Security Warning...Application cannot be executed.

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Security Warning...Application cannot be executed.

Post by Melissa on Fri 14 May 2010, 2:43 am

First topic message reminder :

Antispyware soft program was installed without permission. Can't access internet explorer. Can't run malwarebytes.
Alert on lower right side "antivirus software alert"...
INFILTRATION ALERT....
Virus Attack....
DETAILS....
attack from: 162.93.115.232, port 40752
Attacked port: 3439
Threat BankerFox.A

What can I do to resolve this issue?
Thanks for the help!

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down


Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Fri 14 May 2010, 3:24 am

Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:
  • Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

    Reply to this topic with the word BUMP, or
    see [You must be registered and logged in to see this link.].

  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.





Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Fri 14 May 2010, 4:34 am

The infected computer will not allow me to visit any website. I'm responding with a different computer. Is there another way I can run combofix?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Fri 14 May 2010, 4:37 am

Yes.

If you can transfer it from a clean computer to the infected one via a flash drive or CD, it will probably work.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Fri 14 May 2010, 5:06 am

No success in transfer via flash drive. McAfee deleted the combofix file as soon as I plugged F.D. in to computer. McAfee protection is out of date and no longer used. I tried to disable but no luck. What next?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Fri 14 May 2010, 5:08 am

No success in transfer via flash drive. McAfee deleted the combofix file as soon as I plugged F.D. in to computer. McAfee protection is out of date and no longer used. I tried to disable but no luck. What next?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Fri 14 May 2010, 2:39 pm

Please download and run MCPR.exe

  1. Download the removal tool from: [You must be registered and logged in to see this link.]
  2. Click Save and save the file to a folder on your computer.
  3. Navigate to the folder where the file was saved.
  4. Make sure all McAfee windows are closed.
  5. Double-click MCPR.exe to run the removal tool.

    NOTE: Windows Vista users must right-click MCPR.exe and select Run as Administrator.
  6. Restart your computer after receiving the message CleanUp Successful.
    Your McAfee product will not be fully removed until the system is restarted.


========

Then try ComboFix again, please.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Sat 15 May 2010, 12:30 am

There is an error message that keeps poping up that reads "application cannot be executed. The file rundl32.exe is infected. Do you want to activate the antivirus software now?
Therefore, I am unable to download and run the above mcafee on infected computer. Also, unable to transfer from (different computer) by usb to infected computer. What can I do?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Sat 15 May 2010, 5:58 am

ComboFox Log File:
ComboFix 10-05-14.05 - keskyr 05/14/2010 15:57:07.1.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.820 [GMT -4:00]
Running from: c:\documents and settings\keskyr\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\keskyr\Local Settings\Application Data\rvfqitgpi
c:\documents and settings\keskyr\Local Settings\Application Data\rvfqitgpi\fqhmyggtssd.exe

.
((((((((((((((((((((((((( Files Created from 2010-04-14 to 2010-05-14 )))))))))))))))))))))))))))))))
.

2010-05-14 19:53 . 2009-08-19 09:08 306 ----a-w- c:\windows\myClean.bat
2010-05-03 19:33 . 2010-05-03 19:33 -------- d-----w- c:\windows\Sun
2010-05-03 19:33 . 2010-05-03 19:33 -------- d-----w- c:\program files\Microsoft
2010-05-03 19:33 . 2010-05-03 19:33 -------- d-----w- c:\program files\MSN Toolbar
2010-05-03 19:32 . 2010-05-03 19:33 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-05-03 19:32 . 2010-05-03 19:32 -------- d-----w- c:\program files\Common Files\Java
2010-05-03 19:32 . 2010-05-03 19:32 503808 ----a-w- c:\documents and settings\keskyr\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-26656c32-n\msvcp71.dll
2010-05-03 19:32 . 2010-05-03 19:32 499712 ----a-w- c:\documents and settings\keskyr\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-26656c32-n\jmc.dll
2010-05-03 19:32 . 2010-05-03 19:32 348160 ----a-w- c:\documents and settings\keskyr\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-26656c32-n\msvcr71.dll
2010-05-03 19:31 . 2010-05-03 19:31 61440 ----a-w- c:\documents and settings\keskyr\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1007852c-n\decora-sse.dll
2010-05-03 19:31 . 2010-05-03 19:31 12800 ----a-w- c:\documents and settings\keskyr\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1007852c-n\decora-d3d.dll
2010-05-03 19:31 . 2010-05-03 19:31 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-03 19:31 . 2010-05-03 19:31 -------- d-----w- c:\program files\Java
2010-05-01 13:38 . 2010-05-01 13:38 862872 ------w- c:\documents and settings\keskyr\Application Data\Yahoo!\SearchProtection\fudogs_2.0.1.13_msgr_bts_setup.2010.04.01.01.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-14 19:53 . 2007-10-24 15:47 -------- d-----w- c:\program files\McAfee
2010-05-14 14:07 . 2007-11-30 13:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-05-01 13:39 . 2007-10-24 15:46 -------- d--h--r- c:\documents and settings\All Users\Application Data\yahoo!
2010-05-01 13:39 . 2007-10-24 15:46 -------- d-----w- c:\program files\Yahoo!
2010-04-22 18:00 . 2007-11-30 13:36 -------- d-----w- c:\program files\Google
2010-03-11 12:38 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38 . 2004-08-04 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:09 . 2004-08-04 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 12:31 . 2004-08-04 12:00 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 13:17 . 2004-08-04 12:00 2137088 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 12:39 . 2004-08-03 22:59 2016768 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}]
2010-04-01 03:34 578872 ----a-w- c:\program files\Yahoo!\Search Protection\ysp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-11 16267776]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-28 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-09-12 63048]
"XeroxBackgroundTask"="c:\windows\system32\x85xbgnd.exe" [2006-08-02 60928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Sonic CinePlayer Quick Launch.lnk - c:\program files\Common Files\Sonic Shared\CineTray.exe [2005-10-15 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2007-11-15 23:46 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\xnetsrvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 10:43 AM 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [9/12/2007 10:21 AM 12992]
.
Contents of the 'Scheduled Tasks' folder

2010-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 14:43]

2010-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 14:43]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\Yahoo!\Search Protection\ysp.dll
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: [You must be registered and logged in to see this link.]
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
HKCU-Run-dxnpoyis - c:\documents and settings\keskyr\Local Settings\Application Data\rvfqitgpi\fqhmyggtssd.exe
HKLM-Run-dxnpoyis - c:\documents and settings\keskyr\Local Settings\Application Data\rvfqitgpi\fqhmyggtssd.exe



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(604)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2010-05-14 16:01:22
ComboFix-quarantined-files.txt 2010-05-14 20:01

Pre-Run: 67,639,607,296 bytes free
Post-Run: 68,193,837,056 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - E65B3FFFBE53634A9717973D1D86E6BD

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Sat 15 May 2010, 2:22 pm

Please download OTS by OldTimer and save it to your Desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Double-click on OTS to start the program (if you are running on Vista then right-click the program and
    choose Run as Administrator).
  • At the top, tick on Scan All Users section and Include MD5.
  • At File Age set it to 90 Days
  • In the Processes, Modules, Services, Drivers, and Registry
    section, please set on Safe List.
  • In the Files Created Within and Files Modified Within section, set it to File Age
  • At the bottom, tick on all Safe List and Use Company Name WhiteList option
  • Under Additional Scans, tick on the "Extras" button and then click the checkboxes in front of the following items to select them:
      Reg - Disabled MS Config Items
      Reg - Drivers32
      Reg - Ext
      Reg - IE
      Explorer Bar
      Reg - NetSvcs
      Reg - Safeboot Minimal
      Reg - Safeboot Network
      File - Lop Check
      File - Purity Scan
  • Do NOT change any other settings.
  • Then, in the Custom Scans box, place this in:

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\System32\*.sys
    %systemroot%\System32\drivers\*.dll
    %systemroot%\System32\drivers\*.ini
    %systemroot%\System32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*


  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Sun 16 May 2010, 2:56 am

I completed the above scan. Computer seems to be running perfect now. Is there anything else I need to do?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Sun 16 May 2010, 1:01 pm



[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Sun 16 May 2010, 10:34 pm

I am so sorry I didn't know I was suppose to post the log.
Can I find it in a file where I can copy and post it here?

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by DragonMaster Jay on Mon 17 May 2010, 4:11 am

You might just want to re-run the tool. It should launch a log afterward.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts: 13452
Joined: 2009-09-07
Operating System: Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

"The posted message is too big"...(message in 2 parts) part1

Post by Melissa on Mon 17 May 2010, 10:47 pm

[code]
OTS logfile created on: 5/15/2010 12:50:54 PM - Run 1
OTS by OldTimer - Version 3.1.31.0 Folder = C:\Documents and Settings\keskyr\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 635.00 Mb Available Physical Memory | 63.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 63.21 Gb Free Space | 84.82% Space Free | Partition Type: NTFS
Drive D: | 263.30 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RICH
Current User Name: keskyr
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 90 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\keskyr\Desktop\OTS.exe -> [2010/05/15 11:43:17 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2010/05/06 16:59:42 | 002,815,192 | ---- | M | MD5 = 3C6C546F303C1B956C6F5C436C97CB8F] (ALWIL Software)
avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/05/06 16:59:38 | 000,040,384 | ---- | M | MD5 = AE28BA1361D8040D8850F21CACFCCCE9] (ALWIL Software)
mswinext.exe -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe -> [2009/12/08 21:29:44 | 000,240,992 | ---- | M | MD5 = C4D71A917D9219C5AC69D9FF0BBAB7C8] (Microsoft Corp.)
wlidsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/08/18 11:29:22 | 001,529,728 | ---- | M | MD5 = 5144AE67D60EC653F97DDF3FEED29E77] (Microsoft Corporation)
wlidsvcm.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE -> [2009/08/18 11:29:22 | 000,183,152 | ---- | M | MD5 = E91B5FA739CCF7F0CE3282B0FCFA5108] (Microsoft Corporation)
seaport.exe -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/08/07 17:15:06 | 000,242,048 | ---- | M | MD5 = CA7E42E0B8D117165ED553A7D681352A] (Microsoft Corporation)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M | MD5 = DD0042F0C3B606A6A8B92D49AFB18AD6] (Yahoo! Inc.)
logmeinsystray.exe -> C:\Program Files\LogMeIn\x86\LogMeInSystray.exe -> [2007/09/12 10:20:58 | 000,063,048 | ---- | M | MD5 = 234051C0D242A6F4A79AE5212C1323D4] (LogMeIn, Inc.)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 06:23:07 | 001,033,216 | ---- | M | MD5 = 97BD6515465659FF8F3B7BE375B2EA87] (Microsoft Corporation)
cinetray.exe -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe -> [2005/10/15 02:01:00 | 000,114,688 | ---- | M | MD5 = DCE9CB8F314E2A8A746B25035F02B0B0] (Sonic Solutions)
dlactrlw.exe -> C:\WINDOWS\system32\DLA\DLACTRLW.EXE -> [2005/09/28 05:10:00 | 000,122,940 | ---- | M | MD5 = A6C2A3F8062AAEA71B85E1FA9E4C3D8B] (Sonic Solutions)
issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2004/07/27 16:50:18 | 000,081,920 | ---- | M | MD5 = 763DAB43BDAB27316DBF3373192823D7] (InstallShield Software Corporation)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\keskyr\Desktop\OTS.exe -> [2010/05/15 11:43:17 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -> [2006/08/25 11:45:55 | 001,054,208 | ---- | M | MD5 = C4E80875C1CF1222FC5EFD0314AE5C01] (Microsoft Corporation)
msscript.ocx -> C:\WINDOWS\system32\msscript.ocx -> [2004/08/04 08:00:00 | 000,102,400 | ---- | M | MD5 = 656524B4401F21E2929B78EF4C36DB27] (Microsoft Corporation)

[Win32 Services - Safe List]
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/05/06 16:59:38 | 000,040,384 | ---- | M | MD5 = AE28BA1361D8040D8850F21CACFCCCE9] (ALWIL Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/05/06 16:59:38 | 000,040,384 | ---- | M | MD5 = AE28BA1361D8040D8850F21CACFCCCE9] (ALWIL Software)
(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/05/06 16:59:38 | 000,040,384 | ---- | M | MD5 = AE28BA1361D8040D8850F21CACFCCCE9] (ALWIL Software)
(wlidsvc) Windows Live ID Sign-in Assistant [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/08/18 11:29:22 | 001,529,728 | ---- | M | MD5 = 5144AE67D60EC653F97DDF3FEED29E77] (Microsoft Corporation)
(SeaPort) SeaPort [Auto | Running] -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/08/07 17:15:06 | 000,242,048 | ---- | M | MD5 = CA7E42E0B8D117165ED553A7D681352A] (Microsoft Corporation)
(YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M | MD5 = DD0042F0C3B606A6A8B92D49AFB18AD6] (Yahoo! Inc.)
(LMIMaint) LogMeIn Maintenance Service [Disabled | Stopped] -> C:\Program Files\LogMeIn\x86\RaMaint.exe -> [2007/11/15 19:46:12 | 000,116,032 | ---- | M | MD5 = 87D71DF719CB43007C6C9131B259E807] (LogMeIn, Inc.)
(LogMeIn) LogMeIn [Disabled | Stopped] -> C:\Program Files\LogMeIn\x86\LogMeIn.exe -> [2007/09/12 10:20:58 | 000,063,040 | ---- | M | MD5 = 9015122D04C195BDAB88FEBCBAE229DB] (LogMeIn, Inc.)

[Driver Services - Safe List]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswTdi.sys -> [2010/05/06 16:39:23 | 000,046,672 | ---- | M | MD5 = 606D731008D98B6EF946730C597C1642] (ALWIL Software)
(aswSP) aswSP [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswSP.sys -> [2010/05/06 16:39:00 | 000,164,048 | ---- | M | MD5 = D78B644816DB540E103D0B0766FD9967] (ALWIL Software)
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aswRdr.sys -> [2010/05/06 16:34:27 | 000,023,376 | ---- | M | MD5 = 3E2B6112D2766F87EDA8466FDE86A986] (ALWIL Software)
(aswMon2) aswMon2 [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswmon2.sys -> [2010/05/06 16:33:59 | 000,100,432 | ---- | M | MD5 = 81432B1A4B31036C822EB967DECF613C] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswFsBlk.sys -> [2010/05/06 16:33:47 | 000,019,024 | ---- | M | MD5 = 1B6ED99291DDF5D2501554CC5757AAB6] (ALWIL Software)
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aavmker4.sys -> [2010/05/06 16:33:29 | 000,028,880 | ---- | M | MD5 = A5246ED2586AA807AF0BCF63165A71CC] (ALWIL Software)
(mfetdik) McAfee Inc. mfetdik [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mfetdik.sys -> [2009/12/15 15:29:52 | 000,055,304 | ---- | M | MD5 = 3812E49FA67A3F604895F0D0C2E1EF90] (McAfee, Inc.)
(MfeRKDK) McAfee Inc. MfeRKDK [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mferkdk.sys -> [2009/12/15 15:29:42 | 000,034,248 | ---- | M | MD5 = 820D6AA3F7F0CFA8A1FA8F63D3F1DF04] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mfehidk.sys -> [2009/12/15 15:29:34 | 000,214,664 | ---- | M | MD5 = 586A07B1FA933C340D990419D6894D7A] (McAfee, Inc.)
(MfeBOPK) McAfee Inc. MfeBOPK [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfebopk.sys -> [2009/12/15 15:29:30 | 000,035,272 | ---- | M | MD5 = 963ABF1A4D3A19206F7B059E5A1A190B] (McAfee, Inc.)
(MfeAVFK) McAfee Inc. MfeAVFK [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfeavfk.sys -> [2009/12/15 15:29:26 | 000,079,816 | ---- | M | MD5 = 32BCD2AEC12CEE766B2488731A78127C] (McAfee, Inc.)
(LMIRfsClientNP) LMIRfsClientNP [File_System | Disabled | Stopped] -> C:\WINDOWS\system32\LMIRfsClientNP.dll -> [2007/11/15 19:46:38 | 000,083,288 | ---- | M | MD5 = 4EB23A3EB93F12E604361E6255508C57] (LogMeIn, Inc.)
(LMIInfo) LogMeIn Kernel Information Provider [Kernel | Auto | Running] -> C:\Program Files\LogMeIn\x86\rainfo.sys -> [2007/09/12 10:21:00 | 000,012,992 | ---- | M | MD5 = CB82947F34084110C6F4AB7F6FE56921] (LogMeIn, Inc.)
(LMIRfsDriver) LogMeIn Remote File System Driver [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -> [2007/09/12 10:20:58 | 000,046,112 | ---- | M | MD5 = 74701F9E50292543E7C2867CDBF4C4A5] (LogMeIn, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2007/01/13 11:33:18 | 005,672,032 | ---- | M | MD5 = 2AAE7BE67911F4AEC9AD28E9CFB9096F] (Intel Corporation)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.Sys -> [2006/10/12 09:52:04 | 004,387,328 | ---- | M | MD5 = 6D6B57808C923A4D79CC8F47307753C9] (Realtek Semiconductor Corp.)
(b57w2k) Broadcom NetXtreme Gigabit Ethernet [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\b57xp32.sys -> [2006/05/10 15:00:16 | 000,156,160 | ---- | M | MD5 = 3A3A82FFD268BCFB7AE6A48CECF00AD9] (Broadcom Corporation)
(Blfp) Broadcom Advanced Server Program Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\baspxp32.sys -> [2006/04/07 14:19:32 | 000,067,584 | ---- | M | MD5 = 07A758BFFB297819252AA72BAB0E6611] (Broadcom Corporation)
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -> [2005/09/28 05:10:00 | 000,092,700 | ---- | M | MD5 = 0E4A62D06F3E017488F037D053ABA754] (Sonic Solutions)
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -> [2005/09/28 05:10:00 | 000,087,004 | ---- | M | MD5 = E2306CC8E7A1C62EE7C2352143128520] (Sonic Solutions)
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -> [2005/09/28 05:10:00 | 000,086,524 | ---- | M | MD5 = 5745F6C87059F3C5780F865B6F77574F] (Sonic Solutions)
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLABOIOM.SYS -> [2005/09/28 05:10:00 | 000,025,628 | ---- | M | MD5 = 9209F9F9D11D8CCE6E70DFAB46121776] (Sonic Solutions)
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -> [2005/09/28 05:10:00 | 000,014,684 | ---- | M | MD5 = A250DF82EDAAC6D57F591295F7582B74] (Sonic Solutions)
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLAPoolM.SYS -> [2005/09/28 05:10:00 | 000,006,364 | ---- | M | MD5 = 2583C82A8999523A8F056B040B3DEE3D] (Sonic Solutions)
(DLADResN) DLADResN [File_System | Auto | Running] -> C:\WINDOWS\system32\DLA\DLADResN.SYS -> [2005/09/28 05:10:00 | 000,002,496 | ---- | M | MD5 = 84E8CD1B2FF95820FDA0B56133AE8345] (Sonic Solutions)
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -> [2005/07/28 03:30:00 | 000,088,704 | ---- | M | MD5 = AB6C5C26FFF9B3C456AEAF7E0093C2FE] (Sonic Solutions)
(DLACDBHM) DLACDBHM [File_System | System | Running] -> C:\WINDOWS\system32\drivers\DLACDBHM.SYS -> [2005/07/07 09:03:34 | 000,005,628 | ---- | M | MD5 = 8D45AC148FD8C1A25204AECA1397FA7E] (Sonic Solutions)
(DLARTL_N) DLARTL_N [File_System | System | Running] -> C:\WINDOWS\system32\drivers\DLARTL_N.SYS -> [2005/07/07 09:02:56 | 000,022,684 | ---- | M | MD5 = 94ACCF8F7B87FBEAA27266927319E6BA] (Sonic Solutions)
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DRVNDDM.SYS -> [2005/07/07 05:10:00 | 000,040,544 | ---- | M | MD5 = 4A307ADE1638D9358B6EB90076481CC6] (Sonic Solutions)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Hdaudbus.sys -> [2005/01/07 17:07:18 | 000,138,752 | ---- | M | MD5 = 3FCC124B6E08EE0E9351F717DD136939] (Windows (R) Server 2003 DDK provider)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\USBAUDIO.sys -> [2004/08/03 23:07:56 | 000,059,264 | ---- | M | MD5 = 45A0D14B26C35497AD93BCE7E15C9941] (Microsoft Corporation)
(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\hidbatt.sys -> [2001/08/17 13:58:00 | 000,019,200 | ---- | M | MD5 = 13C0D55DA4B7148EF980E130B85D9F2C] (Microsoft Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [You must be registered and logged in to see this link.] ->
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> [You must be registered and logged in to see this link.] ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\] > -> ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: Main\\"Start Page" -> [You must be registered and logged in to see this link.] ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: SearchURL\\"" -> [You must be registered and logged in to see this link.] ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! 工具列] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: "ProxyOverride" -> ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\: "ProxyServer" -> http=127.0.0.1:5555 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions -> ->
HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502} -> C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\ [C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\] -> [2010/05/03 15:33:17 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
~[Filtered]~
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M | MD5 = C11F6A1F61481E24BE3FDC06EA6F7D2A] (Adobe Systems Incorporated)
{25BC7718-0BFA-40EA-B381-4B2D9732D686} [HKLM] -> C:\Program Files\Yahoo!\Search Protection\ysp.dll [Yahooo Search Protection] -> [2010/03/31 23:34:36 | 000,578,872 | ---- | M | MD5 = 11493B3B499823EE27D84EF60DE40DE9] (Yahoo! Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 18:09:42 | 000,222,448 | ---- | M | MD5 = BBDE3B4ACB928F30A35DBA4DD11564E1] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/28 05:10:00 | 000,110,652 | ---- | M | MD5 = 42396B471C33ECEA69D832C2004ACCCE] (Sonic Solutions)
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/08/07 17:15:06 | 000,138,608 | ---- | M | MD5 = 09F3D779638216DBB6B8D4C1075D6A8F] (Microsoft Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [Google Toolbar Notifier BHO] -> [2008/10/21 07:56:29 | 000,652,784 | ---- | M | MD5 = 7D566FF02484EA2BCDEF6E8D7E9D9D13] (Google Inc.)
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [MSN Toolbar BHO] -> [2009/12/08 21:29:42 | 000,506,720 | ---- | M | MD5 = 42304A5C69A78FEF990D94D40B26D02F] (Microsoft Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{8dcb7100-df86-4384-8842-8fa844297b3f}" [HKLM] -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [MSN Toolbar] -> [2009/12/08 21:29:42 | 000,506,720 | ---- | M | MD5 = 42304A5C69A78FEF990D94D40B26D02F] (Microsoft Corporation)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! 工具列] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/01/11 22:16:38 | 000,039,792 | ---- | M | MD5 = 8B9145D229D4E89D15ACB820D4A3A90F] (Adobe Systems Incorporated)
"avast5" -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe [C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui] -> [2010/05/06 16:59:42 | 002,815,192 | ---- | M | MD5 = 3C6C546F303C1B956C6F5C436C97CB8F] (ALWIL Software)
"DLA" -> C:\WINDOWS\system32\DLA\DLACTRLW.EXE [C:\WINDOWS\System32\DLA\DLACTRLW.EXE] -> [2005/09/28 05:10:00 | 000,122,940 | ---- | M | MD5 = A6C2A3F8062AAEA71B85E1FA9E4C3D8B] (Sonic Solutions)
"ISUSPM Startup" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2004/07/27 16:50:42 | 000,221,184 | ---- | M | MD5 = FB9E5C251CF6C37749F296BACB34A69B] (InstallShield Software Corporation)
"ISUSScheduler" -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2004/07/27 16:50:18 | 000,081,920 | ---- | M | MD5 = 763DAB43BDAB27316DBF3373192823D7] (InstallShield Software Corporation)
"LogMeIn GUI" -> C:\Program Files\LogMeIn\x86\LogMeInSystray.exe ["C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"] -> [2007/09/12 10:20:58 | 000,063,048 | ---- | M | MD5 = 234051C0D242A6F4A79AE5212C1323D4] (LogMeIn, Inc.)
"Microsoft Default Manager" -> C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe ["C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume] -> [2009/07/17 11:12:14 | 000,288,080 | ---- | M | MD5 = F8B91C91225E5CAA2B2F0370201021C0] (Microsoft Corporation)
"MSN Toolbar" -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe ["C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"] -> [2009/12/08 21:29:44 | 000,240,992 | ---- | M | MD5 = C4D71A917D9219C5AC69D9FF0BBAB7C8] (Microsoft Corp.)
"XeroxBackgroundTask" -> C:\WINDOWS\System32\x85xbgnd.exe [C:\WINDOWS\system32\x85xbgnd.exe 1] -> [2006/08/02 06:59:00 | 000,060,928 | ---- | M | MD5 = D160C814425E9FF7FEBA5A94F765530B] ()
< administrator Startup Folder > -> C:\Documents and Settings\administrator\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe -> [2005/10/15 02:01:00 | 000,114,688 | ---- | M | MD5 = DCE9CB8F314E2A8A746B25035F02B0B0] (Sonic Solutions)
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< keskyr Startup Folder > -> C:\Documents and Settings\keskyr\Start Menu\Programs\Startup ->
< keskyt Startup Folder > -> C:\Documents and Settings\keskyt\Start Menu\Programs\Startup ->
< LogMeInRemoteUser Startup Folder > -> C:\Documents and Settings\LogMeInRemoteUser\Start Menu\Programs\Startup ->
< User Startup Folder > -> C:\Documents and Settings\User\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" -> [0] -> File not found
\\"NoWelcomeScreen" -> [1] -> File not found
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2007/12/12 18:09:42 | 000,222,448 | ---- | M | MD5 = BBDE3B4ACB928F30A35DBA4DD11564E1] (Yahoo! Inc.)
{BBF74FB9-ABCD-4678-880A-2511DAABB5E1}:{25BC7718-0BFA-40EA-B381-4B2D9732D686} [HKLM] -> C:\Program Files\Yahoo!\Search Protection\ysp.dll [Menu: Yahoo! Search Protection] -> [2010/03/31 23:34:36 | 000,578,872 | ---- | M | MD5 = 11493B3B499823EE27D84EF60DE40DE9] (Yahoo! Inc.)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> [You must be registered and logged in to see this link.]
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 17 domain(s) found. ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
[You must be registered and logged in to see this link.] .[myui] -> Trusted sites ->
*_mcafee.com [http] -> Trusted sites ->
*_mcafee.com [https] -> Trusted sites ->
betavscan_mcafeeasap.com [http] -> Trusted sites ->
betavscan_mcafeeasap.com [https] -> Trusted sites ->
vs_mcafeeasap.com [http] -> Trusted sites ->
vs_mcafeeasap.com [https] -> Trusted sites ->
www_mcafeeasap.com [http] -> Trusted sites ->
www_mcafeeasap.com [https] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0E8D0700-75DF-11D3-8B4A-0008C7450C4A} [HKLM] -> [You must be registered and logged in to see this link.] [DjVuCtl Class] ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> [You must be registered and logged in to see this link.] [Shockwave ActiveX Control] ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll [Installation Support] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> [You must be registered and logged in to see this link.] [WUWebControl Class] ->
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> [You must be registered and logged in to see this link.] [DivXBrowserPlugin Object] ->
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> [You must be registered and logged in to see this link.] [Facebook Photo Uploader 5 Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [You must be registered and logged in to see this link.] [Java Plug-in 1.6.0_20] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> [You must be registered and logged in to see this link.] [Reg Error: Key error.] ->
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> [You must be registered and logged in to see this link.] [MSN Games - Installer] ->
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> [You must be registered and logged in to see this link.] [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [You must be registered and logged in to see this link.] [Java Plug-in 1.6.0_20] ->
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> [You must be registered and logged in to see this link.] [Virtools WebPlayer Class] ->
{DA80E089-4648-43D5-93B4-7F37917084E6} [HKLM] -> [You must be registered and logged in to see this link.] [CacheManager.CacheManagerCtrl] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.10.1 ->
Domain -> RedAppleGroup.local ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{CAED54E9-B472-44FD-9A1A-BE4CBE93F7B8}\\DhcpNameServer -> 192.168.10.1 (Broadcom NetXtreme Gigabit Ethernet) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 06:23:07 | 001,033,216 | ---- | M | MD5 = 97BD6515465659FF8F3B7BE375B2EA87] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2007/01/13 10:46:04 | 000,204,800 | ---- | M | MD5 = 58C8809D7486DB2D9C6A24A8630A5478] (Intel Corporation)
LMIinit -> C:\WINDOWS\System32\LMIinit.dll -> [2007/11/15 19:46:20 | 000,087,352 | ---- | M | MD5 = 5179355D99463E6E9BCACE499632A6A2] (LogMeIn, Inc.)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"C:\Documents and Settings\keskyr\Local Settings\Temp\Xerox\PrintLaunchScan\scaninstu.exe" -> C:\Documents and Settings\keskyr\Local Settings\Temp\Xerox\PrintLaunchScan\scaninstu.exe [C:\Documents and Settings\keskyr\Local Settings\Temp\Xerox\PrintLaunchScan\scaninstu.exe:*:Enabled:Xerox Windows Common Scanner Driver Installer] -> File not found
"C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" -> C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent] -> File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> File not found
"C:\WINDOWS\system32\xnetsrvc.exe" -> C:\WINDOWS\System32\xnetsrvc.exe [C:\WINDOWS\system32\xnetsrvc.exe:*:Enabled:XnetSrvc Module] -> [2006/09/20 07:52:12 | 000,128,512 | ---- | M | MD5 = 1D9F72F890A243EDC517A2432C3BFA3D] ()
"D:\Utility\Installer\PrintScan\InstallationManager.exe" -> D:\Utility\Installer\PrintScan\InstallationManager.exe [D:\Utility\Installer\PrintScan\InstallationManager.exe:*:Enabled:Xerox Windows Common Print Driver Installer] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\WINDOWS\system32\usmt\migwiz.exe" -> C:\WINDOWS\System32\usmt\migwiz.exe [C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard] -> [2004/08/04 08:00:00 | 000,240,128 | ---- | M | MD5 = 3DC9256DA25BDFF582D7D46C59AD7112] (Microsoft Corporation)
"C:\WINDOWS\system32\xnetsrvc.exe" -> C:\WINDOWS\System32\xnetsrvc.exe [C:\WINDOWS\system32\xnetsrvc.exe:*:Enabled:XnetSrvc Module] -> [2006/09/20 07:52:12 | 000,128,512 | ---- | M | MD5 = 1D9F72F890A243EDC517A2432C3BFA3D] ()
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2007/10/24 10:30:39 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
D:\autorun.inf [[autorun] | OPEN=setup.exe | ICON=\Setup\artwork\setup.ico | | | shell\LVIPCAP\command=techsupt\CaptureTest\Amcap8.exe | shell\LVIPCAP=Tool - Amcap&8.exe | | shell\LVIPCAP\command=Drivers\Bin\setup.exe techsupt | shell\LVIPCAP=Tool - TechSupt Tools | | ] -> D:\autorun.inf [ CDFS ] -> [2007/04/26 13:37:38 | 000,000,246 | R--- | M | MD5 = 6F75AD37B6CDBFF00E3FBB0A72D7612B] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2004/08/04 08:00:00 | 000,199,680 | ---- | M | MD5 = 6580E3EC7593C0621A91387AAB419524] (Intel Corporation)
"msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2010/01/29 10:43:39 | 000,307,260 | ---- | M | MD5 = F3946B534CC197CBFFD9A2ECFD1F556F] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2004/08/04 08:00:00 | 000,086,016 | ---- | M | MD5 = 059FCD11A8F067650ABF6426E1CB43D3] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 08:00:00 | 000,008,192 | ---- | M | MD5 = E8CD0D7E169ECCE2D4FD829DAAB786ED] (DSP GROUP, INC.)
"MSVideo" -> C:\WINDOWS\System32\vfwwdm32.dll [vfwwdm32.dll] -> [2004/08/04 00:56:48 | 000,053,760 | ---- | M | MD5 = FE47364C8E0D2D6D732CE79D33A6E447] (Microsoft Corporation)
"MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2004/08/04 00:56:48 | 000,053,760 | ---- | M | MD5 = FE47364C8E0D2D6D732CE79D33A6E447] (Microsoft Corporation)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2004/08/04 08:00:00 | 000,080,384 | ---- | M | MD5 = F263E68AF3B8ACE47DDB70F075B20782] (Radius Inc.)
"VIDC.I420" -> [lvcodec2.dll] -> File not found
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 08:00:00 | 000,199,168 | ---- | M | MD5 = 43ECA1576906BA76FB3E329A338A3CAE] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 08:00:00 | 000,199,168 | ---- | M | MD5 = 43ECA1576906BA76FB3E329A338A3CAE] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2004/08/04 08:00:00 | 000,848,384 | ---- | M | MD5 = B106530542C5920EDB040A288BD300AB] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2004/08/04 08:00:00 | 000,755,200 | ---- | M | MD5 = 603CC77B5E5F7977DE2ABFBA50CD6854] (Intel Corporation)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
{0291E591-EA41-4c82-8106-3DC6CE7F7664} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 17:55:58 | 000,211,744 | ---- | M | MD5 = 48FF0FA1CAB4AD6ACEF9027F34090880] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{0F8D1931-0575-4FA2-A550-77B28156C73C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\swdir.dll [Shockwave ActiveX Control] -> [2007/08/07 18:20:44 | 000,182,248 | ---- | M | MD5 = 6C90714399BD3F1E7C0503A38EADBAC7] (Adobe Systems, Inc.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\swdir.dll [Shockwave ActiveX Control] -> [2007/08/07 18:20:44 | 000,182,248 | ---- | M | MD5 = 6C90714399BD3F1E7C0503A38EADBAC7] (Adobe Systems, Inc.)
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 17:55:58 | 000,211,744 | ---- | M | MD5 = 48FF0FA1CAB4AD6ACEF9027F34090880] (Yahoo! Inc.)
{347B0667-C7ED-429B-BDE3-CC8D3BACAA31} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 17:55:58 | 000,211,744 | ---- | M | MD5 = 48FF0FA1CAB4AD6ACEF9027F34090880] (Yahoo! Inc.)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{40C83AF8-FEA7-4A6A-A470-431EE84A0886} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/05/03 15:31:30 | 000,108,320 | ---- | M | MD5 = 1C9FADA9BB66DFFC55E3628AD505931F] (Sun Microsystems, Inc.)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [DivXBrowserPlugin Object] -> [2009/11/13 20:47:26 | 002,471,224 | ---- | M | MD5 = EDBA797E78300759A09AF77C77F5D9E7] (DivX,Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d96a05-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d96a06-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d96a07-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d96a08-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d96a0a-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_20.dll [Java Plug-in 1.6.0_20] -> [2010/05/03 15:31:29 | 000,136,992 | ---- | M | MD5 = E06930C34F16C8AD24AD79502F40026A] (Sun Microsystems, Inc.)
{C9A1E9A0-4BEF-4995-9B64-093AAE7B2DB3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2007/05/10 22:26:40 | 000,632,432 | ---- | M | MD5 = 97E41D0A84A5318A970F41A8058D9529] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_20.dll [Java Plug-in 1.6.0_20] -> [2010/05/03 15:31:29 | 000,136,992 | ---- | M | MD5 = E06930C34F16C8AD24AD79502F40026A] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_20.dll [Java Plug-in 1.6.0_20] -> [2010/05/03 15:31:29 | 000,136,992 | ---- | M | MD5 = E06930C34F16C8AD24AD79502F40026A] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_20.dll [Java Plug-in 1.6.0_20] -> [2010/05/03 15:31:29 | 000,136,992 | ---- | M | MD5 = E06930C34F16C8AD24AD79502F40026A] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2010/05/03 15:31:26 | 000,411,368 | ---- | M | MD5 = B8F7C6CA5F8E97249853DBE1DADD1FBC] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2010/05/03 15:31:26 | 000,411,368 | ---- | M | MD5 = B8F7C6CA5F8E97249853DBE1DADD1FBC] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [Shockwave Flash Object] -> [2008/03/24 22:32:42 | 002,991,488 | R--- | M | MD5 = 48FDF435B8595604E54125B321924510] (Adobe Systems, Inc.)
{D742F4EC-5D39-4294-8A17-11969A294512} [HKLM] -> C:\Program Files\Google\Google Updater\2.4.1368.5602\ci.dll [Google Updater Class] -> [2008/10/21 07:56:22 | 001,119,232 | ---- | M | MD5 = 4AEBAB10BD42CBE256C1ED910A613EF9] (Google)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! 工具列] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
{F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files\Google\Google Earth\plugin\ie\5.2.0.5920\plugin_ax.dll [GEPluginCoClass Object] -> [2010/04/02 07:29:32 | 005,102,064 | ---- | M | MD5 = 1E8DE6D80C8175AF22F0C10FB95C01D3] (Google)
{FF4E22ED-17D0-4D43-AD6F-E53D11FA3C61} [HKLM] -> C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/03/19 16:53:34 | 000,220,656 | ---- | M | MD5 = 94E2DDC3BD6C6AA620FD83B2AE87AA9F] (Google Inc.)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{25BC7718-0BFA-40EA-B381-4B2D9732D686} [HKLM] -> C:\Program Files\Yahoo!\Search Protection\ysp.dll [Yahooo Search Protection] -> [2010/03/31 23:34:36 | 000,578,872 | ---- | M | MD5 = 11493B3B499823EE27D84EF60DE40DE9] (Yahoo! Inc.)
{BBF74FB9-ABCD-4678-880A-2511DAABB5E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! 工具列] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{0006F033-0000-0000-C000-000000000046} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE [Microsoft Outlook 8.0 Object Library] -> [2007/10/11 10:16:18 | 000,196,152 | ---- | M | MD5 = 40825ACFC23E0AD28DA1FC63F77E9825] (Microsoft Corporation)
{0006F03A-0000-0000-C000-000000000046} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE [Microsoft Office Outlook] -> [2007/10/11 10:16:18 | 000,196,152 | ---- | M | MD5 = 40825ACFC23E0AD28DA1FC63F77E9825] (Microsoft Corporation)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M | MD5 = C11F6A1F61481E24BE3FDC06EA6F7D2A] (Adobe Systems Incorporated)
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{0E8D0700-75DF-11D3-8B4A-0008C7450C4A} [HKLM] -> C:\Program Files\LizardTech\DjVuControl\DjVuCntl.dll [DjVuCtl Class] -> [2007/02/05 00:03:14 | 000,651,264 | ---- | M | MD5 = 490276F2E85058202D98BB0D0ABC1095] (LizardTech)
{10072CEC-8CC1-11D1-986E-00A0C955B42E} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [PeerDraw Class] -> [2007/07/12 19:31:54 | 000,765,952 | ---- | M | MD5 = 2E172308F1F109BD7B71EE1C093A8961] (Microsoft Corporation)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\swdir.dll [Shockwave ActiveX Control] -> [2007/08/07 18:20:44 | 000,182,248 | ---- | M | MD5 = 6C90714399BD3F1E7C0503A38EADBAC7] (Adobe Systems, Inc.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\swdir.dll [Shockwave ActiveX Control] -> [2007/08/07 18:20:44 | 000,182,248 | ---- | M | MD5 = 6C90714399BD3F1E7C0503A38EADBAC7] (Adobe Systems, Inc.)
{25BC7718-0BFA-40EA-B381-4B2D9732D686} [HKLM] -> C:\Program Files\Yahoo!\Search Protection\ysp.dll [Yahooo Search Protection] -> [2010/03/31 23:34:36 | 000,578,872 | ---- | M | MD5 = 11493B3B499823EE27D84EF60DE40DE9] (Yahoo! Inc.)
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx [DHTML Edit Control Safe for scripting for IE5] -> [2009/07/27 18:40:13 | 000,128,512 | ---- | M | MD5 = A21A6F768867B46D556B1BD6493F9F7F] (Microsoft Corporation)
{38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2007/10/11 10:13:46 | 000,161,336 | ---- | M | MD5 = 4E0A50F32060B2D2D1219EC221230683] (Microsoft Corporation)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 18:09:42 | 000,222,448 | ---- | M | MD5 = BBDE3B4ACB928F30A35DBA4DD11564E1] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/28 05:10:00 | 000,110,652 | ---- | M | MD5 = 42396B471C33ECEA69D832C2004ACCCE] (Sonic Solutions)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [DivXBrowserPlugin Object] -> [2009/11/13 20:47:26 | 002,471,224 | ---- | M | MD5 = EDBA797E78300759A09AF77C77F5D9E7] (DivX,Inc.)
{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/08/07 17:15:06 | 000,138,608 | ---- | M | MD5 = 09F3D779638216DBB6B8D4C1075D6A8F] (Microsoft Corporation)
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx [Facebook Photo Uploader 5 Control] -> [2009/07/29 22:21:24 | 003,540,488 | ---- | M | MD5 = B36353934BB8B0E7CC8557AC5143EF41] ()
{8DCB7100-DF86-4384-8842-8FA844297B3F} [HKLM] -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [MSN Toolbar] -> [2009/12/08 21:29:42 | 000,506,720 | ---- | M | MD5 = 42304A5C69A78FEF990D94D40B26D02F] (Microsoft Corporation)
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [Google Toolbar Notifier BHO] -> [2008/10/21 07:56:29 | 000,652,784 | ---- | M | MD5 = 7D566FF02484EA2BCDEF6E8D7E9D9D13] (Google Inc.)
{B5B8593C-89BC-44A7-BCE3-32FE4FED7C5C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> C:\WINDOWS\Downloaded Program Files\ZIntro.ocx [MSN Games - Installer] -> [2007/02/19 11:26:28 | 000,159,128 | ---- | M | MD5 = E681AC948003CCA59C6C00D3F5EC3D4B] ()
{BBF74FB9-ABCD-4678-880A-2511DAABB5E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BD96C556-65A3-11D0-983A-00C04FC29E36} [HKLM] -> C:\Program Files\Common Files\System\msadc\msadco.dll [RDS.DataSpace] -> [2006/03/23 01:44:21 | 000,143,360 | ---- | M | MD5 = FE31998AB8F25A71C2F2D821006570C1] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2007/05/10 22:26:40 | 000,632,432 | ---- | M | MD5 = 97E41D0A84A5318A970F41A8058D9529] (Adobe Systems, Inc.)
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [Shockwave Flash Object] -> [2008/03/24 22:32:42 | 002,991,488 | R--- | M | MD5 = 48FDF435B8595604E54125B321924510] (Adobe Systems, Inc.)
{D2CE3E00-F94A-4740-988E-03DC2F38C34F} [HKLM] -> C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [MSN Toolbar BHO] -> [2009/12/08 21:29:42 | 000,506,720 | ---- | M | MD5 = 42304A5C69A78FEF990D94D40B26D02F] (Microsoft Corporation)
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx [Virtools WebPlayer Class] -> [2007/11/28 17:54:35 | 000,304,440 | ---- | M | MD5 = 6487F08E12AA59D76B0106EC5A2775EA] (Virtools SA)
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D6A5A215-FBF3-45E5-ABF8-22FF50916184} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DA80E089-4648-43D5-93B4-7F37917084E6} [HKLM] -> C:\WINDOWS\Downloaded Program Files\CacheManager.ocx [CacheManager.CacheManagerCtrl] -> [2006/11/16 12:13:32 | 000,094,208 | ---- | M | MD5 = A2B6DEE17C4D8E5370919B293E9E66B1] ()
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! 工具列] -> [2007/12/18 17:49:22 | 000,817,936 | ---- | M | MD5 = 5A9E77C71D6D7030BC170DD7CF04CF5D] (Yahoo! Inc.)

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Re: Security Warning...Application cannot be executed.

Post by Melissa on Mon 17 May 2010, 10:48 pm

{F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files\Google\Google Earth\plugin\ie\5.2.0.5920\plugin_ax.dll [GEPluginCoClass Object] -> [2010/04/02 07:29:32 | 005,102,064 | ---- | M | MD5 = 1E8DE6D80C8175AF22F0C10FB95C01D3] (Google)
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 -> -> File not found
Ias -> C:\WINDOWS\system32\ias -> [2007/10/24 10:30:13 | 000,000,000 | ---D | M]
Iprip -> -> File not found
Irmon -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
WmdmPmSp -> -> File not found
*MultiFile Done* -> ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vga.sys -> Driver
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
myrm -> 2 = Trusted sites (Not a Default Protocol) ->
myui -> 2 = Trusted sites (Not a Default Protocol) ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{075473F5-846A-448B-BCB3-104AA1760205} -> Roxio Data Module
{08234a0d-cf39-4dca-99f0-0c5cb496da81} -> MSN Toolbar
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Windows Live ID Sign-in Assistant
{08C0729E-3E50-11DF-9D81-005056806466} -> Google Earth
{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Roxio DLA
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{21657574-BD54-48A2-9450-EB03B2C7FC29} -> Roxio MyDVD Plus
{2656D0AB-9EA4-4C58-A117-635F3CED8B93} -> Microsoft UI Engine
{26792CA7-D87A-4DBE-896B-C2F66B344511} -> Roxio CinePlayer
{26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 20
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{5EE7D259-D137-4438-9A5F-42F432EC0421} -> VC80CRTRedist - 8.0.50727.4053
{61BEA823-ECAF-49F1-8378-A59B3B8AD247} -> Microsoft Default Manager
{6517CFDF-B7A4-77B6-2371-C76608D3C976} -> Monopoly
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler
{7E369B27-13E2-41A5-9879-358EE1C8B5AD} -> Broadcom NetXtreme Ethernet Controller
{8215AC14-BFC2-4ECC-96D6-1030202F8BDF} -> Visual C++ 8.0 x86 Runtime Setup Package
{8F971101-FCBD-4293-B917-D5A14FD1DAF9} -> City Navigator North America v7
{90110409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003
{91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD
{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7} -> MSN Toolbar Platform
{A83C6C34-3007-422A-9E56-A74996BCCDBD} -> LogMeIn
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AB708C9B-97C8-4AC9-899B-DBF226AC9382} -> Roxio Audio Module
{AC76BA86-7AD7-1033-7B44-A81200000003} -> Adobe Reader 8.1.2
{B12665F4-4E93-4AB4-B7FC-37053B524629} -> Roxio Copy Module
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Plus Web Player
{CE386A4E-D0DA-4208-8235-BCE43275C694} -> LightScribe 1.4.142.1
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639} -> Microsoft Search Enhancement Pack
{FB64BF25-3593-4E4E-AA85-84AEF1D1475F} -> Broadcom Management Programs
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
Adobe Shockwave Player -> Adobe Shockwave Player
avast5 -> avast! Free Antivirus
DjVu -> Lizardtech DjVu Control (autoinstall)
Google Chrome -> Google Chrome
Google Updater -> Google Updater
HDMI -> Intel(R) Graphics Media Accelerator Driver
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
Monopoly -> Monopoly (remove only)
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
Virtools3DLifePlayer -> Virtools 3D Life Player
Xerox_Phaser_8510_8560 -> Xerox Phaser 8510_8560 Scan Driver
Xerox_Support_Centre -> Xerox Support Centre
Yahoo! Companion -> Yahoo! 工具列
Yahoo! Extras -> Yahoo! Browser Services
Yahoo! Search Defender -> Yahoo! Search Protection
Yahoo! Software Update -> Yahoo! Software Update
YInstHelper -> Yahoo! Install Manager
< Uninstall List [HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\] > -> HKEY_USERS\S-1-5-21-559306488-779710043-2358232105-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 5/14/2010 4:10:45 PM Computer Name = RICH | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Application [ Error ] 5/14/2010 4:10:51 PM Computer Name = RICH | Source = AutoEnrollment | ID = 15 -> Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed.
Application [ Error ] 5/15/2010 9:08:28 AM Computer Name = RICH | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Application [ Error ] 5/15/2010 9:09:29 AM Computer Name = RICH | Source = AutoEnrollment | ID = 15 -> Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed.
Application [ Error ] 5/15/2010 9:12:23 AM Computer Name = RICH | Source = Userenv | ID = 1521 -> Description = Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - The network path was not found.
Application [ Error ] 5/15/2010 9:12:26 AM Computer Name = RICH | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Application [ Error ] 5/15/2010 12:01:01 PM Computer Name = RICH | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Application [ Error ] 5/15/2010 12:01:51 PM Computer Name = RICH | Source = Userenv | ID = 1521 -> Description = Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - The network path was not found.
Application [ Error ] 5/15/2010 12:01:52 PM Computer Name = RICH | Source = Userenv | ID = 1054 -> Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Application [ Error ] 5/15/2010 12:02:01 PM Computer Name = RICH | Source = AutoEnrollment | ID = 15 -> Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed.
System [ Error ] 5/15/2010 11:26:23 AM Computer Name = RICH | Source = Print | ID = 6161 -> Description = The document [You must be registered and logged in to see this link.] owned by keskyr failed to print on printer HP LaserJet 4200 PS. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\RICH. Win32 error code returned by the print processor: 259 (0x103).
System [ Error ] 5/15/2010 11:26:38 AM Computer Name = RICH | Source = Print | ID = 45 -> Description = Document failed to print due to GDI/Driver error in rendering.
System [ Error ] 5/15/2010 11:26:38 AM Computer Name = RICH | Source = Print | ID = 6161 -> Description = The document [You must be registered and logged in to see this link.] owned by keskyr failed to print on printer HP LaserJet 4200 PS. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\RICH. Win32 error code returned by the print processor: 31 (0x1f).
System [ Error ] 5/15/2010 11:40:33 AM Computer Name = RICH | Source = Print | ID = 45 -> Description = Document failed to print due to GDI/Driver error in rendering.
System [ Error ] 5/15/2010 11:40:33 AM Computer Name = RICH | Source = Print | ID = 6161 -> Description = The document [You must be registered and logged in to see this link.] owned by keskyr failed to print on printer HP LaserJet 4200 PS. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\RICH. Win32 error code returned by the print processor: 31 (0x1f).
System [ Error ] 5/15/2010 12:01:01 PM Computer Name = RICH | Source = NETLOGON | ID = 5719 -> Description = No Domain Controller is available for domain REDAPPLEGROUP due to the following: %%1311. Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
System [ Error ] 5/15/2010 12:01:03 PM Computer Name = RICH | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.
System [ Error ] 5/15/2010 12:01:03 PM Computer Name = RICH | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.
System [ Error ] 5/15/2010 12:16:03 PM Computer Name = RICH | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time.
System [ Error ] 5/15/2010 12:46:03 PM Computer Name = RICH | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 60 minutes. NtpClient has no source of accurate time.

[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Documents and Settings\keskyr\Desktop\OTS.exe -> [2010/05/15 11:43:16 | 000,640,000 | ---- | C | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
RECYCLER -> C:\RECYCLER -> [2010/05/14 16:18:56 | 000,000,000 | -HSD | C]
aswSP.sys -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2010/05/14 16:17:36 | 000,164,048 | ---- | C | MD5 = D78B644816DB540E103D0B0766FD9967] (ALWIL Software)
aswFsBlk.sys -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2010/05/14 16:17:36 | 000,019,024 | ---- | C | MD5 = 1B6ED99291DDF5D2501554CC5757AAB6] (ALWIL Software)
aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2010/05/14 16:17:35 | 000,023,376 | ---- | C | MD5 = 3E2B6112D2766F87EDA8466FDE86A986] (ALWIL Software)
aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2010/05/14 16:17:34 | 000,046,672 | ---- | C | MD5 = 606D731008D98B6EF946730C597C1642] (ALWIL Software)
aswmon2.sys -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2010/05/14 16:17:32 | 000,100,432 | ---- | C | MD5 = 81432B1A4B31036C822EB967DECF613C] (ALWIL Software)
aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2010/05/14 16:17:32 | 000,094,800 | ---- | C | MD5 = 5FFE0C6A55930B77686535C070DB408C] (ALWIL Software)
aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2010/05/14 16:17:31 | 000,028,880 | ---- | C | MD5 = A5246ED2586AA807AF0BCF63165A71CC] (ALWIL Software)
aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2010/05/14 16:17:19 | 000,165,032 | ---- | C | MD5 = EE3A0274471DE1ED924E6C5935080495] (ALWIL Software)
avastSS.scr -> C:\WINDOWS\System32\avastSS.scr -> [2010/05/14 16:17:19 | 000,038,848 | ---- | C | MD5 = C3A7AC3D7C71DF622E2828A35ECB84A5] (ALWIL Software)
Alwil Software -> C:\Program Files\Alwil Software -> [2010/05/14 16:17:13 | 000,000,000 | ---D | C]
Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/05/14 16:17:13 | 000,000,000 | ---D | C]
temp -> C:\WINDOWS\temp -> [2010/05/14 16:01:26 | 000,000,000 | ---D | C]
cmdcons -> C:\cmdcons -> [2010/05/14 15:56:13 | 000,000,000 | RHSD | C]
ComboFix -> C:\ComboFix -> [2010/05/14 15:54:09 | 000,000,000 | ---D | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/05/14 15:51:52 | 000,212,480 | ---- | C | MD5 = B1A9CF0B6F80611D31987C247EC630B4] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/05/14 15:51:52 | 000,161,792 | ---- | C | MD5 = 01D95A1F8CF13D07CC564AABB36BCC0B] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/05/14 15:51:52 | 000,136,704 | ---- | C | MD5 = B7517DB073B28F5696A1E5528ABEB5D0] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/05/14 15:51:52 | 000,031,232 | ---- | C | MD5 = AE72E8619CB31D84DA25E2435E55003C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/05/14 15:51:46 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/05/14 15:49:50 | 000,000,000 | ---D | C]
Sun -> C:\WINDOWS\Sun -> [2010/05/03 15:33:58 | 000,000,000 | ---D | C]
Microsoft -> C:\Program Files\Microsoft -> [2010/05/03 15:33:15 | 000,000,000 | ---D | C]
MSN Toolbar -> C:\Program Files\MSN Toolbar -> [2010/05/03 15:33:05 | 000,000,000 | ---D | C]
MSN Toolbar Installer -> C:\Program Files\MSN Toolbar Installer -> [2010/05/03 15:32:26 | 000,000,000 | ---D | C]
Sun -> C:\Documents and Settings\All Users\Application Data\Sun -> [2010/05/03 15:32:12 | 000,000,000 | ---D | C]
Java -> C:\Program Files\Common Files\Java -> [2010/05/03 15:32:12 | 000,000,000 | ---D | C]
Java -> C:\Program Files\Java -> [2010/05/03 15:31:24 | 000,000,000 | ---D | C]
Sun -> C:\Documents and Settings\keskyr\Application Data\Sun -> [2010/05/03 15:30:44 | 000,000,000 | ---D | C]
Downloads -> C:\Documents and Settings\keskyr\My Documents\Downloads -> [2010/02/19 17:15:22 | 000,000,000 | ---D | C]
DivX Shared -> C:\Program Files\Common Files\DivX Shared -> [2010/02/19 17:02:31 | 000,000,000 | ---D | C]
DivX -> C:\Program Files\DivX -> [2010/02/19 17:02:30 | 000,000,000 | ---D | C]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

[Files/Folders - Modified Within 90 Days]
Microsoft Office Word 2003.lnk -> C:\Documents and Settings\keskyr\Desktop\Microsoft Office Word 2003.lnk -> [2010/05/15 12:41:17 | 000,002,497 | ---- | M | MD5 = 564A32048A4A209B0F426D1132334D3A] ()
Microsoft Office Excel 2003.lnk -> C:\Documents and Settings\keskyr\Desktop\Microsoft Office Excel 2003.lnk -> [2010/05/15 12:41:10 | 000,002,495 | ---- | M | MD5 = 7A93125EE6759A179B4D08F97C154C55] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/05/15 12:05:05 | 000,314,838 | ---- | M | MD5 = 9E23F5BF3E45AF00AF9CBFDCE7E8BB18] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/05/15 12:05:05 | 000,041,040 | ---- | M | MD5 = 47D7B2E4A39C57441FCEB80EBE3BBE45] ()
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/05/15 12:05:04 | 000,360,124 | ---- | M | MD5 = FC971EF8975BBFB168369952EDE97C36] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/05/15 12:02:01 | 000,013,646 | ---- | M | MD5 = 9B20FFF4DA943DD1F7D89826900D2AEE] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2010/05/15 12:01:53 | 000,000,882 | ---- | M | MD5 = C8BEA87B856C83FD5367BCFF58A5794F] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/05/15 12:00:52 | 000,000,006 | -H-- | M | MD5 = F1A6CD5ADAAB953A6764EA364E17BFB8] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/05/15 12:00:46 | 000,002,048 | --S- | M | MD5 = 6A2CB42966136854F4464516FBB4AE72] ()
NTUSER.DAT -> C:\Documents and Settings\keskyr\NTUSER.DAT -> [2010/05/15 11:59:52 | 003,145,728 | -H-- | M | Unable to obtain MD5] ()
ntuser.ini -> C:\Documents and Settings\keskyr\ntuser.ini -> [2010/05/15 11:59:52 | 000,000,368 | -HS- | M | MD5 = 1185511F66B849412D478704A5E24CF8] ()
IconCache.db -> C:\Documents and Settings\keskyr\Local Settings\Application Data\IconCache.db -> [2010/05/15 11:59:38 | 003,767,822 | -H-- | M | MD5 = 1B3B27D50DD3F02E6BE4285D3336155B] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2010/05/15 11:58:00 | 000,000,886 | ---- | M | MD5 = E80F230A1F23607EEF34CB3483AB74A7] ()
OTS.exe -> C:\Documents and Settings\keskyr\Desktop\OTS.exe -> [2010/05/15 11:43:17 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010/05/14 16:17:33 | 000,002,626 | ---- | M | MD5 = 9868202B27D747DD709F5A59DD680C50] ()
system.ini -> C:\WINDOWS\system.ini -> [2010/05/14 16:00:23 | 000,000,227 | ---- | M | MD5 = F4D021E764F6FA554606F4A735A3151B] ()
boot.ini -> C:\boot.ini -> [2010/05/14 15:56:18 | 000,000,281 | RHS- | M | MD5 = 5730631551AE7CA5D64E9FA67EB963EB] ()
mfebcdata -> C:\WINDOWS\mfebcdata -> [2010/05/14 15:29:09 | 000,008,212 | ---- | M | MD5 = 38AE53CFC0D5C8D3784BC7F142CE22D6] ()
avastSS.scr -> C:\WINDOWS\System32\avastSS.scr -> [2010/05/06 16:59:57 | 000,038,848 | ---- | M | MD5 = C3A7AC3D7C71DF622E2828A35ECB84A5] (ALWIL Software)
aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2010/05/06 16:59:36 | 000,165,032 | ---- | M | MD5 = EE3A0274471DE1ED924E6C5935080495] (ALWIL Software)
aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2010/05/06 16:39:23 | 000,046,672 | ---- | M | MD5 = 606D731008D98B6EF946730C597C1642] (ALWIL Software)
aswSP.sys -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2010/05/06 16:39:00 | 000,164,048 | ---- | M | MD5 = D78B644816DB540E103D0B0766FD9967] (ALWIL Software)
aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2010/05/06 16:34:27 | 000,023,376 | ---- | M | MD5 = 3E2B6112D2766F87EDA8466FDE86A986] (ALWIL Software)
aswmon2.sys -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2010/05/06 16:33:59 | 000,100,432 | ---- | M | MD5 = 81432B1A4B31036C822EB967DECF613C] (ALWIL Software)
aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2010/05/06 16:33:55 | 000,094,800 | ---- | M | MD5 = 5FFE0C6A55930B77686535C070DB408C] (ALWIL Software)
aswFsBlk.sys -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2010/05/06 16:33:47 | 000,019,024 | ---- | M | MD5 = 1B6ED99291DDF5D2501554CC5757AAB6] (ALWIL Software)
aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2010/05/06 16:33:29 | 000,028,880 | ---- | M | MD5 = A5246ED2586AA807AF0BCF63165A71CC] (ALWIL Software)
ntuser.dat -> C:\Documents and Settings\All Users\ntuser.dat -> [2010/05/01 09:39:17 | 000,262,144 | ---- | M | MD5 = 4E4836FBF4ADAF5F10A81F470A4769F7] ()
Google Chrome.lnk -> C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk -> [2010/04/29 13:58:37 | 000,001,813 | ---- | M | MD5 = AD110A053F6D2EFF7211E40A7BDA2421] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/04/26 15:58:12 | 000,256,512 | ---- | M | MD5 = F1FBA6185A6A2BC6456970914875078E] ()
spider.sav -> C:\Documents and Settings\keskyr\My Documents\spider.sav -> [2010/04/23 10:20:18 | 000,000,572 | ---- | M | MD5 = C6C3D62277C2261E79CB25E337B7CEB8] ()
Google Earth.lnk -> C:\Documents and Settings\All Users\Desktop\Google Earth.lnk -> [2010/04/22 14:00:23 | 000,001,915 | ---- | M | MD5 = 07E96F1FB1C08FD03676172DC87A55D6] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/04/15 16:32:41 | 000,001,374 | ---- | M | MD5 = 3A04244CC251A6E99737F2A17B0AFC18] ()
urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2010/03/11 08:38:54 | 001,168,384 | ---- | M | MD5 = 5CC4CA802CC6EE0EB3DB05133645FB59] (Microsoft Corporation)
wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2010/03/11 08:38:54 | 000,832,512 | ---- | M | MD5 = B6AB2EB1DA4BB29079B84AC842520670] (Microsoft Corporation)
webcheck.dll -> C:\WINDOWS\System32\dllcache\webcheck.dll -> [2010/03/11 08:38:54 | 000,233,472 | ---- | M | MD5 = FDCD38384253953BFD423414560FF635] (Microsoft Corporation)
mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2010/03/11 08:38:53 | 003,599,872 | ---- | M | MD5 = 94359CD5BB6AC1CC08088F4A4091FF1E] (Microsoft Corporation)
mstime.dll -> C:\WINDOWS\System32\mstime.dll -> [2010/03/11 08:38:53 | 000,671,232 | ---- | M | MD5 = D3528F91F7B1C6296549674A971CC664] (Microsoft Corporation)
mstime.dll -> C:\WINDOWS\System32\dllcache\mstime.dll -> [2010/03/11 08:38:53 | 000,671,232 | ---- | M | MD5 = D3528F91F7B1C6296549674A971CC664] (Microsoft Corporation)
mshtmled.dll -> C:\WINDOWS\System32\dllcache\mshtmled.dll -> [2010/03/11 08:38:53 | 000,477,696 | ---- | M | MD5 = 8CC083FC1A0876EFE7318FA33586AA11] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2010/03/11 08:38:53 | 000,459,264 | ---- | M | MD5 = F04BD05DD504C98FE4A9F7CC97DC608A] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2010/03/11 08:38:53 | 000,459,264 | ---- | M | MD5 = F04BD05DD504C98FE4A9F7CC97DC608A] (Microsoft Corporation)
msrating.dll -> C:\WINDOWS\System32\msrating.dll -> [2010/03/11 08:38:53 | 000,193,024 | ---- | M | MD5 = 5AA2B189813A3FDC45D66E8F85930FBD] (Microsoft Corporation)
msrating.dll -> C:\WINDOWS\System32\dllcache\msrating.dll -> [2010/03/11 08:38:53 | 000,193,024 | ---- | M | MD5 = 5AA2B189813A3FDC45D66E8F85930FBD] (Microsoft Corporation)
url.dll -> C:\WINDOWS\System32\url.dll -> [2010/03/11 08:38:53 | 000,105,984 | ---- | M | MD5 = CD5413D6F3040C89565F96B98D4DB830] (Microsoft Corporation)
url.dll -> C:\WINDOWS\System32\dllcache\url.dll -> [2010/03/11 08:38:53 | 000,105,984 | ---- | M | MD5 = CD5413D6F3040C89565F96B98D4DB830] (Microsoft Corporation)
occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2010/03/11 08:38:53 | 000,102,912 | ---- | M | MD5 = E6FD7C2B305DB7421512B48210493491] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2010/03/11 08:38:53 | 000,052,224 | ---- | M | MD5 = 0E44F38D2373738FEFE37D3DC68C79ED] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2010/03/11 08:38:53 | 000,052,224 | ---- | M | MD5 = 0E44F38D2373738FEFE37D3DC68C79ED] (Microsoft Corporation)
pngfilt.dll -> C:\WINDOWS\System32\pngfilt.dll -> [2010/03/11 08:38:53 | 000,044,544 | ---- | M | MD5 = 753B0AF785F696F96F76864DC6BDFFC1] (Microsoft Corporation)
pngfilt.dll -> C:\WINDOWS\System32\dllcache\pngfilt.dll -> [2010/03/11 08:38:53 | 000,044,544 | ---- | M | MD5 = 753B0AF785F696F96F76864DC6BDFFC1] (Microsoft Corporation)
ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2010/03/11 08:38:52 | 006,067,200 | ---- | M | MD5 = A963827DF78D69BC9E9CACA7427C6EDB] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2010/03/11 08:38:52 | 001,830,912 | ---- | M | MD5 = B6D7940BA71A7D3C6CCC256B79B88274] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2010/03/11 08:38:52 | 001,830,912 | ---- | M | MD5 = B6D7940BA71A7D3C6CCC256B79B88274] (Microsoft Corporation)
iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2010/03/11 08:38:52 | 000,268,288 | ---- | M | MD5 = 5C3715E234D70F38C52A689F95DC51F1] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2010/03/11 08:38:52 | 000,192,512 | ---- | M | MD5 = 83F585E33DD5D0FF3E25B2EE6B049F49] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2010/03/11 08:38:52 | 000,192,512 | ---- | M | MD5 = 83F585E33DD5D0FF3E25B2EE6B049F49] (Microsoft Corporation)
ieencode.dll -> C:\WINDOWS\System32\ieencode.dll -> [2010/03/11 08:38:52 | 000,078,336 | ---- | M | MD5 = 95E4DB9C68BA89C8A0C5184685F19EDA] (Microsoft Corporation)
ieencode.dll -> C:\WINDOWS\System32\dllcache\ieencode.dll -> [2010/03/11 08:38:52 | 000,078,336 | ---- | M | MD5 = 95E4DB9C68BA89C8A0C5184685F19EDA] (Microsoft Corporation)
iernonce.dll -> C:\WINDOWS\System32\iernonce.dll -> [2010/03/11 08:38:52 | 000,044,544 | ---- | M | MD5 = D0D45AF74473533AED0AF562D271C088] (Microsoft Corporation)
iernonce.dll -> C:\WINDOWS\System32\dllcache\iernonce.dll -> [2010/03/11 08:38:52 | 000,044,544 | ---- | M | MD5 = D0D45AF74473533AED0AF562D271C088] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2010/03/11 08:38:52 | 000,027,648 | ---- | M | MD5 = 3B821D03BECF4C1C1506B406218B4724] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2010/03/11 08:38:52 | 000,027,648 | ---- | M | MD5 = 3B821D03BECF4C1C1506B406218B4724] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2010/03/11 08:38:51 | 000,385,024 | ---- | M | MD5 = 859C318A2B62428B90DE218957DBBBE7] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2010/03/11 08:38:51 | 000,385,024 | ---- | M | MD5 = 859C318A2B62428B90DE218957DBBBE7] (Microsoft Corporation)
ieapfltr.dll -> C:\WINDOWS\System32\ieapfltr.dll -> [2010/03/11 08:38:51 | 000,380,928 | ---- | M | MD5 = 36DC94549D7219B31931BA5DB70CB499] (Microsoft Corporation)
ieapfltr.dll -> C:\WINDOWS\System32\dllcache\ieapfltr.dll -> [2010/03/11 08:38:51 | 000,380,928 | ---- | M | MD5 = 36DC94549D7219B31931BA5DB70CB499] (Microsoft Corporation)
dxtmsft.dll -> C:\WINDOWS\System32\dxtmsft.dll -> [2010/03/11 08:38:51 | 000,347,136 | ---- | M | MD5 = 482C080A5ACCB1730760D7A2F6B93767] (Microsoft Corporation)
dxtmsft.dll -> C:\WINDOWS\System32\dllcache\dxtmsft.dll -> [2010/03/11 08:38:51 | 000,347,136 | ---- | M | MD5 = 482C080A5ACCB1730760D7A2F6B93767] (Microsoft Corporation)
ieaksie.dll -> C:\WINDOWS\System32\ieaksie.dll -> [2010/03/11 08:38:51 | 000,230,400 | ---- | M | MD5 = 6DBA8BAAC12102FBD3BF850D98F006E0] (Microsoft Corporation)
ieaksie.dll -> C:\WINDOWS\System32\dllcache\ieaksie.dll -> [2010/03/11 08:38:51 | 000,230,400 | ---- | M | MD5 = 6DBA8BAAC12102FBD3BF850D98F006E0] (Microsoft Corporation)
dxtrans.dll -> C:\WINDOWS\System32\dxtrans.dll -> [2010/03/11 08:38:51 | 000,214,528 | ---- | M | MD5 = 8D73E84523E719B44F24E6D47905E92C] (Microsoft Corporation)
dxtrans.dll -> C:\WINDOWS\System32\dllcache\dxtrans.dll -> [2010/03/11 08:38:51 | 000,214,528 | ---- | M | MD5 = 8D73E84523E719B44F24E6D47905E92C] (Microsoft Corporation)
ieakeng.dll -> C:\WINDOWS\System32\ieakeng.dll -> [2010/03/11 08:38:51 | 000,153,088 | ---- | M | MD5 = 8BF2359A10B83035107BBCB4BFE2D007] (Microsoft Corporation)
ieakeng.dll -> C:\WINDOWS\System32\dllcache\ieakeng.dll -> [2010/03/11 08:38:51 | 000,153,088 | ---- | M | MD5 = 8BF2359A10B83035107BBCB4BFE2D007] (Microsoft Corporation)
extmgr.dll -> C:\WINDOWS\System32\dllcache\extmgr.dll -> [2010/03/11 08:38:51 | 000,133,120 | ---- | M | MD5 = 4EC329631D477530A77C4908F97F77C2] (Microsoft Corporation)
advpack.dll -> C:\WINDOWS\System32\dllcache\advpack.dll -> [2010/03/11 08:38:51 | 000,124,928 | ---- | M | MD5 = F2F11B8CE695F367551D84E796BA150D] (Microsoft Corporation)
icardie.dll -> C:\WINDOWS\System32\dllcache\icardie.dll -> [2010/03/11 08:38:51 | 000,063,488 | ---- | M | MD5 = 4F1594B490C85A152B1931A98D2AEBEA] (Microsoft Corporation)
corpol.dll -> C:\WINDOWS\System32\dllcache\corpol.dll -> [2010/03/11 08:38:51 | 000,017,408 | ---- | M | MD5 = 884C8D2591E5CC3C3CAC2B35029D7E7D] (Microsoft Corporation)
corpol.dll -> C:\WINDOWS\System32\corpol.dll -> [2010/03/11 08:38:51 | 000,017,408 | ---- | M | MD5 = 884C8D2591E5CC3C3CAC2B35029D7E7D] (Microsoft Corporation)
html.iec -> C:\WINDOWS\System32\html.iec -> [2010/03/10 09:18:46 | 000,389,120 | ---- | M | MD5 = B0590137D784B9DFD97D7911F751E74D] (Microsoft Corporation)
ieudinit.exe -> C:\WINDOWS\System32\ieudinit.exe -> [2010/03/10 09:18:21 | 000,013,824 | ---- | M | MD5 = C9CE37D0C3F0CC0F303522D31433B6B7] (Microsoft Corporation)
ieudinit.exe -> C:\WINDOWS\System32\dllcache\ieudinit.exe -> [2010/03/10 09:18:21 | 000,013,824 | ---- | M | MD5 = C9CE37D0C3F0CC0F303522D31433B6B7] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\ie4uinit.exe -> [2010/03/10 09:18:20 | 000,070,656 | ---- | M | MD5 = 9BA130F8643F47F4C22FE2E366400ED7] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\dllcache\ie4uinit.exe -> [2010/03/10 09:18:20 | 000,070,656 | ---- | M | MD5 = 9BA130F8643F47F4C22FE2E366400ED7] (Microsoft Corporation)
vbscript.dll -> C:\WINDOWS\System32\vbscript.dll -> [2010/03/09 07:09:18 | 000,430,080 | ---- | M | MD5 = 9BA7044F7BC88FE5C03379E17C6F5391] (Microsoft Corporation)
vbscript.dll -> C:\WINDOWS\System32\dllcache\vbscript.dll -> [2010/03/09 07:09:18 | 000,430,080 | ---- | M | MD5 = 9BA7044F7BC88FE5C03379E17C6F5391] (Microsoft Corporation)
mrxsmb.sys -> C:\WINDOWS\System32\dllcache\mrxsmb.sys -> [2010/02/24 08:31:30 | 000,454,016 | ---- | M | MD5 = FB6C89BB3CE282B08BDB1E3C179E1C39] (Microsoft Corporation)
iexplore.exe -> C:\WINDOWS\System32\dllcache\iexplore.exe -> [2010/02/23 01:20:02 | 000,634,648 | ---- | M | MD5 = B5116340B84824DDD0A641E36B126194] (Microsoft Corporation)
ieakui.dll -> C:\WINDOWS\System32\ieakui.dll -> [2010/02/23 01:18:28 | 000,161,792 | ---- | M | MD5 = BC0E485A15A1F71771933059ABBCD835] (Microsoft Corporation)
ieakui.dll -> C:\WINDOWS\System32\dllcache\ieakui.dll -> [2010/02/23 01:18:28 | 000,161,792 | ---- | M | MD5 = BC0E485A15A1F71771933059ABBCD835] (Microsoft Corporation)
DivX Movies.lnk -> C:\Documents and Settings\keskyr\Desktop\DivX Movies.lnk -> [2010/02/19 17:02:31 | 000,001,448 | ---- | M | MD5 = 2639612AC94F4A58F46941623D3E4CE5] ()
ntoskrnl.exe -> C:\WINDOWS\System32\dllcache\ntoskrnl.exe -> [2010/02/16 09:19:55 | 002,181,376 | ---- | M | MD5 = EBB75B113E74E90074382347B74D652B] (Microsoft Corporation)
ntoskrnl.exe -> C:\WINDOWS\System32\ntoskrnl.exe -> [2010/02/16 09:17:38 | 002,137,088 | ---- | M | MD5 = A63052FA8FB8685382E10EE83C326864] (Microsoft Corporation)
ntkrnlmp.exe -> C:\WINDOWS\System32\dllcache\ntkrnlmp.exe -> [2010/02/16 09:17:38 | 002,137,088 | ---- | M | MD5 = A63052FA8FB8685382E10EE83C326864] (Microsoft Corporation)
ntkrnlpa.exe -> C:\WINDOWS\System32\dllcache\ntkrnlpa.exe -> [2010/02/16 08:39:04 | 002,058,368 | ---- | M | MD5 = 1EE6B94ACA7BE115A1813BBCA65099A8] (Microsoft Corporation)
ntkrpamp.exe -> C:\WINDOWS\System32\dllcache\ntkrpamp.exe -> [2010/02/16 08:39:04 | 002,016,768 | ---- | M | MD5 = 26A901A1840E9E46FFFC6D09B9618CDF] (Microsoft Corporation)
ntkrnlpa.exe -> C:\WINDOWS\System32\ntkrnlpa.exe -> [2010/02/16 08:39:04 | 002,016,768 | ---- | M | MD5 = 26A901A1840E9E46FFFC6D09B9618CDF] (Microsoft Corporation)
wmp.dll -> C:\WINDOWS\System32\dllcache\wmp.dll -> [2010/02/16 07:27:26 | 004,734,976 | ---- | M | MD5 = 167D55F6DE949C5EA4F3AC51AE36F25E] (Microsoft Corporation)
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->

[Files - No Company Name]
Boot.bak -> C:\Boot.bak -> [2010/05/14 15:56:18 | 000,000,211 | ---- | C | MD5 = FA579938B0733B87066546AFE951082C] ()
cmldr -> C:\cmldr -> [2010/05/14 15:56:16 | 000,260,272 | ---- | C | MD5 = 94E5450C43E4CF78E1D3AD4816966909] ()
myClean.bat -> C:\WINDOWS\myClean.bat -> [2010/05/14 15:53:20 | 000,000,306 | ---- | C | MD5 = 68D6CE3C95FFAD3DB37CF0301E3E144D] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/05/14 15:51:52 | 000,256,512 | ---- | C | MD5 = F1FBA6185A6A2BC6456970914875078E] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/05/14 15:51:52 | 000,098,816 | ---- | C | MD5 = 2B657A67AEBB84AEA5632C53E61E23BF] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/05/14 15:51:52 | 000,080,412 | ---- | C | MD5 = 9E05A9C264C8A908A8E79450FCBFF047] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/05/14 15:51:52 | 000,077,312 | ---- | C | MD5 = C5EC72A20B4C98DB5314E6C46765B148] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/05/14 15:51:52 | 000,068,096 | ---- | C | MD5 = 5E832F4FAF5F481F2EAF3B3A48F603B8] ()
mfebcdata -> C:\WINDOWS\mfebcdata -> [2010/05/14 15:29:09 | 000,008,212 | ---- | C | MD5 = 38AE53CFC0D5C8D3784BC7F142CE22D6] ()
ntuser.dat -> C:\Documents and Settings\All Users\ntuser.dat -> [2010/05/01 09:39:17 | 000,262,144 | ---- | C | MD5 = 4E4836FBF4ADAF5F10A81F470A4769F7] ()
ntuser.dat.LOG -> C:\Documents and Settings\All Users\ntuser.dat.LOG -> [2010/05/01 09:39:17 | 000,001,024 | -H-- | C | MD5 = F581582B1B5413B7A9ACCA80453CBD18] ()
spider.sav -> C:\Documents and Settings\keskyr\My Documents\spider.sav -> [2010/04/23 10:20:18 | 000,000,572 | ---- | C | MD5 = C6C3D62277C2261E79CB25E337B7CEB8] ()
Google Earth.lnk -> C:\Documents and Settings\All Users\Desktop\Google Earth.lnk -> [2010/04/22 14:00:23 | 000,001,915 | ---- | C | MD5 = 07E96F1FB1C08FD03676172DC87A55D6] ()
Google Chrome.lnk -> C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk -> [2010/02/19 17:03:21 | 000,001,813 | ---- | C | MD5 = AD110A053F6D2EFF7211E40A7BDA2421] ()
DivX Movies.lnk -> C:\Documents and Settings\keskyr\Desktop\DivX Movies.lnk -> [2010/02/19 17:02:31 | 000,001,448 | ---- | C | MD5 = 2639612AC94F4A58F46941623D3E4CE5] ()
xrxbcnps.dll -> C:\WINDOWS\System32\xrxbcnps.dll -> [2008/01/16 12:37:41 | 000,033,792 | ---- | C | MD5 = 595442C2272182BAFD8C6757F627C81E] ()
xlibeay.dll -> C:\WINDOWS\System32\xlibeay.dll -> [2008/01/16 12:37:40 | 000,831,488 | ---- | C | MD5 = 354E692C84D4EF233F83E770D6186648] ()
xnetsrvc.dll -> C:\WINDOWS\System32\xnetsrvc.dll -> [2008/01/16 12:37:40 | 000,033,280 | ---- | C | MD5 = 8165ED7A731202FEF1FB79A551466D0B] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2007/10/24 11:23:33 | 000,000,376 | ---- | C | MD5 = EC940475561F651E8CCA80C9144191D0] ()
wininit.ini -> C:\WINDOWS\wininit.ini -> [2007/10/24 11:02:17 | 000,000,171 | ---- | C | MD5 = 186841E66E1E80B1D4B87C99A3754907] ()
igfxCoIn_v4764.dll -> C:\WINDOWS\System32\igfxCoIn_v4764.dll -> [2007/10/24 10:49:09 | 000,204,800 | ---- | C | MD5 = 9826B9617A31D31FAC2B2B1DDCFEC6E3] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2007/10/24 10:43:57 | 000,204,800 | ---- | C | MD5 = 429C8B9FF69F06293B4D37F429F0C7B8] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2007/10/24 10:43:57 | 000,200,704 | ---- | C | MD5 = EB79A6540869FAB20201C6D5C02FC633] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2007/10/24 10:43:57 | 000,192,512 | ---- | C | MD5 = F38D5F8C658FA33F907D508A569E1FA8] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2007/10/24 10:43:57 | 000,192,512 | ---- | C | MD5 = D91A2A349BB9E6552BB7361ACE05B174] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2007/10/24 10:43:57 | 000,188,416 | ---- | C | MD5 = 08F077F32332858DD274CB9BDEF0BCBC] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2007/10/24 10:43:57 | 000,020,480 | ---- | C | MD5 = E1D4B1D3D1C634E0F5904666FE578E30] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2007/10/11 10:16:40 | 000,002,695 | ---- | C | MD5 = 509A7197AE66401D1DA76F4BAC1DD0A8] ()
px.ini -> C:\WINDOWS\System32\px.ini -> [2005/12/29 17:47:32 | 000,000,000 | ---- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
ZHHP_RES.DLL -> C:\WINDOWS\System32\ZHHP_RES.DLL -> [2005/06/01 05:46:30 | 011,194,368 | ---- | C | MD5 = EAE99189BB7D74C7C87A135BFE1EA0D4] ()
AGISSI.DLL -> C:\WINDOWS\System32\AGISSI.DLL -> [2005/06/01 05:46:30 | 000,749,568 | ---- | C | MD5 = 81D243B3686739741510D75F7B56E02C] ()
VSHP2600.DLL -> C:\WINDOWS\System32\VSHP2600.DLL -> [2005/06/01 05:46:30 | 000,114,688 | ---- | C | MD5 = 53A2CDB3FA5D90661176140F7F1F65AE] ()
HPBHEALR.DLL -> C:\WINDOWS\System32\HPBHEALR.DLL -> [2002/05/03 04:10:32 | 000,094,274 | ---- | C | MD5 = C51A3D62B0F81897EB0CEF4E47392CB8] ()

[File - Lop Check]
Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/05/14 16:17:13 | 000,000,000 | ---D | M]
MinigolfAdventures -> C:\Documents and Settings\All Users\Application Data\MinigolfAdventures -> [2008/06/01 14:21:56 | 000,000,000 | ---D | M]
NeoEdge Networks -> C:\Documents and Settings\All Users\Application Data\NeoEdge Networks -> [2008/07/03 17:43:06 | 000,000,000 | ---D | M]
TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2008/06/09 14:36:13 | 000,000,000 | ---D | M]
Xerox -> C:\Documents and Settings\All Users\Application Data\Xerox -> [2008/01/16 12:37:49 | 000,000,000 | ---D | M]
iWin -> C:\Documents and Settings\keskyr\Application Data\iWin -> [2008/05/23 14:04:46 | 000,000,000 | ---D | M]
Stamps.com Internet Postage -> C:\Documents and Settings\keskyt\Application Data\Stamps.com Internet Postage -> [2009/01/13 16:14:36 | 000,000,000 | ---D | M]
InterVideo -> C:\Documents and Settings\User\Application Data\InterVideo -> [2007/10/24 10:44:18 | 000,000,000 | ---D | M]

[File - Purity Scan]

[Custom Scans]
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp ->
< %systemroot%\system32\*.exe /lockedfiles >
1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp ->
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
default.sav -> C:\WINDOWS\system32\config\default.sav -> [2007/10/24 06:17:17 | 000,094,208 | ---- | M | MD5 = 8207F85AC6DC4898A60F0E1DBA9ED468] ()
software.sav -> C:\WINDOWS\system32\config\software.sav -> [2007/10/24 06:17:17 | 000,659,456 | ---- | M | MD5 = E177A5914BD27E1C66CEBF379213A6F2] ()
system.sav -> C:\WINDOWS\system32\config\system.sav -> [2007/10/24 06:17:17 | 000,884,736 | ---- | M | MD5 = 565525C5DD1247C081BE5952CE150FBB] ()
< %systemroot%\System32\*.sys >
ansi.sys -> C:\WINDOWS\system32\ansi.sys -> [2004/08/04 08:00:00 | 000,009,029 | ---- | M | MD5 = 8AAD333C876590293F72B315E162BCC7] ()
country.sys -> C:\WINDOWS\system32\country.sys -> [2004/08/04 08:00:00 | 000,027,097 | ---- | M | MD5 = 0FE9F16075C9ACB941C957B7C649176E] ()
himem.sys -> C:\WINDOWS\system32\himem.sys -> [2004/08/04 08:00:00 | 000,004,768 | ---- | M | MD5 = E6BC0F98FECEF245A0010D350C1A0B9B] ()
key01.sys -> C:\WINDOWS\system32\key01.sys -> [2004/08/04 08:00:00 | 000,042,809 | ---- | M | MD5 = 582BCDD47CF4B68B5CB528F18E3CB808] ()
keyboard.sys -> C:\WINDOWS\system32\keyboard.sys -> [2004/08/04 08:00:00 | 000,042,537 | ---- | M | MD5 = FBBCFEC1379C5C02D88A361993EDF1B8] ()
ntdos.sys -> C:\WINDOWS\system32\ntdos.sys -> [2004/08/04 08:00:00 | 000,027,866 | ---- | M | MD5 = FFFF296A08DBF2AC0126C62E3778AC0D] ()
ntdos404.sys -> C:\WINDOWS\system32\ntdos404.sys -> [2004/08/04 08:00:00 | 000,029,146 | ---- | M | MD5 = CF9ED169FF86D935E47999E82359E898] ()
ntdos411.sys -> C:\WINDOWS\system32\ntdos411.sys -> [2004/08/04 08:00:00 | 000,029,370 | ---- | M | MD5 = 03B945AC0481CD8BB161C3569D8ED1C3] ()
ntdos412.sys -> C:\WINDOWS\system32\ntdos412.sys -> [2004/08/04 08:00:00 | 000,029,274 | ---- | M | MD5 = BBC957DC18C17CC027EB80B7C77F2AEA] ()
ntdos804.sys -> C:\WINDOWS\system32\ntdos804.sys -> [2004/08/04 08:00:00 | 000,029,146 | ---- | M | MD5 = 3CFFAEFFF23B0D208214A6D3061A5B1B] ()
ntio.sys -> C:\WINDOWS\system32\ntio.sys -> [2004/08/04 08:00:00 | 000,033,840 | ---- | M | MD5 = 4FE09F868CE65B334B42862C372C69CC] ()
ntio404.sys -> C:\WINDOWS\system32\ntio404.sys -> [2004/08/04 08:00:00 | 000,034,560 | ---- | M | MD5 = 6F73F50162DEF60C84B725C18CD9140F] ()
ntio411.sys -> C:\WINDOWS\system32\ntio411.sys -> [2004/08/04 08:00:00 | 000,035,648 | ---- | M | MD5 = 0FDD5E69C1FF3B58043D44F2CC743D45] ()
ntio412.sys -> C:\WINDOWS\system32\ntio412.sys -> [2004/08/04 08:00:00 | 000,035,424 | ---- | M | MD5 = 8842837C4D8311BF8E72BEE8CCC42217] ()
ntio804.sys -> C:\WINDOWS\system32\ntio804.sys -> [2004/08/04 08:00:00 | 000,034,560 | ---- | M | MD5 = 6B56CEB3C6F9D5CD7293DBD9FE23B311] ()
SP32395.SYS -> C:\WINDOWS\system32\SP32395.SYS -> [2003/04/16 08:00:36 | 000,050,520 | ---- | M | MD5 = 286C93191D49E24FC78B27E993F44B16] (Compaq Computer Corporation)
watchdog.sys -> C:\WINDOWS\system32\watchdog.sys -> [2004/08/04 08:00:00 | 000,017,664 | ---- | M | MD5 = C9BF2F12C4E6C12F8A85FBA4B6BC6208] (Microsoft Corporation)
win32k.sys -> C:\WINDOWS\system32\win32k.sys -> [2009/08/14 08:19:41 | 001,850,112 | ---- | M | MD5 = 1EFBC43B33B83FD7376E63A71830CC69] (Microsoft Corporation)
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
< %systemroot%\System32\drivers\*.dll >
< %systemroot%\System32\drivers\*.ini >
< %systemroot%\System32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
.rnd -> C:\.rnd -> [2007/10/24 11:51:03 | 000,001,024 | ---- | M | MD5 = 98BAB5E844AB711D06B4F438D2A26B77] ()
AUTOEXEC.BAT -> C:\AUTOEXEC.BAT -> [2007/10/24 10:30:39 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
Boot.bak -> C:\Boot.bak -> [2007/10/24 10:25:37 | 000,000,211 | ---- | M | MD5 = FA579938B0733B87066546AFE951082C] ()
boot.ini -> C:\boot.ini -> [2010/05/14 15:56:18 | 000,000,281 | RHS- | M | MD5 = 5730631551AE7CA5D64E9FA67EB963EB] ()
cmldr -> C:\cmldr -> [2004/08/03 23:00:00 | 000,260,272 | ---- | M | MD5 = 94E5450C43E4CF78E1D3AD4816966909] ()
ComboFix.txt -> C:\ComboFix.txt -> [2010/05/14 16:01:22 | 000,009,144 | ---- | M | MD5 = 8F1C8467B9E2169BEB305CA4D7175DF0] ()
CONFIG.SYS -> C:\CONFIG.SYS -> [2007/10/24 10:30:39 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
IO.SYS -> C:\IO.SYS -> [2007/10/24 10:30:39 | 000,000,000 | RHS- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
MSDOS.SYS -> C:\MSDOS.SYS -> [2007/10/24 10:30:39 | 000,000,000 | RHS- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
NTDETECT.COM -> C:\NTDETECT.COM -> [2004/08/04 08:00:00 | 000,047,564 | RHS- | M | MD5 = B2DE3452DE03674C6CEC68B8C8CE7C78] ()
ntldr -> C:\ntldr -> [2004/08/04 08:00:00 | 000,250,032 | RHS- | M | MD5 = 9EC920F4179D45AF3A6638A083D39C85] ()
ntuser.dat -> C:\ntuser.dat -> [2008/10/17 15:34:08 | 000,262,144 | ---- | M | MD5 = 02071E17BB2CC8E2B65278E01E04B75A] ()
ntuser.dat.LOG -> C:\ntuser.dat.LOG -> [2008/10/17 15:34:08 | 000,001,024 | -H-- | M | MD5 = 24856991D9A2E4947DD754BD58A6D5A1] ()
pagefile.sys -> C:\pagefile.sys -> [2010/05/15 12:00:45 | 1598,029,824 | -HS- | M | Unable to obtain MD5] ()
xrxnetsrvc.log -> C:\xrxnetsrvc.log -> [2009/08/19 16:04:30 | 000,555,468 | ---- | M | MD5 = 1B42F4F9F8B9974F31526AE8FA9A00A1] ()
YServer.txt -> C:\YServer.txt -> [2009/08/19 16:01:39 | 000,000,162 | ---- | M | MD5 = C2B4780540FFF4F705DB220E29514FFC] ()
< %PROGRAMFILES%\*. >
Adobe -> C:\Program Files\Adobe -> [2008/08/14 13:13:37 | 000,000,000 | ---D | M]
Alwil Software -> C:\Program Files\Alwil Software -> [2010/05/14 16:17:13 | 000,000,000 | ---D | M]
Broadcom -> C:\Program Files\Broadcom -> [2007/10/24 10:46:18 | 000,000,000 | ---D | M]
Common Files -> C:\Program Files\Common Files -> [2010/05/14 15:58:19 | 000,000,000 | ---D | M]
ComPlus Applications -> C:\Program Files\ComPlus Applications -> [2007/10/24 10:27:39 | 000,000,000 | ---D | M]
DivX -> C:\Program Files\DivX -> [2010/02/19 17:02:49 | 000,000,000 | ---D | M]
Google -> C:\Program Files\Google -> [2010/04/22 14:00:04 | 000,000,000 | ---D | M]
InstallShield Installation Information -> C:\Program Files\InstallShield Installation Information -> [2008/06/16 20:45:21 | 000,000,000 | -H-D | M]
Internet Explorer -> C:\Program Files\Internet Explorer -> [2010/04/01 03:01:05 | 000,000,000 | ---D | M]
InterVideo -> C:\Program Files\InterVideo -> [2007/10/24 10:43:53 | 000,000,000 | ---D | M]
Java -> C:\Program Files\Java -> [2010/05/03 15:31:24 | 000,000,000 | ---D | M]
LizardTech -> C:\Program Files\LizardTech -> [2008/01/02 18:15:46 | 000,000,000 | ---D | M]
LogMeIn -> C:\Program Files\LogMeIn -> [2008/01/23 09:45:57 | 000,000,000 | ---D | M]
McAfee -> C:\Program Files\McAfee -> [2010/05/14 15:53:54 | 000,000,000 | ---D | M]
Messenger -> C:\Program Files\Messenger -> [2009/05/05 08:37:59 | 000,000,000 | ---D | M]
Microsoft -> C:\Program Files\Microsoft -> [2010/05/03 15:33:15 | 000,000,000 | ---D | M]
Microsoft ActiveSync -> C:\Program Files\Microsoft ActiveSync -> [2007/10/24 11:22:03 | 000,000,000 | ---D | M]
microsoft frontpage -> C:\Program Files\microsoft frontpage -> [2007/10/24 10:30:54 | 000,000,000 | ---D | M]
Microsoft Office -> C:\Program Files\Microsoft Office -> [2007/10/24 11:21:09 | 000,000,000 | ---D | M]
Microsoft Windows Small Business Server -> C:\Program Files\Microsoft Windows Small Business Server -> [2007/10/24 11:59:19 | 000,000,000 | ---D | M]
Microsoft.NET -> C:\Program Files\Microsoft.NET -> [2007/10/24 11:22:25 | 000,000,000 | ---D | M]
Movie Maker -> C:\Program Files\Movie Maker -> [2010/03/10 04:02:19 | 000,000,000 | ---D | M]
MSN -> C:\Program Files\MSN -> [2010/05/03 15:33:37 | 000,000,000 | ---D | M]
MSN Games -> C:\Program Files\MSN Games -> [2008/06/05 16:54:54 | 000,000,000 | ---D | M]
MSN Gaming Zone -> C:\Program Files\MSN Gaming Zone -> [2007/10/24 10:27:16 | 000,000,000 | ---D | M]
MSN Toolbar -> C:\Program Files\MSN Toolbar -> [2010/05/03 15:33:09 | 000,000,000 | ---D | M]
MSN Toolbar Installer -> C:\Program Files\MSN Toolbar Installer -> [2010/05/03 15:33:23 | 000,000,000 | ---D | M]
NetMeeting -> C:\Program Files\NetMeeting -> [2007/10/24 10:28:47 | 000,000,000 | ---D | M]
Online Services -> C:\Program Files\Online Services -> [2007/10/24 10:27:25 | 000,000,000 | ---D | M]
Outlook Express -> C:\Program Files\Outlook Express -> [2010/05/14 10:04:03 | 000,000,000 | ---D | M]
Realtek -> C:\Program Files\Realtek -> [2007/10/24 10:49:37 | 000,000,000 | ---D | M]
Roxio -> C:\Program Files\Roxio -> [2007/10/24 11:01:57 | 000,000,000 | ---D | M]
Sonic -> C:\Program Files\Sonic -> [2007/10/24 11:02:24 | 000,000,000 | ---D | M]
Uninstall Information -> C:\Program Files\Uninstall Information -> [2007/10/24 10:35:13 | 000,000,000 | -H-D | M]
Virtools -> C:\Program Files\Virtools -> [2007/11/28 17:54:35 | 000,000,000 | ---D | M]
Windows Media Player -> C:\Program Files\Windows Media Player -> [2007/10/24 11:33:28 | 000,000,000 | ---D | M]
Windows NT -> C:\Program Files\Windows NT -> [2007/10/24 10:27:07 | 000,000,000 | ---D | M]
WindowsUpdate -> C:\Program Files\WindowsUpdate -> [2007/10/24 10:29:33 | 000,000,000 | -H-D | M]
xerox -> C:\Program Files\xerox -> [2008/01/16 12:37:47 | 000,000,000 | ---D | M]
Yahoo! -> C:\Program Files\Yahoo! -> [2010/05/01 09:39:19 | 000,000,000 | ---D | M]
Yahoo! Games -> C:\Program Files\Yahoo! Games -> [2009/08/19 16:01:08 | 000,000,000 | ---D | M]
< %appdata%\*.* >
desktop.ini -> C:\Documents and Settings\keskyr\Application Data\desktop.ini -> [2007/10/24 06:18:38 | 000,000,062 | -HS- | M | MD5 = 88CF0FF92A4A9FA7BD9B7513B2E9E22B] ()

[Alternate Data Streams]
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54301EF8
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6D222DF8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E9307D7
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F683177
< End of report >
[/code]

Melissa

Rookie Surfer
Rookie Surfer

Posts: 53
Joined: 2009-07-26
Operating System: Microsoft windows xp

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


Permissions in this forum:
You cannot reply to topics in this forum