyexpert.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.spyguardpro.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusremover2008.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.antispyexpert.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.spyguardpro.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusremover2008.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro....iler/SysPro.CAB
O16 - DPF: {08829741-43FC-4ADB-90E2-9F980695253B} (Data_Version_Check.RegProcs) - http://www.hadleyhea...rsion_Check.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.aka...vex-2.0.5.1.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www1.snapfish...shUKActivia.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zon...SS.cab69309.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com.../crusher-uk.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (file missing)
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 16915 bytes


  • 0

#15
Jimmy2012
Posted 21 December 2008 - 04:20 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

google searches seem to work ok now.

That's good to hear. :)

I had a problem with the internet & could not connect after the combofix, but was able to fix this by putting the DNS server back in

Is it still working fine now?



STEP 1
  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:

    • c:\program files\uninst-Echospace.exe
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.

And please scan this file as well.

c:\program files\uninst-Starglow.exe

STEP 2
Please reopen HijackThis and click on Do a system scan only. And put a check next to the following lines.

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antispyexpert.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.spyguardpro.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusremover2008.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.antispyexpert.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.spyguardpro.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusremover2008.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)

Once you have the checks in those lines please make sure all open windows are closed (keep HijackThis open) and click Fix checked on HijackThis. A box will open up asking if you want to fix the selected items, please click Yes. After you have fixed those lines you can close HijackThis.


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\windows\SYSTEM32\DRIVERS\lvuvc.hs
c:\windows\SYSTEM32\DRIVERS\logiflt.iad
c:\windows\SYSTEM32\0B85437DDC.sys
c:\windows\SYSTEM32\A910C4817B.sys

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ec231e-4e9a-11dd-8eb9-00308d000000}]

SysRst::

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt. Please post the following reports/logs into your next reply:
  • The VirScan logs
  • Combofix.txt
  • A new HijackThis log.

Edited by Jimmy2012, 21 December 2008 - 04:20 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP