[code=auto:0]OTScanIt2 logfile created on: 07/01/2009 16:07:39 - Run 3
OTScanIt2 by OldTimer - Version 1.0.6.1 Folder = C:\Documents and Settings\admin\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.94 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 68.97% Memory free
3.78 Gb Paging File | 3.36 Gb Available in Paging File | 88.89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 211.29 Gb Free Space | 90.73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 93.16 Gb Total Space | 57.44 Gb Free Space | 61.66% Space Free | Partition Type: NTFS
Drive H: | 149.05 Gb Total Space | 124.34 Gb Free Space | 83.43% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: OWNER-25KGJLS1N
Current User Name: admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2008/08/01 04:21:05 | 00,573,440 | ---- | M] (ATI Technologies Inc.)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2008/08/01 04:21:05 | 00,573,440 | ---- | M] (ATI Technologies Inc.)
ccsvchst.exe -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/12 03:28:25 | 00,115,560 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/12 03:28:25 | 00,115,560 | R--- | M] (Symantec Corporation)
idman.exe -> %ProgramFiles%\Internet Download Manager\IDMan.exe -> [2008/07/15 07:39:04 | 00,931,248 | ---- | M] (Tonec Inc.)
iemonitor.exe -> %ProgramFiles%\Internet Download Manager\IEMonitor.exe -> [2008/02/18 13:01:01 | 00,251,312 | ---- | M] (Tonec Inc.)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/10/15 07:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation)
msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/06 19:57:04 | 00,486,912 | ---- | M] (OldTimer Tools)
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> [2003/12/08 16:35:14 | 00,032,768 | ---- | M] (Cyberlink Corp.)
sgbhp.exe -> %ProgramFiles%\SpywareGuard\sgbhp.exe -> [2003/08/29 11:14:56 | 00,233,472 | ---- | M] ()
sgmain.exe -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [2003/08/29 19:05:35 | 00,360,448 | ---- | M] ()
usnsvc.exe -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2008/08/01 04:21:05 | 00,573,440 | ---- | M] (ATI Technologies Inc.)
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [2008/07/31 20:05:00 | 00,593,920 | ---- | M] ()
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation)
(getPlus(R) Helper) getPlus(R) Helper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\NOS\bin\getPlus_HelperSvc.exe -> [2008/12/01 10:59:52 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation)
(MSSQL$SONY_MEDIAMGR) MSSQL$SONY_MEDIAMGR [Win32_Own | On_Demand | Stopped] -> -> File not found
(MSSQLServerADHelper) MSSQLServerADHelper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -> [2002/12/17 16:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation)
(Norton Internet Security) Norton Internet Security [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/12 03:28:25 | 00,115,560 | R--- | M] (Symantec Corporation)
(SQLAgent$SONY_MEDIAMGR) SQLAgent$SONY_MEDIAMGR [Win32_Own | On_Demand | Stopped] -> -> File not found
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(AliIde) AliIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\aliide.sys -> [2006/02/28 12:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\amdagp.sys -> [2008/04/13 18:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(AmdK7) AMD K7 Processor Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\amdk7.sys -> [2008/04/13 18:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation)
(asc) asc [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\asc.sys -> [2006/02/28 12:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\asc3550.sys -> [2006/02/28 12:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(Aspi32) Aspi32 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ASPI32.SYS -> [2002/08/14 14:03:36 | 00,017,005 | ---- | M] (Adaptec)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2008/08/01 06:38:20 | 03,266,560 | ---- | M] (ATI Technologies Inc.)
(BHDrvx86) Symantec Heuristics Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\BHDrvx86.sys -> [2008/12/12 03:29:18 | 00,255,536 | ---- | M] (Symantec Corporation)
(ccHP) Symantec Hash Provider [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\cchpx86.sys -> [2009/01/04 18:16:52 | 00,362,544 | ---- | M] (Symantec Corporation)
(CmdIde) CmdIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2006/02/28 12:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> [2006/02/28 12:00:00 | 00,179,584 | ---- | M] (Mylex Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2009/01/04 18:16:52 | 00,371,248 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/01/04 18:16:52 | 00,099,376 | ---- | M] (Symantec Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> [2008/04/13 16:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(IDSxpx86) IDSxpx86 [Kernel | System | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20081220.001\IDSxpx86.sys -> [2009/01/04 18:16:52 | 00,274,808 | ---- | M] (Symantec Corporation)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/12/22 00:26:48 | 04,405,248 | R--- | M] (Realtek Semiconductor Corp.)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mfeavfk.sys -> [2008/06/27 05:08:40 | 00,079,240 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mfebopk.sys -> [2008/06/27 05:08:40 | 00,035,240 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mfehidk.sys -> [2008/06/27 05:08:40 | 00,207,656 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mferkdk.sys -> [2008/06/20 04:41:38 | 00,034,152 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mfesmfk.sys -> [2008/06/27 05:08:40 | 00,040,488 | ---- | M] (McAfee, Inc.)
(mraid35x) mraid35x [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2006/02/28 12:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ASACPI.sys -> [2004/08/13 02:56:20 | 00,005,810 | R--- | M] ()
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090106.052\NAVENG.SYS -> [2009/01/04 09:00:00 | 00,089,104 | ---- | M] (Symantec Corporation)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090106.052\NAVEX15.SYS -> [2009/01/04 09:00:00 | 00,876,112 | ---- | M] (Symantec Corporation)
(Point32) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\point32.sys -> [2008/06/10 12:04:28 | 00,031,048 | ---- | M] (Microsoft Corporation)
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> %SystemRoot%\system32\drivers\PQNTDRV.sys -> [2002/09/16 16:14:32 | 00,004,228 | ---- | M] (PowerQuest Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2006/02/28 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(ql1080) ql1080 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql1080.sys -> [2006/02/28 12:00:00 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql12160.sys -> [2006/02/28 12:00:00 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql1280.sys -> [2006/02/28 12:00:00 | 00,049,024 | ---- | M] (QLogic Corporation)
(RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rtenicxp.sys -> [2007/10/23 09:51:04 | 00,103,296 | ---- | M] (Realtek Semiconductor Corporation )
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(Sparrow) Sparrow [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sparrow.sys -> [2006/02/28 12:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(SRTSP) Symantec Real Time Storage Protection [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\srtsp.sys -> [2008/12/12 03:29:18 | 00,306,736 | ---- | M] (Symantec Corporation)
(SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\srtspx.sys -> [2008/12/12 03:29:18 | 00,043,696 | ---- | M] (Symantec Corporation)
(sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sscdbus.sys -> [2007/07/03 16:54:24 | 00,080,552 | ---- | M] (MCCI Corporation)
(sscdmdfl) SAMSUNG Mobile Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sscdmdfl.sys -> [2007/07/03 16:57:24 | 00,011,944 | ---- | M] (MCCI Corporation)
(sscdmdm) SAMSUNG Mobile Modem Drivers [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sscdmdm.sys -> [2007/07/03 16:58:20 | 00,106,792 | ---- | M] (MCCI Corporation)
(ST330) ST330 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\st330.sys -> [2008/06/02 08:46:21 | 00,030,464 | ---- | M] (THOMSON Telecom Belgium)
(StarOpen) StarOpen [File_System | System | Running] -> %SystemRoot%\system32\drivers\StarOpen.sys -> [2008/12/17 17:40:47 | 00,005,632 | ---- | M] ()
(STBUS) STBUS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\stbus.sys -> [2008/06/02 08:46:21 | 00,012,672 | ---- | M] (THOMSON Telecom Belgium)
(stppp) Speedtouch PPP Adapter Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\stppp.sys -> [2008/06/02 08:46:21 | 00,032,000 | ---- | M] (THOMSON Telecom Belgium)
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> [2006/02/28 12:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2006/02/28 12:00:00 | 00,032,640 | ---- | M] (LSI Logic)
(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symdns.sys -> [2008/12/12 03:29:18 | 00,012,976 | ---- | M] (Symantec Corporation)
(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\SymEFA.sys -> [2008/12/12 03:29:19 | 00,309,296 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> [2009/01/04 18:16:57 | 00,124,464 | ---- | M] (Symantec Corporation)
(SYMFW) SYMFW [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symfw.sys -> [2008/12/12 03:29:19 | 00,089,904 | ---- | M] (Symantec Corporation)
(SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symids.sys -> [2008/12/12 03:29:19 | 00,034,608 | ---- | M] (Symantec Corporation)
(SymIM) Symantec Network Security Intermediate Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/12/12 03:28:28 | 00,036,272 | R--- | M] (Symantec Corporation)
(SymIMMP) SymIMMP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/12/12 03:28:28 | 00,036,272 | R--- | M] (Symantec Corporation)
(SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symndis.sys -> [2008/12/12 03:29:20 | 00,037,424 | ---- | M] (Symantec Corporation)
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symredrv.sys -> [2008/12/12 03:29:20 | 00,024,624 | ---- | M] (Symantec Corporation)
(SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symtdi.sys -> [2008/12/12 03:29:20 | 00,198,192 | ---- | M] (Symantec Corporation)
(sym_hi) sym_hi [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2006/02/28 12:00:00 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2006/02/28 12:00:00 | 00,030,688 | ---- | M] (LSI Logic)
(uagp35) Microsoft AGPv3.5 Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\uagp35.sys -> [2008/04/13 18:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation)
(ultra) ultra [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ultra.sys -> [2006/02/28 12:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\USBAUDIO.sys -> [2008/04/13 18:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)
(WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2006/02/28 12:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://uk.search.yahoo.com/search?fr=mcafee&p=%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: Main\\"Page_Transitions" -> ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: Main\\"Start Page" -> http://www.google.com/ ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: SearchURL\\"" -> http://uk.search.yahoo.com/search?fr=mcafee&p=%s ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\admin\Application Data\Mozilla\FireFox\Profiles\g3dk6h2d.default\prefs.js ->
browser.startup.homepage -> "http://www.google.co.uk/" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.5" ->
extensions.enabledItems ->
[email protected]:5.7 ->
extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.0 ->
extensions.enabledItems -> {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0 ->
extensions.enabledItems -> {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.0 ->
extensions.enabledItems -> {73a6fe31-595d-460b-a920-fcc0f8843232}:1.8.8.5 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5 ->
< HOSTS File > (618303 bytes and 16396 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
127.0.0.1 localhost
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 a9rhiwa.cn #[Google.Warning]
127.0.0.1 www.a9rhiwa.cn
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
127.0.0.1 d.abnad.net
127.0.0.1 e.abnad.net
127.0.0.1 t.abnad.net
127.0.0.1 z.abnad.net
127.0.0.1 banners.absolpublisher.com
127.0.0.1 tracking.absolstats.com
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 gtb5.acecounter.com
127.0.0.1 gtb19.acecounter.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{0055C089-8582-441B-A0BF-17B458C2A3A8} [HKLM] -> %ProgramFiles%\Internet Download Manager\IDMIECC.dll [IDMIEHlprObj Class] -> [2008/07/09 14:34:03 | 00,132,528 | ---- | M] (Tonec Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 22:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [SpywareGuardDLBLOCK.CBrowserHelper] -> [2003/08/02 23:24:01 | 00,192,512 | R--- | M] ()
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Symantec NCO BHO] -> [2008/12/12 03:28:18 | 00,344,944 | R--- | M] (Symantec Corporation)
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/01/04 18:16:44 | 00,107,896 | R--- | M] (Symantec Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Norton Toolbar] -> [2008/12/12 03:28:18 | 00,344,944 | R--- | M] (Symantec Corporation)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{00000000-0000-0000-0000-000000000000}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Norton Toolbar] -> [2008/12/12 03:28:18 | 00,344,944 | R--- | M] (Symantec Corporation)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{00000000-0000-0000-0000-000000000000}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %ProgramFiles%\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Norton Toolbar] -> [2008/12/12 03:28:18 | 00,344,944 | R--- | M] (Symantec Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 9.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated)
"NeroFilterCheck" -> %SystemRoot%\system32\NeroCheck.exe ["C:\WINDOWS\system32\NeroCheck.exe"] -> [2001/07/09 10:50:42 | 00,155,648 | ---- | M] (Ahead Software Gmbh)
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2008/11/26 17:28:50 | 00,413,696 | ---- | M] (Apple Inc.)
"RemoteControl" -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"] -> [2003/12/08 16:35:14 | 00,032,768 | ---- | M] (Cyberlink Corp.)
"SSBkgdUpdate" -> %CommonProgramFiles%\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe ["C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot] -> [2003/09/29 23:14:58 | 00,155,648 | R--- | M] (Scansoft, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"IDMan" -> %ProgramFiles%\Internet Download Manager\IDMan.exe [C:\Program Files\Internet Download Manager\IDMan.exe /onboot] -> [2008/07/15 07:39:04 | 00,931,248 | ---- | M] (Tonec Inc.)
"MsnMsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)
"Privacy Suite RiskMonitor" -> [] -> File not found
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Privacy Suite" -> %ProgramFiles%\Cyberscrub\CyberScrub Privacy Suite\CSPSeraser.exe ["C:\Program Files\Cyberscrub\CyberScrub Privacy Suite\CSPSeraser.exe" "/R:C:\Documents and Settings\admin\Application Data\CyberScrub\Privacy Suite" ] -> [2008/07/23 14:41:38 | 00,876,680 | ---- | M] (CyberScrub LLC)
< Run [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"IDMan" -> %ProgramFiles%\Internet Download Manager\IDMan.exe [C:\Program Files\Internet Download Manager\IDMan.exe /onboot] -> [2008/07/15 07:39:04 | 00,931,248 | ---- | M] (Tonec Inc.)
"MsnMsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)
"Privacy Suite RiskMonitor" -> [] -> File not found
< RunOnce [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Privacy Suite" -> %ProgramFiles%\Cyberscrub\CyberScrub Privacy Suite\CSPSeraser.exe ["C:\Program Files\Cyberscrub\CyberScrub Privacy Suite\CSPSeraser.exe" "/R:C:\Documents and Settings\admin\Application Data\CyberScrub\Privacy Suite" ] -> [2008/07/23 14:41:38 | 00,876,680 | ---- | M] (CyberScrub LLC)
< admin Startup Folder > -> C:\Documents and Settings\admin\Start Menu\Programs\Startup ->
%UserProfile%\Start Menu\Programs\Startup\SpywareGuard.lnk -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [2003/08/29 19:05:35 | 00,360,448 | ---- | M] ()
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoSplash" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoJITSetup" -> [0] -> File not found
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoSplash" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoJITSetup" -> [0] -> File not found
< Software Policy Settings [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoSplash" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoJITSetup" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoBandCustomize" -> [0] -> File not found
\\"NoDrives" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"HideLegacyLogonScripts" -> [0] -> File not found
\\"HideLogoffScripts" -> [0] -> File not found
\\"RunLogonScriptSync" -> [1] -> File not found
\\"RunStartupScriptSync" -> [0] -> File not found
\\"HideStartupScripts" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoBandCustomize" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" -> [0] -> File not found
\\"HideLogoffScripts" -> [0] -> File not found
\\"HideStartupScripts" -> [0] -> File not found
\\"RunLogonScriptSync" -> [1] -> File not found
\\"RunStartupScriptSync" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoBandCustomize" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" -> [0] -> File not found
\\"HideLogoffScripts" -> [0] -> File not found
\\"HideStartupScripts" -> [0] -> File not found
\\"RunLogonScriptSync" -> [1] -> File not found
\\"RunStartupScriptSync" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download all links with IDM -> %ProgramFiles%\Internet Download Manager\IEGetAll.htm [C:\Program Files\Internet Download Manager\IEGetAll.htm] -> [2003/10/20 10:13:13 | 00,000,283 | ---- | M] ()
Download FLV video content with IDM -> %ProgramFiles%\Internet Download Manager\IEGetVL.htm [C:\Program Files\Internet Download Manager\IEGetVL.htm] -> [2007/07/02 06:19:10 | 00,000,278 | ---- | M] ()
Download with IDM -> %ProgramFiles%\Internet Download Manager\IEExt.htm [C:\Program Files\Internet Download Manager\IEExt.htm] -> [2004/12/02 16:31:09 | 00,000,277 | ---- | M] ()
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download all links with IDM -> %ProgramFiles%\Internet Download Manager\IEGetAll.htm [C:\Program Files\Internet Download Manager\IEGetAll.htm] -> [2003/10/20 10:13:13 | 00,000,283 | ---- | M] ()
Download FLV video content with IDM -> %ProgramFiles%\Internet Download Manager\IEGetVL.htm [C:\Program Files\Internet Download Manager\IEGetVL.htm] -> [2007/07/02 06:19:10 | 00,000,278 | ---- | M] ()
Download with IDM -> %ProgramFiles%\Internet Download Manager\IEExt.htm [C:\Program Files\Internet Download Manager\IEExt.htm] -> [2004/12/02 16:31:09 | 00,000,277 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3798 domain(s) found. ->
26 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3798 domain(s) found. ->
26 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\] > -> HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2070620897-1754454779-3683679437-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab[QuickTime Object] ->
{48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab[MySpace Uploader Control] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212000842109[MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab[Reg Error: Key does not exist or could not be opened.] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] ->
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} [HKLM] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab[Java Plug-in 1.6.0_10] ->
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab[Reg Error: Key does not exist or could not be opened.] ->
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab[get_atlcom Class] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{3B652397-D1A2-4820-A14F-74BD2C9CD374} ->&nb