Hi
The scan only gave me the OTViewit.txt and not extras.txt hope this is o.k? many thanks Nev
OTViewIt logfile created on: 05/01/2009 15:09:10 - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\NEV\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.94 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 52.22% Memory free
4.00 Gb Paging File | 2.20 Gb Available in Paging File | 54.98% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 39.53 Gb Free Space | 35.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LAPTOP
Current User Name: NEV
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ========== [2008/07/12 16:23:42 | 00,072,704 | ---- | M] (Autodata Limited) -- C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
[2007/10/09 15:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe
[2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
[2008/03/17 17:07:02 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
[2008/12/05 15:51:06 | 00,206,096 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
[2008/07/26 08:25:36 | 00,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
[2008/07/09 13:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
[2006/11/02 09:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
[2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
[2008/07/09 16:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
[2008/07/09 13:35:34 | 00,025,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\msksrver.exe
[2008/06/08 08:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
[2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
[2007/05/28 16:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
[2007/12/05 16:30:40 | 00,144,688 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
[2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
[2008/07/11 17:48:54 | 00,641,208 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
[2006/07/04 14:16:32 | 00,049,152 | ---- | M] () -- C:\Windows\Domino.exe
[2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
[2008/09/16 11:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
[2008/12/30 10:30:35 | 00,171,448 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[2008/12/12 10:23:29 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
[2007/09/30 19:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\HP\QuickPlay\QPService.exe
[2008/01/08 10:50:12 | 01,445,888 | ---- | M] (Benutec Software, INC) -- C:\Program Files (x86)\RamCleaner\RamCleaner.exe
[2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe
[2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
[2008/07/18 07:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
[2008/06/24 15:06:06 | 01,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[2008/06/24 15:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
[2008/01/19 07:33:12 | 00,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieuser.exe
[2008/01/19 07:33:12 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2007/09/20 09:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
[2009/01/05 14:50:15 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\NEV\Desktop\OTViewIt.exe
========== (O23) Win32 Services ========== [2008/07/12 16:23:42 | 00,072,704 | ---- | M] (Autodata Limited) -- C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service [Auto | Running])
[2007/10/09 15:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
File not found -- -- (CertPropSvc [Unknown | Running])
[2008/01/05 11:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/01/05 11:25:45 | 00,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
[2007/03/05 09:30:06 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb [On_Demand | Stopped])
[2005/09/09 23:19:26 | 00,073,728 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe -- (Crypkey License [Auto | Stopped])
File not found -- -- (DcomLaunch [Unknown | Running])
File not found -- -- (DPS [Unknown | Running])
[2008/01/19 08:00:14 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2008/01/19 08:00:14 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2008/01/05 11:23:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
File not found -- -- (gpsvc [Unknown | Running])
[2008/12/30 10:30:32 | 00,138,168 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2007/09/19 17:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe -- (HP Health Check Service [Auto | Running])
[2007/12/05 16:30:40 | 00,144,688 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
[2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [Auto | Running])
[2006/11/02 09:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\keyiso.dll -- (KeyIso [On_Demand | Running])
[2008/03/17 17:07:02 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/07/26 08:23:54 | 00,255,000 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVCOMSER\LVCSer64.exe -- (LVCOMSer [Auto | Running])
[2008/07/26 08:25:24 | 00,187,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64 [Auto | Running])
[2007/04/24 19:24:14 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbacoms.exe -- (lxba_device [Auto | Running])
[2008/12/05 15:51:06 | 00,206,096 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
[2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
[2008/07/18 07:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2008/06/20 12:10:56 | 00,693,576 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
[2008/07/09 13:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
[2008/06/20 04:38:10 | 00,152,384 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
[2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running])
File not found -- -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
[2008/07/09 16:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2006/11/02 13:34:14 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2008/07/09 13:35:34 | 00,025,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\msksrver.exe -- (MSK80Service [Auto | Running])
[2008/06/08 08:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
[2008/01/19 07:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll -- (Netlogon [On_Demand | Stopped])
[2008/01/05 11:23:05 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2008/06/24 15:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
[2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2008/01/19 07:33:19 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost [On_Demand | Stopped])
[2006/12/19 09:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
File not found -- -- (RichVideo [Auto | Stopped])
File not found -- -- (RpcSs [Unknown | Running])
File not found -- -- (SBSDWSCService [Auto | Stopped])
[2008/01/19 07:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- -- (Schedule [Unknown | Running])
File not found -- -- (SCPolicySvc [Unknown | Stopped])
[2007/05/28 16:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
File not found -- -- (TuneUp.Defrag [On_Demand | Stopped])
[2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
[2006/11/02 06:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\System32\wbem\vds.mof -- (vds [On_Demand | Stopped])
[2006/11/02 06:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\System32\wbem\vss.mof -- (VSS [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Running])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2008/01/19 08:00:47 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
[2008/05/27 05:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
File not found -- -- (XAudioService [Auto | Running])
========== Driver Services ========== File not found -- -- (acedrv11 [Auto | Running])
[2008/01/19 08:12:01 | 00,486,456 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adp94xx.inf_31bf3856ad364e35_6.0.6001.18000_none_5e0fcb9b69814f7b\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2008/01/19 08:11:40 | 00,342,584 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpahci.inf_31bf3856ad364e35_6.0.6001.18000_none_c05c13aa3dfbc961\adpahci.sys -- (adpahci [Disabled | Stopped])
[2008/01/19 08:10:01 | 00,126,520 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpu160m.inf_31bf3856ad364e35_6.0.6001.18000_none_f2feed0b63bf261d\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2008/01/19 08:11:12 | 00,185,912 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpu320.inf_31bf3856ad364e35_6.0.6001.18000_none_f4cbbad1148c6b4a\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2008/02/13 09:11:26 | 00,018,488 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\aliide.sys -- (aliide [Disabled | Stopped])
[2008/01/19 08:09:34 | 00,090,680 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_arc.inf_31bf3856ad364e35_6.0.6001.18000_none_7bfed8c7803713cf\arc.sys -- (arc [Disabled | Stopped])
[2008/01/19 08:09:37 | 00,091,192 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_arcsas.inf_31bf3856ad364e35_6.0.6001.18000_none_771684264153c2d4\arcsas.sys -- (arcsas [Disabled | Stopped])
File not found -- -- (BCM43XX [On_Demand | Running])
[2006/09/18 21:30:15 | 00,018,432 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\WinSxS\amd64_brmfcsto.inf_31bf3856ad364e35_6.0.6001.18000_none_800ff95700142785\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/09/18 21:30:15 | 00,008,704 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\WinSxS\amd64_brmfcsto.inf_31bf3856ad364e35_6.0.6001.18000_none_800ff95700142785\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
File not found -- -- (CAXHWAZL [On_Demand | Running])
[2008/02/13 09:11:25 | 00,020,536 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\cmdide.sys -- (cmdide [Disabled | Stopped])
File not found -- -- (CnxtHdAudService [On_Demand | Running])
[2004/12/01 09:54:50 | 00,093,632 | ---- | M] (VM) -- C:\Windows\System32\drivers\usbVM31b.sys -- (DCamUSBVM [On_Demand | Stopped])
[2008/01/05 11:22:47 | 00,146,176 | ---- | M] (Intel Corporation) -- C:\Windows\WinSxS\amd64_nete1g3e.inf_31bf3856ad364e35_6.0.6001.18000_none_04b0c96be9c034d3\E1G6032E.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/19 08:11:53 | 00,397,368 | ---- | M] (Emulex) -- C:\Windows\WinSxS\amd64_elxstor.inf_31bf3856ad364e35_6.0.6001.18000_none_08ac13ff69b034ee\elxstor.sys -- (elxstor [Disabled | Stopped])
File not found -- -- (HBtnKey [On_Demand | Running])
[2008/01/19 08:08:42 | 00,047,672 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\WinSxS\amd64_hpcisss.inf_31bf3856ad364e35_6.0.6001.18000_none_d59c6600292b9522\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
File not found -- -- (HpqKbFiltr [On_Demand | Running])
[2006/09/18 21:38:12 | 00,286,720 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_6.0.6001.18000_none_0673f8918ab7629e\VSTAZL6.SYS -- (HSFHWAZL [On_Demand | Stopped])
File not found -- -- (HSF_DPV [On_Demand | Running])
[2008/01/19 08:11:31 | 00,290,872 | ---- | M] (Intel Corporation) -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2008/01/19 08:09:57 | 00,113,720 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_fc.inf_31bf3856ad364e35_6.0.6001.18000_none_c59b4ac1fa719137\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2008/01/19 08:09:48 | 00,105,016 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_sas.inf_31bf3856ad364e35_6.0.6001.18000_none_5b86b7f9e8ff0dc5\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2008/01/19 08:09:56 | 00,113,720 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_scsi.inf_31bf3856ad364e35_6.0.6001.18000_none_f883c787da42af0c\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
File not found -- -- (LVPr2M64 [On_Demand | Running])
[2006/06/18 07:26:50 | 00,094,208 | ---- | M] (Conexant) -- C:\Windows\System32\mdmxsdk.dll -- (mdmxsdk [Auto | Running])
[2008/01/19 08:08:18 | 00,035,896 | ---- | M] (LSI Corporation) -- C:\Windows\WinSxS\amd64_megasas.inf_31bf3856ad364e35_6.0.6001.18000_none_8c5ef0c0070fb814\megasas.sys -- (megasas [Disabled | Stopped])
File not found -- -- (mfeavfk [On_Demand | Running])
File not found -- -- (mfehidk [System | Running])
File not found -- -- (mfesmfk [On_Demand | Running])
File not found -- -- (MPFP [System | Running])
[2007/12/10 22:00:54 | 00,001,088 | ---- | M] () -- C:\Windows\System32\wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
[2004/07/30 00:35:52 | 00,031,654 | ---- | M] () -- C:\Windows\System32\Ckldrv.sys -- (NetworkX [System | Stopped])
[2006/10/14 03:04:34 | 05,942,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nv_lh.inf_31bf3856ad364e35_6.0.6001.18000_none_4a8627558332bbba\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
[2008/01/19 08:10:12 | 00,128,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys -- (nvraid [Disabled | Stopped])
[2008/01/19 08:08:50 | 00,054,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys -- (nvstor [Disabled | Stopped])
[2008/01/19 08:12:10 | 01,221,176 | ---- | M] (QLogic Corporation) -- C:\Windows\WinSxS\amd64_ql2300.inf_31bf3856ad364e35_6.0.6001.18000_none_90b29e0f5eb4b0a1\ql2300.sys -- (ql2300 [Disabled | Stopped])
File not found -- -- (rimmptsk [Auto | Running])
File not found -- -- (rimsptsk [Auto | Running])
File not found -- -- (rismxdp [Auto | Running])
[2008/09/16 18:09:24 | 00,030,080 | ---- | M] () -- C:\Windows\System32\drivers\RKHit.sys -- (RkHit [On_Demand | Stopped])
[2006/09/29 23:51:44 | 00,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\WinSxS\amd64_macrovision-protection-safedisc_31bf3856ad364e35_6.0.6000.16386_none_b794b0d578b7ec2e\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/19 08:09:28 | 00,078,392 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\WinSxS\amd64_sisraid4.inf_31bf3856ad364e35_6.0.6001.18000_none_8460e59f708bb476\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
File not found -- -- (sptd [Boot | Running])
File not found -- -- (SynTP [On_Demand | Running])
[2006/09/18 21:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\System32\wbem\tcpip.mof -- (Tcpip [System | Running])
[2008/01/19 08:11:28 | 00,284,728 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\WinSxS\amd64_uliahci.inf_31bf3856ad364e35_6.0.6001.18000_none_a21b1cbb80e47096\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 11:51:19 | 00,174,696 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\WinSxS\amd64_ulsata2.inf_31bf3856ad364e35_6.0.6001.18000_none_9ce1027f4768b389\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/02/13 09:11:26 | 00,020,536 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/19 08:10:22 | 00,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\WinSxS\amd64_vsmraid.inf_31bf3856ad364e35_6.0.6001.18000_none_508698a452d25e17\vsmraid.sys -- (vsmraid [Disabled | Stopped])
File not found -- -- (winachsf [On_Demand | Running])
File not found -- -- (XAudio [Auto | Running])
[2004/12/01 09:54:50 | 00,093,632 | ---- | M] (VM) -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b [On_Demand | Stopped])
========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://www.google.come"=about:NoAdd-ons
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.orange.co.uk/bout:SecurityRisk
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.orange.co.uk/
"StartPageCache"=
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://uk.search.yahoo.com/search?fr=mcafee&p=%s
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.orange.co.uk/
"StartPageCache"=
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Internet Explorer\SearchURL]
""=http://uk.search.yahoo.com/search?fr=mcafee&p=%s
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
========== (O1) Hosts File ========== HOSTS File = (292254 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
::1 localhost
127.0.0.1 007guard.com
127.0.0.1
www.007guard.com127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1
www.008k.com127.0.0.1 00hq.com
127.0.0.1
www.00hq.com127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1
www.032439.com127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com127.0.0.1 100sexlinks.com
127.0.0.1
www.100sexlinks.com127.0.0.1 10sek.com
127.0.0.1
www.10sek.com127.0.0.1 123topsearch.com
127.0.0.1
www.123topsearch.com127.0.0.1 132.com
127.0.0.1
www.132.com127.0.0.1 136136.net
127.0.0.1
www.136136.net127.0.0.1 163ns.com
10063 more lines...
========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{27B4851A-3207-45A2-B947-BE8AFE6163AB} (HKLM) -- c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (HKLM) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} (HKLM) -- c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
========== (O3) Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" (HKLM) -- c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
"McENUI"=C:\PROGRA~2\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
"QPService"="C:\Program Files (x86)\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
"SunJavaUpdateSched"="C:\Program Files (x86)\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RamCleaner"=C:\Program Files (x86)\RamCleaner\ramcore.exe -s ()
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\HOMERunner.exe" -s (TomTom)
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RamCleaner"=C:\Program Files (x86)\RamCleaner\ramcore.exe -s ()
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\HOMERunner.exe" -s (TomTom)
========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=0
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17
========== (O8) IE Context Menu Extensions ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Compress Image Using Image Compressor 2008: C:\Program Files (x86)\MasRizal\IMC2008\imcieex_compress.html [2008/01/30 09:59:00 | 00,000,494 | ---- | M] ()
Add to Windows &Live Favorites: Reg Error: Value does not exist or could not be read. File not found
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\Software\Microsoft\Internet Explorer\MenuExt\]
&Compress Image Using Image Compressor 2008: C:\Program Files (x86)\MasRizal\IMC2008\imcieex_compress.html [2008/01/30 09:59:00 | 00,000,494 | ---- | M] ()
Add to Windows &Live Favorites: Reg Error: Value does not exist or could not be read. File not found
========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2008/09/15 13:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" =
http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
compass-group.co.uk\webmail: https in Computer
goldmembership.org: http in Trusted sites
internet: about in Trusted sites
mcafee.com: http in Trusted sites
mcafee.com: https in Trusted sites
orange.co.uk\www: http in Computer
pogo.com\game3: http in Computer
pogo.com\uk: http in Computer
828 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
32 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
32 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-21-1966846790-472172300-1723435513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
compass-group.co.uk\webmail: https in Computer
goldmembership.org: http in Trusted sites
internet: about in Trusted sites
mcafee.com: http in Trusted sites
mcafee.com: https in Trusted sites
orange.co.uk\www: http in Computer
pogo.com\game3: http in Computer
pogo.com\uk: http in Computer
828 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}:
http://fpdownload.macromedia.com/get/fl ... rashim.cab -- Reg Error: Key does not exist or could not be opened.
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}:
http://support.f-secure.com/ols/fscax.cab -- F-Secure Online Scanner 3.3
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}:
http://fpdownload2.macromedia.com/get/s ... wflash.cab -- Shockwave Flash Object
========== (O17) DNS Name Servers ========== {0A1D48D8-817C-4B93-8346-4796ACC40D27} (Servers: | Description: Broadcom 802.11b/g WLAN)
{33ED635B-7E76-476D-A5B5-22682BBAD597} (Servers: | Description: NVIDIA nForce Networking Controller)
========== (O19) User Style Sheets ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]
========== (O20) HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=explorer.exe
>[2008/10/29 06:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\explorer.exe
========== (O21) SSODL Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} (HKLM) -- C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
========== HKLM *SecurityProviders* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/19 07:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
========== LSA *Security Packages* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/19 07:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll
========== Safeboot Options ========== "AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== autoexec.bat [ | ]
[2008/11/27 08:38:51 | 00,000,002 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]
autoexec.plu [ | REM Protector_Plus_AntiVirus | path=%path%;C:\PROTEC~1 | ]
[2008/11/23 13:23:47 | 00,000,055 | ---- | M] () -- C:\autoexec.plu -- [ NTFS ]
========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1423cc9-b404-11dc-ab22-001b24b30ff0}\Shell\AutoRun\command]
""=C:\Windows\System32\setupSNK.exe -- [2008/01/19 07:33:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ========== [2009/01/05 14:49:49 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\NEV\Desktop\OTViewIt.exe
[2009/01/05 14:48:37 | 00,000,000 | ---D | C] -- C:\Users\NEV\Desktop\Cyclops.2008.HDTV.XviD-aAF
[2009/01/05 14:48:09 | 00,000,000 | ---D | C] -- C:\Users\NEV\Desktop\Top 40 Albums 04-01-2009.z
[2009/01/05 11:33:23 | 00,000,000 | ---D | C] -- C:\Users\NEV\Desktop\Yes.Man.TS.XViD-PreVail
[2009/01/04 23:35:44 | 00,000,000 | ---D | C] -- C:\Users\NEV\Documents\MyLogoMaker
[2009/01/04 23:35:42 | 00,000,000 | ---D | C] -- C:\Users\NEV\AppData\Roaming\MyLogoMaker
[2009/01/04 23:27:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MySoftware
[2008/12/29 07:47:45 | 29,696,1440 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2008/12/25 12:27:45 | 00,000,000 | ---D | C] -- C:\Users\NEV\AppData\Local\GBelectronics
[2008/12/25 12:23:10 | 00,000,000 | ---D | C] -- C:\Users\NEV\AppData\Roaming\Pointstone
[2008/12/25 12:22:11 | 00,000,000 | ---D | C] -- C:\ProgramData\GBelectronics
[2008/12/25 12:22:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\GBelectronics
[2008/12/25 12:22:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\GBelectronics Shared
[2008/12/25 12:10:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Pointstone
[2008/12/25 12:10:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pointstone
[2008/12/19 10:33:39 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\1Click DVD Copy Pro
[2008/12/19 10:31:27 | 00,000,000 | ---D | C] -- C:\iLeadDVD
[2008/12/19 09:40:39 | 00,001,748 | ---- | C] () -- C:\Users\NEV\Desktop\DVD Flick.lnk
[2008/12/19 09:40:31 | 00,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comct232.ocx
[2008/12/19 09:40:31 | 00,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\ssubtmr6.dll
[2008/12/19 09:40:31 | 00,028,672 | ---- | C] (-) -- C:\Windows\System32\mousewheel.ocx
[2008/12/19 09:40:30 | 00,609,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx
[2008/12/18 03:50:35 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2008/12/16 18:29:02 | 00,029,440 | ---- | C] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll
[2008/12/16 18:29:02 | 00,016,640 | ---- | C] (TuneUp Software GmbH) -- C:\Windows\System32\authuitu.dll
[2008/12/12 11:32:00 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2008/12/12 11:08:02 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008/12/12 11:08:01 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2008/12/12 11:07:56 | 00,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
[2008/12/12 11:07:54 | 03,080,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2008/12/12 11:07:54 | 02,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\explorer.exe
[2008/12/12 11:07:49 | 02,868,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2008/12/12 11:07:48 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2008/12/12 11:07:47 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2008/12/12 11:07:47 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2008/12/12 11:07:30 | 11,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2008/12/12 11:07:05 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2008/12/12 11:07:04 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2008/12/12 11:07:03 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2008/12/12 11:07:02 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2008/12/12 11:06:59 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2008/12/12 11:06:57 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2008/12/10 17:37:12 | 00,000,000 | ---D | C] -- C:\Users\NEV\AppData\Roaming\dbackup
[2008/12/10 17:05:34 | 00,000,012 | -HS- | C] () -- C:\Users\NEV\AppData\Roaming\windata.xfd
[2008/12/10 17:05:04 | 00,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr90.dll
[2008/12/10 17:05:04 | 00,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp90.dll
[2008/12/10 17:05:04 | 00,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm90.dll
[2008/12/10 17:05:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\XYLIO
========== Files - Modified Within 30 Days ========== [1 C:\Windows\*.tmp files]
[2009/01/05 14:50:15 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\NEV\Desktop\OTViewIt.exe
[2009/01/05 13:45:06 | 00,016,896 | ---- | M] () -- C:\Users\NEV\Desktop\DECORATING.xls
[2009/01/05 13:39:47 | 00,136,704 | ---- | M] () -- C:\Users\NEV\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/05 02:34:26 | 00,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C69C417-0F94-436C-9640-3D90010132D4}.job
[2009/01/03 21:00:13 | 00,080,125 | ---- | M] () -- C:\Users\NEV\AppData\Roaming\nvModes.001
[2009/01/03 15:40:54 | 03,087,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sqlrcmd.dll
[2009/01/03 15:40:06 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/01/03 15:40:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/01/03 15:36:38 | 05,222,879 | -H-- | M] () -- C:\Users\NEV\AppData\Local\IconCache.db
[2009/01/02 20:51:59 | 00,249,856 | ---- | M] () -- C:\Users\NEV\Desktop\F1.xls
[2009/01/02 17:23:05 | 00,000,384 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009/01/01 01:00:20 | 00,000,328 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2008/12/29 07:49:20 | 29,696,1440 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2008/12/25 12:24:37 | 00,139,960 | ---- | M] () -- C:\Users\NEV\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/12/19 09:40:39 | 00,001,748 | ---- | M] () -- C:\Users\NEV\Desktop\DVD Flick.lnk
[2008/12/15 07:52:39 | 00,000,336 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2008/12/12 05:52:52 | 03,578,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2008/12/10 17:05:34 | 00,000,012 | -HS- | M] () -- C:\Users\NEV\AppData\Roaming\windata.xfd
< End of report >