[code]
OTScanIt2 logfile created on: 10/05/2009 17:27:19 - Run 2
OTScanIt2 by OldTimer - Version 1.0.14.0     Folder = C:\Windows\System32\OTScanIt2
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.18 Gb Total Space | 1.81 Gb Free Space | 4.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 35.88 Gb Total Space | 25.57 Gb Free Space | 71.27% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RUNESCAPE_HQ
Current User Name: Phil
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
agrsmsvc.exe -> %SystemRoot%\system32\agrsmsvc.exe -> [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems)
ati2evxx.exe -> %SystemRoot%\system32\Ati2evxx.exe -> [2007/09/05 13:24:28 | 00,593,920 | ---- | M] (ATI Technologies Inc.)
ati2evxx.exe -> %SystemRoot%\system32\Ati2evxx.exe -> [2007/09/05 13:24:28 | 00,593,920 | ---- | M] (ATI Technologies Inc.)
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> [2008/02/08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab)
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> [2008/02/08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab)
cfsvcs.exe -> %ProgramFiles%\TOSHIBA\ConfigFree\CFSvcs.exe -> [2006/11/14 20:33:10 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION)
dyntray.exe -> %ProgramFiles%\DynDNS Updater\DynTray.exe -> [2008/06/23 20:04:20 | 00,086,016 | ---- | M] (Dynamic Network Services, Inc.)
dynupps.exe -> %ProgramFiles%\DynDNS Updater\DynUpPs.exe -> [2008/06/23 20:04:22 | 00,094,208 | ---- | M] (Dynamic Network Services, Inc.)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 08:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation)
filezilla server.exe -> %ProgramFiles%\FileZilla Server\FileZilla Server.exe -> [2009/03/03 11:19:28 | 00,691,200 | ---- | M] (FileZilla Project)
googleupdate.exe -> %UserProfile%\AppData\Local\Google\Update\GoogleUpdate.exe -> [2009/02/22 17:51:10 | 00,133,104 | ---- | M] (Google Inc.)
jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2009/05/02 18:01:47 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
khalmnpr.exe -> %CommonProgramFiles%\Logishrd\KHAL2\KHALMNPR.EXE -> [2009/02/19 00:28:52 | 00,076,304 | ---- | M] (Logitech, Inc.)
msascui.exe -> %ProgramFiles%\Windows Defender\MSASCui.exe -> [2008/01/19 08:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
onenotem.exe -> %ProgramFiles%\Microsoft Office\Office12\ONENOTEM.EXE -> [2007/12/07 20:44:36 | 00,101,440 | ---- | M] (Microsoft Corporation)
opera.exe -> %ProgramFiles%\Opera\opera.exe -> [2008/10/17 10:16:22 | 00,098,816 | ---- | M] (Opera Software)
otscanit2.exe -> %SystemRoot%\System32\OTScanIt2\OTScanIt2.exe -> [2009/04/11 16:32:52 | 00,494,080 | ---- | M] (OldTimer Tools)
presentationfontcache.exe -> %SystemRoot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation)
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> [2009/05/10 16:33:23 | 00,198,160 | ---- | M] (RealNetworks, Inc.)
setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2009/02/19 00:33:08 | 00,809,488 | ---- | M] (Logitech, Inc.)
setpointii.exe -> %ProgramFiles%\Logitech\SetPoint II\SetpointII.exe -> [2007/08/30 18:13:06 | 00,319,488 | ---- | M] (Logitech Inc.)
sidebar.exe -> %ProgramFiles%\Windows Sidebar\sidebar.exe -> [2008/01/19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
sidebar.exe -> %ProgramFiles%\Windows Sidebar\sidebar.exe -> [2008/01/19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> [2009/04/28 11:33:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com)
syntoshiba.exe -> %ProgramFiles%\Synaptics\SynTP\SynToshiba.exe -> [2008/08/14 10:14:20 | 00,200,704 | ---- | M] (Synaptics, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2008/08/14 10:40:36 | 01,348,904 | ---- | M] (Synaptics, Inc.)
syntphelper.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPHelper.exe -> [2008/08/14 10:40:44 | 00,103,720 | ---- | M] (Synaptics, Inc.)
syntpstart.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPStart.exe -> [2007/08/15 14:31:50 | 00,102,400 | ---- | M] (Synaptics, Inc.)
tcrdmain.exe -> %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe -> [2007/05/22 17:32:52 | 00,538,744 | ---- | M] (TOSHIBA Corporation)
tnavisrv.exe -> %ProgramFiles%\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -> [2007/08/01 14:39:18 | 00,077,824 | ---- | M] (TOSHIBA Corporation)
toddsrv.exe -> %SystemRoot%\system32\TODDSrv.exe -> [2006/05/25 19:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation)
toscosrv.exe -> %ProgramFiles%\TOSHIBA\Power Saver\TosCoSrv.exe -> [2007/03/29 11:39:00 | 00,427,576 | ---- | M] (TOSHIBA Corporation)
tpwrmain.exe -> %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.exe -> [2007/03/29 11:39:00 | 00,411,192 | ---- | M] (TOSHIBA Corporation)
ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> [2006/08/23 16:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.)
winmail.exe -> %ProgramFiles%\Windows Mail\WinMail.exe -> [2008/01/19 08:33:37 | 00,397,312 | ---- | M] (Microsoft Corporation)
wlservice.exe -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe -> [2004/02/06 22:56:14 | 00,041,025 | ---- | M] (GEMTEKS)
wusb54gv2.exe -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe -> [2004/05/06 15:22:28 | 02,401,280 | ---- | M] (Cisco Linksys Corporation)
 
[Win32 Services - Safe List]
(AgereModemAudio) Agere Modem Call Progress Audio [Win32_Own | Auto | Running] -> %SystemRoot%\system32\agrsmsvc.exe -> [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems)
(Ati External Event Utility) Ati External Event Utility [Win32_Own | Auto | Running] -> %SystemRoot%\system32\Ati2evxx.exe -> [2007/09/05 13:24:28 | 00,593,920 | ---- | M] (ATI Technologies Inc.)
(AVP) Kaspersky Internet Security 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> [2008/02/08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab)
(CFSvcs) ConfigFree Service [Win32_Own | Auto | Running] -> %ProgramFiles%\TOSHIBA\ConfigFree\CFSvcs.exe -> [2006/11/14 20:33:10 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation)
(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehRecvr.exe -> [2008/01/19 08:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehsched.exe -> [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation)
(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> %SystemRoot%\ehome\ehstart.dll -> [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
(FileZilla Server) FileZilla Server FTP server [Win32_Own | Auto | Running] -> %ProgramFiles%\FileZilla Server\FileZilla Server.exe -> [2009/03/03 11:19:28 | 00,691,200 | ---- | M] (FileZilla Project)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | Auto | Running] -> %SystemRoot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/07/01 23:42:01 | 00,138,168 | ---- | M] (Google)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation)
(LBTServ) Logitech Bluetooth Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Logitech\Bluetooth\LBTServ.exe -> [2009/02/19 00:30:20 | 00,121,360 | ---- | M] (Logitech, Inc.)
(lxcf_device) lxcf_device [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\lxcfcoms.exe -> [2005/07/25 20:25:18 | 00,491,520 | ---- | M] ( )
(Macromedia Licensing Service) Macromedia Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macromedia Shared\Service\Macromedia Licensing.exe -> [2008/08/02 15:34:32 | 00,069,632 | ---- | M] (Macromedia)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(TNaviSrv) TOSHIBA Navi Support Service [Win32_Own | Auto | Running] -> %ProgramFiles%\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -> [2007/08/01 14:39:18 | 00,077,824 | ---- | M] (TOSHIBA Corporation)
(TODDSrv) TOSHIBA Optical Disc Drive Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\TODDSrv.exe -> [2006/05/25 19:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation)
(TosCoSrv) TOSHIBA Power Saver [Win32_Own | Auto | Running] -> %ProgramFiles%\TOSHIBA\Power Saver\TosCoSrv.exe -> [2007/03/29 11:39:00 | 00,427,576 | ---- | M] (TOSHIBA Corporation)
(TOSHIBA Bluetooth Service) TOSHIBA Bluetooth Service [Win32_Own | Auto | Stopped] ->  -> File not found
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> [2006/08/23 16:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.)
(WinDefend) Windows Defender [Win32_Shared | Auto | Running] -> %ProgramFiles%\Windows Defender\mpsvc.dll -> [2008/01/19 08:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2008/01/19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation)
(WUSB54Gv2SVC) WUSB54Gv2SVC [Win32_Own | Auto | Running] ->  -> File not found
(XAMPP) XAMPP Service [Win32_Own | Disabled | Stopped] ->  -> File not found
 
[Driver Services - Safe List]
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adp94xx.sys -> [2006/11/02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpahci.sys -> [2006/11/02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu160m.sys -> [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu320.sys -> [2006/11/02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.)
(AgereSoftModem) TOSHIBA V92 Software Modem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AGRSM.sys -> [2006/11/28 14:11:00 | 01,161,888 | ---- | M] (Agere Systems)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\djsvs.sys -> [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2006/11/02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.)
(amdide) amdide [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\amdide.sys -> [2007/10/12 02:40:14 | 00,010,632 | ---- | M] (Advanced Micro Devices)
(arc) arc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arc.sys -> [2006/11/02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arcsas.sys -> [2006/11/02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(atikmdag) atikmdag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\atikmdag.sys -> [2007/09/05 13:24:28 | 02,590,720 | ---- | M] (ATI Technologies Inc.)
(AtiPcie) ATI PCI Express (3GIO) Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\AtiPcie.sys -> [2006/10/30 10:23:12 | 00,007,680 | ---- | M] (ATI Technologies Inc.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltlo.sys -> [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltup.sys -> [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserid.sys -> [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserwdm.sys -> [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brusbmdm.sys -> [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brusbser.sys -> [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2006/11/02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.)
(crpf) crpf [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\crpf.sys -> [2009/04/30 11:46:06 | 00,037,920 | ---- | M] (COMODO Security Solutions Inc.)
(csdf) csdf [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\csdf.sys -> [2009/04/30 11:47:20 | 00,040,480 | ---- | M] (COMODO Security Solutions Inc.)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\E1G60I32.sys -> [2006/11/02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\elxstor.sys -> [2006/11/02 10:51:34 | 00,316,520 | ---- | M] (Emulex)
(FwLnk) FwLnk Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\FwLnk.sys -> [2006/11/20 14:11:14 | 00,007,168 | ---- | M] (TOSHIBA Corporation)
(hamachi) Hamachi Network Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\hamachi.sys -> [2008/05/29 20:47:41 | 00,025,280 | ---- | M] (LogMeIn, Inc.)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\hpcisss.sys -> [2006/11/02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iastorv.sys -> [2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iirsp.sys -> [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteatapi.sys -> [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteraid.sys -> [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(kl1) kl1 [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\kl1.sys -> [2008/06/25 20:03:06 | 00,112,144 | ---- | M] (Kaspersky Lab)
(KLIF) Kaspersky Lab Driver [File_System | System | Running] -> %SystemRoot%\system32\DRIVERS\klif.sys -> [2008/06/25 19:43:55 | 00,147,984 | ---- | M] (Kaspersky Lab)
(KLIM6) Kaspersky Anti-Virus NDIS 6 Filter [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\klim6.sys -> [2007/10/16 11:05:28 | 00,020,496 | ---- | M] (Kaspersky Lab)
(KR10I) KR10I [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\kr10i.sys -> [2007/01/18 15:40:56 | 00,219,392 | ---- | M] (TOSHIBA CORPORATION)
(KR10N) KR10N [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\kr10n.sys -> [2007/01/18 15:47:18 | 00,211,072 | ---- | M] (TOSHIBA CORPORATION)
(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LHidFilt.Sys -> [2008/12/18 23:43:40 | 00,035,472 | ---- | M] (Logitech, Inc.)
(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LMouFilt.Sys -> [2008/12/18 23:43:48 | 00,037,392 | ---- | M] (Logitech, Inc.)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_fc.sys -> [2006/11/02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_sas.sys -> [2006/11/02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_scsi.sys -> [2006/11/02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic)
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.3.1.9 [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdc8021x.sys -> [2009/04/20 19:15:47 | 00,015,781 | ---- | M] (Meetinghouse Data Communications)
(megasas) megasas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\megasas.sys -> [2006/11/02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nfrd960.sys -> [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ntrigdigi.sys -> [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvraid.sys -> [2006/11/02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvstor.sys -> [2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation)
(pavboot) pavboot [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\pavboot.sys -> [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql2300.sys -> [2006/11/02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql40xx.sys -> [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\rimmptsk.sys -> [2007/02/24 14:42:22 | 00,039,936 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\rimsptsk.sys -> [2007/01/23 16:40:20 | 00,042,496 | ---- | M] (REDC)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\rixdptsk.sys -> [2007/03/21 22:02:04 | 00,037,376 | ---- | M] (REDC)
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\Rtlh86.sys -> [2009/01/20 07:49:26 | 00,142,848 | ---- | M] (Realtek Corporation                                            )
(RTL8187B) Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\RTL8187B.sys -> [2009/01/13 10:56:06 | 00,346,112 | ---- | M] (Realtek Semiconductor Corporation                           )
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASDIFSV.SYS -> [2009/04/28 11:33:42 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> [2009/04/28 11:33:44 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.sys -> [2009/04/28 11:33:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(secdrv) Security Driver [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\secdrv.sys -> [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid2.sys -> [2006/11/02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid4.sys -> [2006/11/02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SynTP.sys -> [2008/08/14 10:40:40 | 00,203,312 | ---- | M] (Synaptics, Inc.)
(tdcmdpst) TOSHIBA Writing Engine Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\tdcmdpst.sys -> [2006/10/18 12:50:04 | 00,016,128 | ---- | M] (TOSHIBA Corporation.)
(tos_sps32) TOSHIBA tos_sps32 Service [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\tos_sps32.sys -> [2007/07/26 16:18:04 | 00,285,184 | ---- | M] (TOSHIBA Corporation)
(TVALZ) TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\TVALZ_O.SYS -> [2007/11/09 05:00:52 | 00,023,640 | ---- | M] (TOSHIBA Corporation)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\uliahci.sys -> [2006/11/02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata.sys -> [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata2.sys -> [2006/11/02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/01/19 06:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation)
(USB_RNDIS) Linksys Wireless-G USB Network Adapter with SpeedBooster Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\usb8023.sys -> [2008/01/19 06:56:08 | 00,015,872 | ---- | M] (Microsoft Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\viaide.sys -> [2006/11/02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\vsmraid.sys -> [2006/11/02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(WinUsb) WinUSB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\WinUSB.sys -> [2008/01/19 06:53:22 | 00,031,616 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\: Main\\"Search Page" -> http://www.google.com -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\: Main\\"Start Page" -> http://www.google.co.uk/ -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\: Main\\"StartPageCache" -> Reg Error: Invalid data type. -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Phil\AppData\Roaming\Mozilla\FireFox\Profiles\tgdczjse.default\prefs.js -> 
extensions.enabledItems -> firebug@software.joehewitt.com:1.3.0 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 ->
extensions.enabledItems -> {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.1 ->
extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.0 ->
extensions.enabledItems -> personas@christopher.beard:1.0 ->
extensions.enabledItems -> {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 ->
extensions.enabledItems -> {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:0.5.8 ->
extensions.enabledItems -> yyginstantplay@yoyogames.com:1.1.0.18 ->
extensions.enabledItems -> {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7 ->
extensions.enabledItems -> nasanightlaunch@example.com:0.6.20081231 ->
extensions.enabledItems -> {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.56 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> %SystemRoot%\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/02/07 11:26:03 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> %ProgramFiles%\REAL\REALPLAYER\BROWSERRECORD [C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD] -> [2009/05/10 16:36:27 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Flock 2.0.3\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components -> %ProgramFiles%\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/05/10 16:33:50 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins -> %ProgramFiles%\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/05/10 16:37:07 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
 -> C:\Users\Phil\AppData\Roaming\mozilla\Extensions -> [2008/08/09 15:11:12 | 00,000,000 | ---D | M]
 -> C:\Users\Phil\AppData\Roaming\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b} -> [2008/08/09 15:11:12 | 00,000,000 | ---D | M]
 -> C:\Users\Phil\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/08/09 15:11:12 | 00,000,000 | ---D | M]
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18} -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\firebug@software.joehewitt.com -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\Mytheme -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\nasanightlaunch@example.com -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\personas@christopher.beard -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
 -> C:\Users\Phil\AppData\Roaming\mozilla\Firefox\Profiles\tgdczjse.default\extensions\yyginstantplay@yoyogames.com -> [2009/05/02 21:55:24 | 00,097,876 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
 -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions -> [2009/04/24 05:38:29 | 09,756,664 | ---- | M] (Mozilla Foundation)
 -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/04/24 05:38:29 | 09,756,664 | ---- | M] (Mozilla Foundation)
 -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} -> [2009/04/24 05:38:29 | 09,756,664 | ---- | M] (Mozilla Foundation)
 -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/04/24 05:38:29 | 09,756,664 | ---- | M] (Mozilla Foundation)
< FireFox Components [Program Folders] > -> 
C:\PROGRAM FILES\MOZILLA FIREFOX\components\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\components -> [2009/05/10 16:33:50 | 00,000,000 | ---D | M]
browserdirprovider.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/04/24 05:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation)
brwsrcmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/04/24 05:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation)
< FireFox Plugins [Program Folders] > -> 
C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins -> [2009/05/10 16:37:07 | 00,000,000 | ---D | M]
np-mswmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\np-mswmp.dll -> [2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation)
npdeploytk.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdeploytk.dll -> [2009/05/02 18:01:47 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.)
npnul32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/04/24 05:38:33 | 00,065,528 | ---- | M] (mozilla.org)
npqtplugin.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin.dll -> [2009/02/07 10:09:39 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin2.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin2.dll -> [2009/02/07 10:09:40 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin3.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin3.dll -> [2009/02/07 10:09:41 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin4.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin4.dll -> [2009/02/07 10:09:42 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin5.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin5.dll -> [2009/02/07 10:09:43 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin6.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin6.dll -> [2009/02/07 10:09:43 | 00,143,360 | ---- | M] (Apple Inc.)
npqtplugin7.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin7.dll -> [2009/02/07 10:09:43 | 00,143,360 | ---- | M] (Apple Inc.)
QuickTimePlugin.class -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\QuickTimePlugin.cla -> [2009/02/07 10:09:38 | 00,004,208 | ---- | M] ()
WMP Firefox Plugin License.rtf -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\WMP Firefox Plugin License.rtf -> [2007/03/30 10:43:58 | 00,149,569 | ---- | M] ()
WMP Firefox Plugin RelNotes.txt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\WMP Firefox Plugin RelNotes.txt -> [2007/03/30 10:43:58 | 00,003,352 | ---- | M] ()
< FireFox SearchPlugins [Program Folders] > -> 
C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins -> [2009/05/10 16:29:46 | 00,000,000 | ---D | M]
amazondotcom.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\amazondotcom.xml -> [2009/04/24 01:39:08 | 00,001,394 | ---- | M] ()
answers.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\answers.xml -> [2009/04/24 01:39:08 | 00,002,193 | ---- | M] ()
creativecommons.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2009/04/24 01:39:08 | 00,001,534 | ---- | M] ()
eBay.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\eBay.xml -> [2009/04/24 01:39:08 | 00,002,343 | ---- | M] ()
google.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\google.xml -> [2009/04/24 01:39:08 | 00,001,706 | ---- | M] ()
wikipedia.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\wikipedia.xml -> [2009/04/24 01:39:08 | 00,001,178 | ---- | M] ()
yahoo.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\yahoo.xml -> [2009/04/24 01:39:08 | 00,000,792 | ---- | M] ()
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\Hosts -> 
Reset Hosts
127.0.0.1       localhost
::1             localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated)
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/05/10 16:36:19 | 00,312,928 | ---- | M] (RealPlayer)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 17:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\google\googletoolbar2.dll [Google Toolbar Helper] -> [2008/07/01 23:41:56 | 02,403,392 | R--- | M] (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/05/02 18:01:47 | 00,035,840 | ---- | M] (Sun Microsystems, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar2.dll [&Google] -> [2008/07/01 23:41:56 | 02,403,392 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar2.dll [&Google] -> [2008/07/01 23:41:56 | 02,403,392 | R--- | M] (Google Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"00TCrdMain" -> %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe] -> [2007/05/22 17:32:52 | 00,538,744 | ---- | M] (TOSHIBA Corporation)
"AVP" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"] -> [2008/02/08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab)
"Kernel and Hardware Abstraction Layer" -> %SystemRoot%\KHALMNPR.EXE [KHALMNPR.EXE] -> [2008/12/18 23:42:58 | 00,076,304 | ---- | M] (Logitech, Inc.)
"LXCFCATS" -> %SystemRoot%\system32\spool\DRIVERS\W32X86\3\LXCFtime.DLL [rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16] -> [2005/07/20 18:47:32 | 00,073,728 | ---- | M] ()
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/05/02 18:01:47 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2008/08/14 10:40:36 | 01,348,904 | ---- | M] (Synaptics, Inc.)
"SynTPStart" -> %ProgramFiles%\Synaptics\SynTP\SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007/08/15 14:31:50 | 00,102,400 | ---- | M] (Synaptics, Inc.)
"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> [2009/05/10 16:33:23 | 00,198,160 | ---- | M] (RealNetworks, Inc.)
"topi" -> %ProgramFiles%\TOSHIBA\Toshiba Online Product Information\topi.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup] -> [2007/07/10 09:24:10 | 00,581,632 | ---- | M] (TOSHIBA)
"Toshiba Registration" -> %ProgramFiles%\Toshiba\Registration\ToshibaRegistration.exe [C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe] -> [2007/05/04 12:05:08 | 00,571,024 | ---- | M] (Toshiba)
"TPwrMain" -> %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE] -> [2007/03/29 11:39:00 | 00,411,192 | ---- | M] (TOSHIBA Corporation)
"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 08:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> %ProgramFiles%\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/01/19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> %SystemRoot%\system32\oobefldr.DLL [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/19 08:36:02 | 02,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> %ProgramFiles%\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/01/19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> %SystemRoot%\system32\oobefldr.DLL [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/19 08:36:02 | 02,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ehTray.exe" -> %SystemRoot%\ehome\ehTray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" -> %UserProfile%\AppData\Local\Google\Update\GoogleUpdate.exe ["C:\Users\Phil\AppData\Local\Google\Update\GoogleUpdate.exe" /c] -> [2009/02/22 17:51:10 | 00,133,104 | ---- | M] (Google Inc.)
"Sidebar" -> %ProgramFiles%\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun] -> [2008/01/19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation)
"SUPERAntiSpyware" -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2009/04/28 11:33:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com)
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [2] -> File not found
\\"ConsentPromptBehaviorUser" ->  [1] -> File not found
\\"EnableInstallerDetection" ->  [1] -> File not found
\\"EnableLUA" ->  [0] -> File not found
\\"EnableSecureUIAPaths" ->  [1] -> File not found
\\"EnableVirtualization" ->  [1] -> File not found
\\"PromptOnSecureDesktop" ->  [1] -> File not found
\\"ValidateAdminCodeSignatures" ->  [0] -> File not found
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"scforceoption" ->  [0] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"FilterAdministratorToken" ->  [0] -> File not found
\\"EnableUIADesktopToggle" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" ->  [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" ->  [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" ->  [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" ->  [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" ->  [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" ->  [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" ->  [17] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Add to Anti-Banner -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm] -> [2008/02/08 18:26:00 | 00,001,325 | ---- | M] ()
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/10/18 19:30:22 | 17,931,616 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll [Button: Web Anti-Virus statistics] -> [2008/02/08 18:37:52 | 00,223,760 | ---- | M] (Kaspersky Lab)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/12/13 02:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/12/13 02:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{76577871-04EC-495E-A12B-91F7C3600AFA}:Exec [HKLM] ->  [Button: eBay.co.uk - Buy It Sell It Love It] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
www_yoyogames.com [http] -> Trusted sites -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\] > -> HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-2144041196-3452670511-1662090926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{1C49565E-3196-4D54-AC4C-0DFFDAD678FA} ->    (Realtek RTL8101E Family PCI-E FE NIC) -> 
{7B62190A-35B0-4944-959D-0858EAD3755E} ->    (Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter) -> 
{BD32093B-1875-46DD-8591-EDF6CADC73D1} ->    (Linksys Wireless-G USB Network Adapter with SpeedBooster v2) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\r3hook.dll -> [2008/02/08 18:37:52 | 00,072,208 | ---- | M] (Kaspersky Lab)
C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll -> [2008/02/08 18:37:30 | 00,084,496 | ---- | M] (Kaspersky Lab)
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> [2008/12/22 12:05:34 | 00,356,352 | ---- | M] (SUPERAntiSpyware.com)
klogon -> %SystemRoot%\system32\klogon.dll -> [2008/02/08 18:37:44 | 00,219,664 | ---- | M] (Kaspersky Lab)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> Reg Error: Key error. [] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/19 06:49:51 | 00,067,072 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [2006/09/18 22:43:36 | 00,000,024 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
[Registry - Additional Scans - Safe List]
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
[Files/Folders - Created Within 30 Days]
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
OTScanIt2 -> %SystemRoot%\System32\OTScanIt2 -> [2009/05/10 17:25:26 | 00,000,000 | ---D | C]
LogiShrd -> %UserProfile%\AppData\Local\LogiShrd -> [2009/05/10 16:44:53 | 00,000,000 | ---D | C]
IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [2009/05/10 16:42:52 | 04,293,546 | -H-- | C] ()
Msft_Kernel_LHidFilt_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf -> [2009/05/10 16:42:01 | 00,000,000 | -H-- | C] ()
xing shared -> %CommonProgramFiles%\xing shared -> [2009/05/10 16:36:47 | 00,000,000 | ---D | C]
RichFX -> %ProgramFiles%\RichFX -> [2009/05/10 16:33:33 | 00,000,000 | ---D | C]
csdf.sys -> %SystemRoot%\System32\drivers\csdf.sys -> [2009/05/10 16:30:15 | 00,040,480 | ---- | C] (COMODO Security Solutions Inc.)
crpf.sys -> %SystemRoot%\System32\drivers\crpf.sys -> [2009/05/10 16:30:15 | 00,037,920 | ---- | C] (COMODO Security Solutions Inc.)
cnat.exe -> %SystemRoot%\System32\cnat.exe -> [2009/05/10 16:30:15 | 00,008,456 | ---- | C] (COMODO Security Solutions Inc.)
Temp -> %ProgramFiles%\Temp -> [2009/05/10 16:20:21 | 00,000,000 | -H-D | C]
Leadertech -> %AppData%\Leadertech -> [2009/05/10 16:17:50 | 00,000,000 | ---D | C]
SetPointII.lnk -> %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk -> [2009/05/10 16:12:05 | 00,001,763 | ---- | C] ()
LogiShrd -> %SystemDrive%\Users\Public\Documents\LogiShrd -> [2009/05/10 16:11:14 | 00,000,000 | ---D | C]
WeFi -> %AllUsersProfile%\WeFi -> [2009/05/10 16:06:04 | 00,000,000 | ---D | C]
WeFi -> %ProgramFiles%\WeFi -> [2009/05/10 16:05:57 | 00,000,000 | ---D | C]
RadarSync -> %UserProfile%\AppData\Local\RadarSync -> [2009/05/10 16:05:13 | 00,000,000 | ---D | C]
RadarSync.lnk -> %UserProfile%\Desktop\RadarSync.lnk -> [2009/05/10 16:05:10 | 00,000,841 | ---- | C] ()
RadarSync -> %ProgramFiles%\RadarSync -> [2009/05/10 16:05:10 | 00,000,000 | ---D | C]
Total Video Converter.lnk -> %UserProfile%\Desktop\Total Video Converter.lnk -> [2009/05/09 10:56:46 | 00,000,791 | ---- | C] ()
Total Video Converter -> %ProgramFiles%\Total Video Converter -> [2009/05/09 10:56:36 | 00,000,000 | ---D | C]
SUPERAntiSpyware.com -> %AllUsersProfile%\SUPERAntiSpyware.com -> [2009/05/08 19:25:57 | 00,000,000 | ---D | C]
SUPERAntiSpyware Free Edition.lnk -> %SystemDrive%\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2009/05/08 19:25:30 | 00,000,907 | ---- | C] ()
SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [2009/05/08 19:25:27 | 00,000,000 | ---D | C]
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware -> [2009/05/08 19:25:27 | 00,000,000 | ---D | C]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [2009/05/08 19:24:36 | 00,000,000 | ---D | C]
pavboot.sys -> %SystemRoot%\System32\drivers\pavboot.sys -> [2009/05/08 19:23:16 | 00,028,544 | ---- | C] (Panda Security, S.L.)
Panda Security -> %ProgramFiles%\Panda Security -> [2009/05/08 19:22:42 | 00,000,000 | ---D | C]
Replay Converter 3 -> %SystemRoot%\Replay Converter 3 -> [2009/05/07 18:40:03 | 00,000,000 | ---D | C]
RegCure Program Check.job -> %SystemRoot%\tasks\RegCure Program Check.job -> [2009/05/06 19:17:49 | 00,000,436 | ---- | C] ()
RegCure.job -> %SystemRoot%\tasks\RegCure.job -> [2009/05/06 19:17:48 | 00,000,370 | ---- | C] ()
RegCure Application.lnk -> %UserProfile%\Desktop\RegCure Application.lnk -> [2009/05/06 19:17:01 | 00,001,655 | ---- | C] ()
RegCure -> %SystemRoot%\RegCure -> [2009/05/06 19:16:19 | 00,000,000 | ---D | C]
RegCure -> %ProgramFiles%\RegCure -> [2009/05/06 19:16:19 | 00,000,000 | ---D | C]
REG CURE-FULL.torrent -> %UserProfile%\REG CURE-FULL.torrent -> [2009/05/06 19:10:15 | 00,001,156 | ---- | C] ()
REG CURE-FULL -> %UserProfile%\REG CURE-FULL -> [2009/05/06 19:10:15 | 00,000,000 | ---D | C]
µTorrent.lnk -> %UserProfile%\Desktop\µTorrent.lnk -> [2009/05/06 19:05:19 | 00,000,757 | ---- | C] ()
uTorrent -> %ProgramFiles%\uTorrent -> [2009/05/06 19:05:18 | 00,000,000 | ---D | C]
uTorrent -> %AppData%\uTorrent -> [2009/05/06 19:02:05 | 00,000,000 | ---D | C]
Apple -> %UserProfile%\AppData\Local\Apple -> [2009/05/03 16:07:26 | 00,000,000 | ---D | C]
Rooter$ -> %SystemDrive%\Rooter$ -> [2009/05/03 12:43:01 | 00,000,000 | ---D | C]
ATI Technologies -> %ProgramFiles%\ATI Technologies -> [2009/05/02 22:44:47 | 00,000,000 | ---D | C]
ATI -> %ProgramFiles%\ATI -> [2009/05/02 22:44:39 | 00,000,000 | ---D | C]
atipdlxx.dll -> %SystemRoot%\System32\atipdlxx.dll -> [2009/05/02 22:38:38 | 00,253,952 | ---- | C] (ATI Technologies, Inc.)
Oemdspif.dll -> %SystemRoot%\System32\Oemdspif.dll -> [2009/05/02 22:38:38 | 00,229,376 | ---- | C] (ATI Technologies, Inc.)
atitmmxx.dll -> %SystemRoot%\System32\atitmmxx.dll -> [2009/05/02 22:38:38 | 00,159,744 | ---- | C] ()
atiicdxx.dat -> %SystemRoot%\System32\atiicdxx.dat -> [2009/05/02 22:38:38 | 00,145,050 | ---- | C] ()
ativvpxx.vp -> %SystemRoot%\System32\drivers\ativvpxx.vp -> [2009/05/02 22:38:38 | 00,042,928 | ---- | C] ()
ati2edxx.dll -> %SystemRoot%\System32\ati2edxx.dll -> [2009/05/02 22:38:38 | 00,042,496 | ---- | C] (ATI Technologies, Inc.)
atiogl.xml -> %SystemRoot%\atiogl.xml -> [2009/05/02 22:38:38 | 00,011,441 | ---- | C] ()
ativpkxx.vp -> %SystemRoot%\System32\drivers\ativpkxx.vp -> [2009/05/02 22:38:38 | 00,002,096 | ---- | C] ()
ativokxx.vp -> %SystemRoot%\System32\drivers\ativokxx.vp -> [2009/05/02 22:38:38 | 00,002,096 | ---- | C] ()
ativdkxx.vp -> %SystemRoot%\System32\drivers\ativdkxx.vp -> [2009/05/02 22:38:38 | 00,002,096 | ---- | C] ()
Mobility Modder.NET.lnk -> %UserProfile%\Desktop\Mobility Modder.NET.lnk -> [2009/05/02 22:37:44 | 00,001,771 | ---- | C] ()
MobilityDotNET -> %ProgramFiles%\MobilityDotNET -> [2009/05/02 22:37:43 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2009/05/02 19:16:13 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware.lnk -> %SystemDrive%\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/05/02 19:16:00 | 00,000,823 | ---- | C] ()
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/05/02 19:15:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/05/02 19:15:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> %AllUsersProfile%\Malwarebytes -> [2009/05/02 19:15:53 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/05/02 19:15:52 | 00,000,000 | ---D | C]
Windows Installer Clean Up -> %ProgramFiles%\Windows Installer Clean Up -> [2009/05/02 17:31:59 | 00,000,000 | ---D | C]
MSECACHE -> %ProgramFiles%\MSECACHE -> [2009/05/02 17:29:07 | 00,000,000 | ---D | C]
Revo Uninstaller.lnk -> %UserProfile%\Desktop\Revo Uninstaller.lnk -> [2009/05/02 17:11:18 | 00,001,062 | ---- | C] ()
VS Revo Group -> %ProgramFiles%\VS Revo Group -> [2009/05/02 17:11:17 | 00,000,000 | ---D | C]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/05/02 12:30:23 | 36,197,62176 | -HS- | C] ()
d3d9caps.dat -> %UserProfile%\AppData\Local\d3d9caps.dat -> [2009/05/01 20:22:21 | 00,001,356 | ---- | C] ()
Adobe -> %UserProfile%\AppData\Local\Adobe -> [2009/05/01 15:58:31 | 00,000,000 | ---D | C]
CRC.INI -> %SystemRoot%\CRC.INI -> [2009/04/29 21:33:25 | 00,000,131 | ---- | C] ()
COMODO Registry Cleaner.lnk -> %SystemDrive%\Users\Public\Desktop\COMODO Registry Cleaner.lnk -> [2009/04/29 21:31:44 | 00,000,947 | ---- | C] ()
COMODO -> %ProgramFiles%\COMODO -> [2009/04/29 21:31:43 | 00,000,000 | ---D | C]
cc_20090424_093532.reg -> %UserProfile%\Documents\cc_20090424_093532.reg -> [2009/04/24 09:35:37 | 00,002,946 | ---- | C] ()
PeerNetworking -> %AppData%\PeerNetworking -> [2009/04/22 18:31:08 | 00,000,000 | ---D | C]
Sun -> %AppData%\Sun -> [2009/04/22 16:32:31 | 00,000,000 | ---D | C]
GTW32N50.dll -> %SystemRoot%\System32\GTW32N50.dll -> [2009/04/20 19:15:46 | 00,094,208 | ---- | C] ()
GTNDIS3.VXD -> %SystemRoot%\System32\GTNDIS3.VXD -> [2009/04/20 19:15:46 | 00,031,930 | ---- | C] ()
GTNDIS5.sys -> %SystemRoot%\System32\GTNDIS5.sys -> [2009/04/20 19:15:46 | 00,015,872 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA))
libeay32.dll -> %SystemRoot%\System32\libeay32.dll -> [2009/04/20 19:15:44 | 00,651,264 | ---- | C] ()
ssleay32.dll -> %SystemRoot%\System32\ssleay32.dll -> [2009/04/20 19:15:44 | 00,147,456 | ---- | C] ()
Linksys Wireless-G USB Wireless Network Monitor -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor -> [2009/04/20 19:15:22 | 00,000,000 | ---D | C]
Linksys Driver -> %SystemDrive%\Linksys Driver -> [2009/04/20 19:04:50 | 00,000,000 | ---D | C]
SmartFTP Client 3.0 Setup Files -> %ProgramFiles%\SmartFTP Client 3.0 Setup Files -> [2009/04/16 14:41:19 | 00,000,000 | ---D | C]
PingTesterDataBas -> %AppData%\PingTesterDataBas -> [2009/04/13 12:02:17 | 00,000,000 | ---D | C]
WebPingTester.exe -> %UserProfile%\Desktop\WebPingTester.exe -> [2009/04/13 12:02:09 | 00,187,904 | ---- | C] (zzzzz)
php.ini -> %SystemRoot%\php.ini -> [2009/02/16 16:39:47 | 00,046,389 | ---- | C] ()
cdplayer.ini -> %SystemRoot%\cdplayer.ini -> [2009/02/15 20:22:19 | 00,000,025 | ---- | C] ()
patchw32.dll -> %SystemRoot%\patchw32.dll -> [2008/09/16 17:11:14 | 00,197,120 | ---- | C] ()
iyvu9_32.dll -> %SystemRoot%\System32\iyvu9_32.dll -> [2008/03/29 15:07:38 | 00,056,832 | ---- | C] ()
NDSTray.INI -> %SystemRoot%\NDSTray.INI -> [2007/09/13 18:06:20 | 00,000,000 | ---- | C] ()
csellang.ini -> %SystemRoot%\System32\csellang.ini -> [2007/09/13 17:54:45 | 00,128,113 | ---- | C] ()
csellang.dll -> %SystemRoot%\System32\csellang.dll -> [2007/09/13 17:54:45 | 00,045,056 | ---- | C] ()
tosmreg.ini -> %SystemRoot%\System32\tosmreg.ini -> [2007/09/13 17:54:45 | 00,010,150 | ---- | C] ()
cseltbl.ini -> %SystemRoot%\System32\cseltbl.ini -> [2007/09/13 17:54:45 | 00,007,671 | ---- | C] ()
IVIresizeW7.dll -> %SystemRoot%\System32\IVIresizeW7.dll -> [2007/09/13 17:53:37 | 00,204,800 | ---- | C] ()
IVIresizeA6.dll -> %SystemRoot%\System32\IVIresizeA6.dll -> [2007/09/13 17:53:37 | 00,200,704 | ---- | C] ()
IVIresizeP6.dll -> %SystemRoot%\System32\IVIresizeP6.dll -> [2007/09/13 17:53:37 | 00,192,512 | ---- | C] ()
IVIresizeM6.dll -> %SystemRoot%\System32\IVIresizeM6.dll -> [2007/09/13 17:53:37 | 00,192,512 | ---- | C] ()
IVIresizePX.dll -> %SystemRoot%\System32\IVIresizePX.dll -> [2007/09/13 17:53:37 | 00,188,416 | ---- | C] ()
IVIresize.dll -> %SystemRoot%\System32\IVIresize.dll -> [2007/09/13 17:53:37 | 00,020,480 | ---- | C] ()
rixdicon.dll -> %SystemRoot%\System32\rixdicon.dll -> [2007/09/13 17:33:59 | 00,016,480 | ---- | C] ()
WdfCoInstaller01000.dll -> %SystemRoot%\System32\WdfCoInstaller01000.dll -> [2007/09/13 16:17:30 | 01,060,424 | ---- | C] ()
TosBtAcc.dll -> %SystemRoot%\System32\TosBtAcc.dll -> [2006/12/05 13:05:04 | 00,114,688 | ---- | C] ()
sysprepMCE.dll -> %SystemRoot%\System32\sysprepMCE.dll -> [2006/11/02 13:35:32 | 00,005,632 | ---- | C] ()
system.ini -> %SystemRoot%\system.ini -> [2006/11/02 11:23:31 | 00,000,219 | ---- | C] ()
win.ini -> %SystemRoot%\win.ini -> [2006/11/02 11:23:31 | 00,000,144 | ---- | C] ()
pacerprf.ini -> %SystemRoot%\System32\pacerprf.ini -> [2006/11/02 08:40:29 | 00,013,750 | ---- | C] ()
WLAN.INI -> %SystemRoot%\System32\WLAN.INI -> [2005/11/11 17:39:00 | 00,001,516 | ---- | C] ()
lxcfserv.dll -> %SystemRoot%\System32\lxcfserv.dll -> [2005/07/25 20:31:30 | 01,183,744 | ---- | C] ( )
lxcflmpm.dll -> %SystemRoot%\System32\lxcflmpm.dll -> [2005/07/25 20:27:22 | 00,483,328 | ---- | C] ( )
lxcfcomm.dll -> %SystemRoot%\System32\lxcfcomm.dll -> [2005/07/25 20:26:58 | 00,413,696 | ---- | C] ( )
lxcfpplc.dll -> %SystemRoot%\System32\lxcfpplc.dll -> [2005/07/25 20:25:26 | 00,114,688 | ---- | C] ( )
lxcfcomc.dll -> %SystemRoot%\System32\lxcfcomc.dll -> [2005/07/25 20:24:46 | 00,704,512 | ---- | C] ( )
lxcfprox.dll -> %SystemRoot%\System32\lxcfprox.dll -> [2005/07/25 20:24:14 | 00,155,648 | ---- | C] ( )
lxcfusb1.dll -> %SystemRoot%\System32\lxcfusb1.dll -> [2005/07/25 20:19:36 | 01,134,592 | ---- | C] ( )
TosCommAPI.dll -> %SystemRoot%\System32\TosCommAPI.dll -> [2005/07/22 21:30:18 | 00,065,536 | ---- | C] ()
AVSredirect.dll -> %SystemRoot%\System32\AVSredirect.dll -> [2005/07/14 12:31:20 | 00,027,648 | RHS- | C] ()
lxcfvs.dll -> %SystemRoot%\System32\lxcfvs.dll -> [2005/07/07 10:12:28 | 00,040,960 | ---- | C] ()
cygz.dll -> %SystemRoot%\System32\cygz.dll -> [2005/06/21 22:37:42 | 00,045,568 | RHS- | C] ()
fgexec.dll -> %SystemRoot%\fgexec.dll -> [2005/02/05 21:46:00 | 00,004,608 | ---- | C] ()
 
[Files/Folders - Modified Within 30 Days]
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
44 C:\Users\Phil\AppData\Local\Temp\*.tmp files -> C:\Users\Phil\AppData\Local\Temp\*.tmp -> 
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2009/05/10 17:30:27 | 61,633,3344 | -HS- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/05/10 17:26:48 | 04,194,304 | -HS- | M] ()
RegCure Program Check.job -> %SystemRoot%\tasks\RegCure Program Check.job -> [2009/05/10 17:00:00 | 00,000,436 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/05/10 16:51:32 | 00,700,548 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/05/10 16:51:32 | 00,605,072 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/05/10 16:51:32 | 00,110,354 | ---- | M] ()
jagex_runescape_preferences.dat -> %UserProfile%\jagex_runescape_preferences.dat -> [2009/05/10 16:50:42 | 00,000,034 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/05/10 16:44:40 | 00,003,568 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/05/10 16:44:39 | 00,003,568 | -H-- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/05/10 16:44:21 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/05/10 16:44:14 | 00,067,584 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/05/10 16:44:06 | 36,197,62176 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2009/05/10 16:43:24 | 08,256,212 | -HS- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> %UserProfile%\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2009/05/10 16:42:53 | 00,524,288 | -HS- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> %UserProfile%\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2009/05/10 16:42:53 | 00,065,536 | -HS- | M] ()
IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [2009/05/10 16:42:52 | 04,293,546 | -H-- | M] ()
Msft_Kernel_LHidFilt_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf -> [2009/05/10 16:42:01 | 00,000,000 | -H-- | M] ()
Logitech SetPoint.lnk -> %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> [2009/05/10 16:41:27 | 00,001,838 | ---- | M] ()
Logitech Mouse and Keyboard Settings.lnk -> %SystemDrive%\Users\Public\Desktop\Logitech Mouse and Keyboard Settings.lnk -> [2009/05/10 16:41:27 | 00,001,826 | ---- | M] ()
pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> [2009/05/10 16:33:44 | 00,278,528 | ---- | M] (Real Networks, Inc)
DIFxAPI.dll -> %SystemRoot%\DIFxAPI.dll -> [2009/05/10 16:20:41 | 00,319,456 | ---- | M] (Microsoft Corporation)
Maxthon2.lnk -> %UserProfile%\Desktop\Maxthon2.lnk -> [2009/05/10 16:14:35 | 00,001,722 | ---- | M] ()
SetPointII.lnk -> %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk -> [2009/05/10 16:12:05 | 00,001,763 | ---- | M] ()
WeFiSetup_5_131_4.exe -> %UserProfile%\AppData\Local\Temp\WeFiSetup_5_131_4.exe -> [2009/05/10 16:05:45 | 05,932,528 | ---- | M] ()
RadarSync.lnk -> %UserProfile%\Desktop\RadarSync.lnk -> [2009/05/10 16:05:10 | 00,000,841 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-2144041196-3452670511-1662090926-1000.job -> %SystemRoot%\tasks\GoogleUpdateTaskUserS-1-5-21-2144041196-3452670511-1662090926-1000.job -> [2009/05/10 15:10:04 | 00,000,850 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\AppData\Local\GDIPFONTCACHEV1.DAT -> [2009/05/10 12:23:08 | 00,081,784 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/05/10 12:21:32 | 00,303,792 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/05/09 11:06:17 | 00,066,048 | ---- | M] ()
Total Video Converter.lnk -> %UserProfile%\Desktop\Total Video Converter.lnk -> [2009/05/09 10:56:46 | 00,000,791 | ---- | M] ()
Google Chrome.lnk -> %UserProfile%\Desktop\Google Chrome.lnk -> [2009/05/09 08:21:49 | 00,002,002 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr1.dat -> [2009/05/09 08:21:33 | 04,194,304 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr0.dat -> [2009/05/09 08:21:33 | 04,194,304 | ---- | M] ()
SUPERAntiSpyware Free Edition.lnk -> %SystemDrive%\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2009/05/08 19:25:30 | 00,000,907 | ---- | M] ()
ffmpeg3.exe -> %UserProfile%\AppData\Local\Temp\ffmpeg3.exe -> [2009/05/07 18:31:55 | 01,204,224 | ---- | M] ()
RegCure.job -> %SystemRoot%\tasks\RegCure.job -> [2009/05/06 20:26:38 | 00,000,370 | ---- | M] ()
RegCure Application.lnk -> %UserProfile%\Desktop\RegCure Application.lnk -> [2009/05/06 19:17:01 | 00,001,655 | ---- | M] ()
REG CURE-FULL.torrent -> %UserProfile%\REG CURE-FULL.torrent -> [2009/05/06 19:10:15 | 00,001,156 | ---- | M] ()
µTorrent.lnk -> %UserProfile%\Desktop\µTorrent.lnk -> [2009/05/06 19:05:19 | 00,000,757 | ---- | M] ()
Schedule Task Weekly.job -> %SystemRoot%\tasks\Schedule Task Weekly.job -> [2009/05/04 11:59:59 | 00,000,392 | ---- | M] ()
Mobility Modder.NET.lnk -> %UserProfile%\Desktop\Mobility Modder.NET.lnk -> [2009/05/02 22:37:44 | 00,001,771 | ---- | M] ()
d3d9caps.dat -> %UserProfile%\AppData\Local\d3d9caps.dat -> [2009/05/02 22:31:25 | 00,001,356 | ---- | M] ()
index.dat -> %SystemRoot%\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2009/05/02 22:24:43 | 00,016,384 | -HS- | M] ()
index.dat -> %SystemRoot%\Temp\History\History.IE5\index.dat -> [2009/05/02 22:24:43 | 00,016,384 | -HS- | M] ()
index.dat -> %SystemRoot%\Temp\Cookies\index.dat -> [2009/05/02 22:24:43 | 00,016,384 | -HS- | M] ()
CRC.INI -> %SystemRoot%\CRC.INI -> [2009/05/02 22:21:31 | 00,000,131 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> %SystemDrive%\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/05/02 19:16:00 | 00,000,823 | ---- | M] ()
Revo Uninstaller.lnk -> %UserProfile%\Desktop\Revo Uninstaller.lnk -> [2009/05/02 17:11:18 | 00,001,062 | ---- | M] ()
csdf.sys -> %SystemRoot%\System32\drivers\csdf.sys -> [2009/04/30 11:47:20 | 00,040,480 | ---- | M] (COMODO Security Solutions Inc.)
crpf.sys -> %SystemRoot%\System32\drivers\crpf.sys -> [2009/04/30 11:46:06 | 00,037,920 | ---- | M] (COMODO Security Solutions Inc.)
cnat.exe -> %SystemRoot%\System32\cnat.exe -> [2009/04/30 11:45:02 | 00,008,456 | ---- | M] (COMODO Security Solutions Inc.)
COMODO Registry Cleaner.lnk -> %SystemDrive%\Users\Public\Desktop\COMODO Registry Cleaner.lnk -> [2009/04/29 21:31:44 | 00,000,947 | ---- | M] ()
SSUPDATE.EXE -> %UserProfile%\AppData\Local\Temp\SSUPDATE.EXE -> [2009/04/28 11:33:38 | 00,158,960 | ---- | M] (SUPERAntiSpyware.com)
cc_20090424_093532.reg -> %UserProfile%\Documents\cc_20090424_093532.reg -> [2009/04/24 09:35:41 | 00,002,946 | ---- | M] ()
UserTile.png -> %AppData%\UserTile.png -> [2009/04/22 18:31:09 | 00,019,331 | ---- | M] ()
WLAN.INI -> %SystemRoot%\System32\WLAN.INI -> [2009/04/20 19:15:16 | 00,001,516 | ---- | M] ()
WebPingTester.exe -> %UserProfile%\Desktop\WebPingTester.exe -> [2009/04/13 12:02:10 | 00,187,904 | ---- | M] (zzzzz)
hhcolreg.dat -> %AllUsersProfile%\Microsoft\HTML Help\hhcolreg.dat -> [2009/03/08 22:18:17 | 00,000,184 | ---- | M] ()
setup.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\setup.exe -> [2009/02/19 01:01:00 | 00,379,408 | ---- | M] (Macrovision Corporation)
CDDRV_Installer.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\CDDRV\CDDRV_Installer.exe -> [2009/02/19 00:46:08 | 07,362,380 | ---- | M] (Logitech               )
SetupDll.dll -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\SetupDll.dll -> [2008/10/15 08:02:42 | 00,062,728 | ---- | M] (Logitech, Inc.)
Setup.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\Setup.exe -> [2008/10/15 08:02:28 | 00,124,168 | ---- | M] (Logitech, Inc.)
MSetup.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\MSetup.exe -> [2008/10/15 08:02:12 | 00,836,872 | ---- | M] (Logitech, Inc.)
PublishedRacMonSWITable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [2008/07/08 16:14:34 | 00,092,016 | ---- | M] ()
PublishedRacMonOSFTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [2008/07/08 16:14:34 | 00,006,072 | ---- | M] ()
PublishedRacMonAFLTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [2008/07/08 16:14:34 | 00,003,312 | ---- | M] ()
PublishedRacMonHFLTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [2008/07/08 16:14:34 | 00,000,000 | ---- | M] ()
PublishedRacMonCLKTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [2008/07/08 16:14:34 | 00,000,000 | ---- | M] ()
PublishedRacMonIndex.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [2008/07/08 16:14:31 | 00,001,080 | ---- | M] ()
AOE standard.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\AOE standard.dat -> [2008/06/15 16:35:21 | 00,000,000 | ---- | M] ()
opa12.dat -> %AllUsersProfile%\Microsoft\OFFICE\DATA\opa12.dat -> [2008/04/03 21:41:12 | 00,008,396 | ---- | M] ()
Phil.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\Phil.dat -> [2008/03/28 19:28:44 | 00,000,000 | ---- | M] ()
vcredist_x86.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\Redist\vcredist_x86.exe -> [2007/12/14 04:00:00 | 02,682,880 | ---- | M] (Microsoft Corporation)
_Setup.dll -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\_Setup.dll -> [2007/04/24 16:21:34 | 00,332,744 | ---- | M] (Macrovision Corporation)
ISSetup.dll -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\ISSetup.dll -> [2007/04/18 18:06:44 | 00,535,552 | ---- | M] (Macrovision Corporation)
WindowsInstaller-KB893803-v2-x86.exe -> %UserProfile%\AppData\Local\Temp\pft8DE3.tmp\1-SetPoint\Redist\WindowsInstaller-KB893803-v2-x86.exe -> [2006/02/09 04:00:00 | 02,585,872 | ---- | M] (Microsoft Corporation)
 
[File - Lop Check]
C:\Windows\Tasks\ -> C:\Windows\Tasks -> [2009/05/07 17:55:26 | 00,000,000 | ---D | M]
GoogleUpdateTaskUserS-1-5-21-2144041196-3452670511-1662090926-1000.job -> C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144041196-3452670511-1662090926-1000.job -> [2009/05/10 15:10:04 | 00,000,850 | ---- | M] ()
RegCure Program Check.job -> C:\Windows\Tasks\RegCure Program Check.job -> [2009/05/10 17:00:00 | 00,000,436 | ---- | M] ()
RegCure.job -> C:\Windows\Tasks\RegCure.job -> [2009/05/06 20:26:38 | 00,000,370 | ---- | M] ()
SA.DAT -> C:\Windows\Tasks\SA.DAT -> [2009/05/10 16:44:21 | 00,000,006 | -H-- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/05/10 16:42:57 | 00,032,646 | ---- | M] ()
Schedule Task Weekly.job -> C:\Windows\Tasks\Schedule Task Weekly.job -> [2009/05/04 11:59:59 | 00,000,392 | ---- | M] ()
 
[File - Purity Scan]
 
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2
< Document and Settings folder & sub folders >
scanning hidden files ...
C:\ProgramData\TEMP:D1B5B4F1 116 bytes
scan completed successfully
hidden files: 1
 
< End of report >
[/code]