Unknown Problem

View previous topic View next topic Go down

Unknown Problem

Post by aww1157 on 4th June 2010, 11:18 pm

Hi, My computer, running XP3, has been failing to connect to several websites. Other than that, it seems to be running OK. I downloaded OTL and attempted to run the scan twice but it keeps freezing up and will not complete the scan. I attempted to download and run HiJackThis but it would not install. Any suggestions?

Thanks!!

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 4:07 am

Forgot to mention, I have run Avira scans and Malwarebytes, both came out clean.

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 5th June 2010, 5:52 pm



Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 8:13 pm

Sent you a PM Jay. Thanks

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 5th June 2010, 8:43 pm

Please download MySystem-Search from one of the following links:
  • Save the file to your Desktop.
  • Double-click on mss.exe
  • Allow it to run, and follow the prompts.
  • Once done, it will launch a log.
  • Post it in your next reply.
Note: the logs are long. Please use more than one post, if necessary.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:15 pm

MySystem-Search

Run on 06/05/2010 at 15:49:02

MSS v1.2


Basic System Information


Host Name: WINTEC
OS Name: Microsoft Windows XP Professional
OS Version: 5.1.2600 Service Pack 3 Build 2600
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: Owner
Registered Organization: Owner
Product ID: 76487-OEM-0081336-89780
Original Install Date: 12/31/2004, 11:13:02 PM
System Up Time: 4 Days, 19 Hours, 55 Minutes, 31 Seconds
System Manufacturer: FOXCON
System Model: AWRDACPI
System type: X86-based PC
Processor(s): 1 Processor(s) Installed.
[01]: x86 Family 15 Model 4 Stepping 3 GenuineIntel ~3000 Mhz
BIOS Version: FOXCON - 42302e31
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (GMT-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2,038 MB
Available Physical Memory: 1,413 MB
Virtual Memory: Max Size: 2,048 MB
Virtual Memory: Available: 2,008 MB
Virtual Memory: In Use: 40 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\WINTEC
Hotfix(s): 270 Hotfix(s) Installed.
[01]: File 1
[02]: File 1
[03]: File 1
[04]: File 1
[05]: File 1
[06]: File 1
[07]: File 1
[08]: File 1
[09]: File 1
[10]: File 1
[11]: File 1
[12]: File 1
[13]: File 1
[14]: File 1
[15]: File 1
[16]: File 1
[17]: File 1
[18]: File 1
[19]: File 1
[20]: File 1
[21]: File 1
[22]: File 1
[23]: File 1
[24]: File 1
[25]: File 1
[26]: File 1
[27]: File 1
[28]: File 1
[29]: File 1
[30]: File 1
[31]: File 1
[32]: File 1
[33]: File 1
[34]: File 1
[35]: File 1
[36]: File 1
[37]: File 1
[38]: File 1
[39]: File 1
[40]: File 1
[41]: File 1
[42]: File 1
[43]: File 1
[44]: File 1
[45]: File 1
[46]: File 1
[47]: File 1
[48]: File 1
[49]: File 1
[50]: File 1
[51]: File 1
[52]: File 1
[53]: File 1
[54]: File 1
[55]: File 1
[56]: File 1
[57]: File 1
[58]: File 1
[59]: File 1
[60]: File 1
[61]: File 1
[62]: File 1
[63]: File 1
[64]: File 1
[65]: File 1
[66]: File 1
[67]: File 1
[68]: File 1
[69]: File 1
[70]: File 1
[71]: File 1
[72]: File 1
[73]: File 1
[74]: File 1
[75]: File 1
[76]: File 1
[77]: File 1
[78]: File 1
[79]: File 1
[80]: File 1
[81]: File 1
[82]: File 1
[83]: File 1
[84]: File 1
[85]: File 1
[86]: File 1
[87]: File 1
[88]: File 1
[89]: File 1
[90]: File 1
[91]: File 1
[92]: File 1
[93]: File 1
[94]: File 1
[95]: File 1
[96]: File 1
[97]: File 1
[98]: File 1
[99]: File 1
[100]: File 1
[101]: File 1
[102]: File 1
[103]: File 1
[104]: File 1
[105]: File 1
[106]: File 1
[107]: File 1
[108]: File 1
[109]: File 1
[110]: File 1
[111]: File 1
[112]: File 1
[113]: File 1
[114]: File 1
[115]: File 1
[116]: File 1
[117]: File 1
[118]: File 1
[119]: File 1
[120]: File 1
[121]: File 1
[122]: File 1
[123]: Q147222
[124]: KB887998 - QFE
[125]: KB930494 - QFE
[126]: KB953295 - QFE
[127]: SP3 - SP
[128]: M953297 - Update
[129]: S867460 - Update
[130]: KB900325 - Update
[131]: Q936181
[132]: Q954430
[133]: Q973688
[134]: IDNMitigationAPIs - Update
[135]: NLSDownlevelMapping - Update
[136]: KB929399
[137]: KB952069_WM9
[138]: KB954155_WM9
[139]: KB968816_WM9
[140]: KB973540_WM9
[141]: KB917734_WMP10
[142]: KB936782_WMP10
[143]: KB939683
[144]: KB954154_WM11
[145]: KB925398_WMP64
[146]: KB923689
[147]: KB941569
[148]: KB928090-IE7 - Update
[149]: KB929969 - Update
[150]: KB931768-IE7 - Update
[151]: KB933566-IE7 - Update
[152]: KB937143-IE7 - Update
[153]: KB938127-IE7 - Update
[154]: KB939653-IE7 - Update
[155]: KB942615-IE7 - Update
[156]: KB944533-IE7 - Update
[157]: KB947864-IE7 - Update
[158]: KB950759-IE7 - Update
[159]: KB953838-IE7 - Update
[160]: KB963027-IE7 - Update
[161]: KB969897-IE7 - Update
[162]: KB972260-IE7 - Update
[163]: KB974455-IE7 - Update
[164]: KB976325-IE7 - Update
[165]: KB976749-IE7 - Update
[166]: KB978207-IE7 - Update
[167]: KB980182-IE7 - Update
[168]: KB971513 - Update
[169]: MSCompPackV1 - Update
[170]: KB936929 - Service Pack
[171]: KB952011 - Update
[172]: KB953295 - Update
[173]: KB915800-v4 - Update
[174]: KB923561 - Update
[175]: KB938464 - Update
[176]: KB938464-v2 - Update
[177]: KB946648 - Update
[178]: KB950760 - Update
[179]: KB950762 - Update
[180]: KB950974 - Update
[181]: KB951066 - Update
[182]: KB951072-v2 - Update
[183]: KB951376 - Update
[184]: KB951376-v2 - Update
[185]: KB951698 - Update
[186]: KB951748 - Update
[187]: KB951978 - Update
[188]: KB952004 - Update
[189]: KB952287 - Update
[190]: KB952954 - Update
[191]: KB953839 - Update
[192]: KB954211 - Update
[193]: KB954550-v5 - Update
[194]: KB954600 - Update
[195]: KB955069 - Update
[196]: KB955759 - Update
[197]: KB955839 - Update
[198]: KB956391 - Update
[199]: KB956572 - Update
[200]: KB956744 - Update
[201]: KB956802 - Update
[202]: KB956803 - Update
[203]: KB956841 - Update
[204]: KB956844 - Update
[205]: KB957095 - Update
[206]: KB957097 - Update
[207]: KB958644 - Update
[208]: KB958687 - Update
[209]: KB958690 - Update
[210]: KB958869 - Update
[211]: KB959426 - Update
[212]: KB960225 - Update
[213]: KB960715 - Update
[214]: KB960803 - Update
[215]: KB960859 - Update
[216]: KB961118 - Update
[217]: KB961371 - Update
[218]: KB961373 - Update
[219]: KB961501 - Update
[220]: KB967715 - Update
[221]: KB968389 - U

NetWork Card(s): 2 NIC(s) Installed.
[01]: Realtek RTL8139/810x Family Fast Ethernet NIC
Connection Name: Local Area Connection
Status: Media disconnected
[02]: Compact Wireless-G USB Adapter
Connection Name: Wireless Network Connection 4
DHCP Enabled: Yes
DHCP Server: 192.168.1.1
IP address(es)
[01]: 192.168.1.101


CD Emulation Drivers running?



Peer-to-Peer applications?



File associations

.exe=exefile
.scr=scrfile
.pif=piffile
.com=comfile
.bat=batfile
.cmd=cmdfile
.log=txtfile
.txt=txtfile
.reg=regfile
.sys=sysfile
.dll=dllfile


Running processes

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:17 pm

Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 28 K
System 4 Console 0 236 K
smss.exe 756 Console 0 416 K
csrss.exe 816 Console 0 5,504 K
winlogon.exe 840 Console 0 5,020 K
services.exe 884 Console 0 3,340 K
lsass.exe 896 Console 0 8,492 K
svchost.exe 1104 Console 0 5,760 K
svchost.exe 1148 Console 0 5,104 K
svchost.exe 1292 Console 0 42,996 K
svchost.exe 1508 Console 0 6,896 K
spoolsv.exe 1700 Console 0 6,888 K
sched.exe 1756 Console 0 796 K
avguard.exe 1780 Console 0 15,968 K
svchost.exe 1852 Console 0 3,500 K
mDNSResponder.exe 416 Console 0 3,692 K
cisvc.exe 428 Console 0 188 K
ehRecvr.exe 488 Console 0 4,636 K
ehSched.exe 584 Console 0 4,628 K
jqs.exe 672 Console 0 1,400 K
MDM.EXE 712 Console 0 3,012 K
SMAgent.exe 776 Console 0 1,824 K
svchost.exe 812 Console 0 6,432 K
svchost.exe 800 Console 0 4,348 K
WLService.exe 1184 Console 0 1,648 K
searchindexer.exe 1232 Console 0 13,964 K
WUSB54GC.exe 1240 Console 0 19,480 K
alg.exe 2212 Console 0 3,732 K
explorer.exe 2660 Console 0 31,988 K
ehtray.exe 3528 Console 0 1,844 K
igfxtray.exe 3596 Console 0 3,568 K
hkcmd.exe 3660 Console 0 3,008 K
ehmsas.exe 3976 Console 0 2,696 K
igfxpers.exe 284 Console 0 2,888 K
svchost.exe 1728 Console 0 3,532 K
SMax4PNP.exe 1480 Console 0 4,148 K
SMax4.exe 2376 Console 0 4,140 K
issch.exe 2424 Console 0 1,548 K
QTTask.exe 2716 Console 0 2,508 K
hpztsb09.exe 2752 Console 0 3,028 K
hpcmpmgr.exe 3088 Console 0 8,532 K
hpwuSchd2.exe 3136 Console 0 5,528 K
hphmon05.exe 3332 Console 0 4,708 K
jusched.exe 3356 Console 0 2,868 K
avgnt.exe 3440 Console 0 1,552 K
msmsgs.exe 3788 Console 0 2,144 K
ctfmon.exe 3868 Console 0 4,288 K
HPZipm12.exe 3904 Console 0 2,224 K
AWC.exe 444 Console 0 25,544 K
dllhost.exe 2248 Console 0 6,316 K
WindowsSearch.exe 2584 Console 0 10,432 K
cidaemon.exe 3952 Console 0 472 K
ISUSPM.exe 2240 Console 0 14,924 K
agent.exe 2076 Console 0 3,976 K
searchprotocolhost.exe 624 Console 0 5,256 K
searchfilterhost.exe 1412 Console 0 4,484 K
mss.exe 3780 Console 0 2,496 K
cmd.exe 3852 Console 0 1,784 K
wmiprvse.exe 1808 Console 0 8,468 K
wmiprvse.exe 168 Console 0 4,968 K
tasklist.exe 3576 Console 0 4,588 K


Hidden objects

PATH: C:\windows

$hf_mig$
$MSI31Uninstall_KB893803v2$
$NtServicePackUninstall$
$NtServicePackUninstallIDNMitigationAPIs$
$NtServicePackUninstallNLSDownlevelMapping$
$NtUninstallbasecsp$
$NtUninstallKB873333$
$NtUninstallKB873339$
$NtUninstallKB885250$
$NtUninstallKB885835$
$NtUninstallKB885836$
$NtUninstallKB886185$
$NtUninstallKB887472$
$NtUninstallKB887742$
$NtUninstallKB887998$
$NtUninstallKB888113$
$NtUninstallKB888302$
$NtUninstallKB890046$
$NtUninstallKB890859$
$NtUninstallKB891781$
$NtUninstallKB893066$
$NtUninstallKB893086$
$NtUninstallKB893756$
$NtUninstallKB894391$
$NtUninstallKB896358$
$NtUninstallKB896422$
$NtUninstallKB896423$
$NtUninstallKB896424$
$NtUninstallKB896428$
$NtUninstallKB896727$
$NtUninstallKB898461$
$NtUninstallKB899587$
$NtUninstallKB899588$
$NtUninstallKB899589$
$NtUninstallKB899591$
$NtUninstallKB900325$
$NtUninstallKB900485$
$NtUninstallKB900725$
$NtUninstallKB901017$
$NtUninstallKB901214$
$NtUninstallKB902344$
$NtUninstallKB902400$
$NtUninstallKB903157$
$NtUninstallKB904706$
$NtUninstallKB904942$
$NtUninstallKB905414$
$NtUninstallKB905749$
$NtUninstallKB908519$
$NtUninstallKB908531$
$NtUninstallKB910437$
$NtUninstallKB911280$
$NtUninstallKB911562$
$NtUninstallKB911567$
$NtUninstallKB911927$
$NtUninstallKB912919$
$NtUninstallKB913580$
$NtUninstallKB914388$
$NtUninstallKB914389$
$NtUninstallKB914440$
$NtUninstallKB915800-v4$
$NtUninstallKB915865$
$NtUninstallKB916281$
$NtUninstallKB916595$
$NtUninstallKB917159$
$NtUninstallKB917344$
$NtUninstallKB917422$
$NtUninstallKB917734_WMP10$
$NtUninstallKB917953$
$NtUninstallKB918118$
$NtUninstallKB918439$
$NtUninstallKB918899$
$NtUninstallKB918899_0$
$NtUninstallKB919007$
$NtUninstallKB920213$
$NtUninstallKB920214$
$NtUninstallKB920670$
$NtUninstallKB920683$
$NtUninstallKB920685$
$NtUninstallKB920872$
$NtUninstallKB921398$
$NtUninstallKB921503$
$NtUninstallKB921883$
$NtUninstallKB922582$
$NtUninstallKB922616$
$NtUninstallKB922819$
$NtUninstallKB923191$
$NtUninstallKB923414$
$NtUninstallKB923561$
$NtUninstallKB923561_0$
$NtUninstallKB923689$
$NtUninstallKB923694$
$NtUninstallKB923980$
$NtUninstallKB924191$
$NtUninstallKB924270$
$NtUninstallKB924496$
$NtUninstallKB924496_0$
$NtUninstallKB924667$
$NtUninstallKB925398_WMP64$
$NtUninstallKB925486$
$NtUninstallKB925720$
$NtUninstallKB925766$
$NtUninstallKB925902$
$NtUninstallKB926255$
$NtUninstallKB926436$
$NtUninstallKB927779$
$NtUninstallKB927802$
$NtUninstallKB927891$
$NtUninstallKB928255$
$NtUninstallKB928843$
$NtUninstallKB929123$
$NtUninstallKB929338$
$NtUninstallKB929399$
$NtUninstallKB930178$
$NtUninstallKB930494$
$NtUninstallKB930916$
$NtUninstallKB931261$
$NtUninstallKB931784$
$NtUninstallKB931836$
$NtUninstallKB932168$
$NtUninstallKB932823-v3$
$NtUninstallKB933360$
$NtUninstallKB933729$
$NtUninstallKB935839$
$NtUninstallKB935840$
$NtUninstallKB936021$
$NtUninstallKB936357$
$NtUninstallKB936782_WMP10$
$NtUninstallKB937894$
$NtUninstallKB938464$
$NtUninstallKB938464-v2$
$NtUninstallKB938464_0$
$NtUninstallKB938828$
$NtUninstallKB938829$
$NtUninstallKB939683$
$NtUninstallKB940157$
$NtUninstallKB941202$
$NtUninstallKB941568$
$NtUninstallKB941569$
$NtUninstallKB941644$
$NtUninstallKB941693$
$NtUninstallKB942763$
$NtUninstallKB943055$
$NtUninstallKB943460$
$NtUninstallKB943485$
$NtUninstallKB943729$
$NtUninstallKB944653$
$NtUninstallKB945553$
$NtUninstallKB946026$
$NtUninstallKB946648$
$NtUninstallKB946648_0$
$NtUninstallKB948590$
$NtUninstallKB948881$
$NtUninstallKB950749$
$NtUninstallKB950760$
$NtUninstallKB950762$
$NtUninstallKB950762_0$
$NtUninstallKB950974$
$NtUninstallKB950974_0$
$NtUninstallKB951066$
$NtUninstallKB951066_0$
$NtUninstallKB951072-v2$
$NtUninstallKB951376$
$NtUninstallKB951376-v2$
$NtUninstallKB951376-v2_0$
$NtUninstallKB951376_0$
$NtUninstallKB951698$
$NtUninstallKB951698_0$
$NtUninstallKB951748$
$NtUninstallKB951748_0$
$NtUninstallKB951978$
$NtUninstallKB952004$
$NtUninstallKB952004_0$
$NtUninstallKB952011$
$NtUninstallKB952069_WM9$
$NtUninstallKB952287$
$NtUninstallKB952287_0$
$NtUninstallKB952954$
$NtUninstallKB952954_0$
$NtUninstallKB953295$
$NtUninstallKB953839$
$NtUninstallKB954154_WM11$
$NtUninstallKB954155_WM9$
$NtUninstallKB954211$
$NtUninstallKB954211_0$
$NtUninstallKB954459$
$NtUninstallKB954600$
$NtUninstallKB954600_0$
$NtUninstallKB955069$
$NtUninstallKB955069_0$
$NtUninstallKB955759$
$NtUninstallKB955839$
$NtUninstallKB956391$
$NtUninstallKB956572$
$NtUninstallKB956572_0$
$NtUninstallKB956744$
$NtUninstallKB956802$
$NtUninstallKB956802_0$
$NtUninstallKB956803$
$NtUninstallKB956803_0$
$NtUninstallKB956841$
$NtUninstallKB956841_0$
$NtUninstallKB956844$
$NtUninstallKB957095$
$NtUninstallKB957095_0$
$NtUninstallKB957097$
$NtUninstallKB957097_0$
$NtUninstallKB958644$
$NtUninstallKB958644_0$
$NtUninstallKB958687$
$NtUninstallKB958687_0$
$NtUninstallKB958690$
$NtUninstallKB958690_0$
$NtUninstallKB958869$
$NtUninstallKB959426$
$NtUninstallKB959426_0$
$NtUninstallKB960225$
$NtUninstallKB960225_0$
$NtUninstallKB960715$
$NtUninstallKB960803$
$NtUninstallKB960803_0$
$NtUninstallKB960859$
$NtUninstallKB961118$
$NtUninstallKB961118_0$
$NtUninstallKB961371$
$NtUninstallKB961373$
$NtUninstallKB961373_0$
$NtUninstallKB961501$
$NtUninstallKB963093$
$NtUninstallKB967715$
$NtUninstallKB967715_0$
$NtUninstallKB968389$
$NtUninstallKB968537$
$NtUninstallKB968816_WM9$
$NtUninstallKB969059$
$NtUninstallKB969898$
$NtUninstallKB969947$
$NtUninstallKB970238$
$NtUninstallKB970430$
$NtUninstallKB970653-v3$
$NtUninstallKB971468$
$NtUninstallKB971486$
$NtUninstallKB971513$
$NtUninstallKB971557$
$NtUninstallKB971633$
$NtUninstallKB971657$
$NtUninstallKB971737$
$NtUninstallKB971961$
$NtUninstallKB972270$
$NtUninstallKB973346$
$NtUninstallKB973354$
$NtUninstallKB973507$
$NtUninstallKB973525$
$NtUninstallKB973540_WM9$
$NtUninstallKB973687$
$NtUninstallKB973768$
$NtUninstallKB973815$
$NtUninstallKB973869$
$NtUninstallKB973904$
$NtUninstallKB974112$
$NtUninstallKB974318$
$NtUninstallKB974392$
$NtUninstallKB974571$
$NtUninstallKB975025$
$NtUninstallKB975467$
$NtUninstallKB975560$
$NtUninstallKB975561$
$NtUninstallKB975713$
$NtUninstallKB976098-v2$
$NtUninstallKB977165-v2$
$NtUninstallKB977816$
$NtUninstallKB977914$
$NtUninstallKB978037$
$NtUninstallKB978251$
$NtUninstallKB978262$
$NtUninstallKB978338$
$NtUninstallKB978542$
$NtUninstallKB978601$
$NtUninstallKB978706$
$NtUninstallKB979306$
$NtUninstallKB979309$
$NtUninstallKB979683$
$NtUninstallKB980232$
$NtUninstallKB981349$
$NtUninstallKB981793$
$NtUninstallMSCompPackV1$
$NtUninstallWIC$
$NtUninstallWMFDist11$
$NtUninstallwmp11$
$NtUninstallWudf01000$
ie7
inf
Installer
msdownld.tmp
WindowsShell.Manifest
winnt.bmp
winnt256.bmp

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:17 pm

PATH: C:\windows\system32

7DB1AFB434.sys
cdplayer.exe.manifest
dllcache
KGyGaAvL.sys
logonui.exe.manifest
mlfcache.dat
ncpa.cpl.manifest
nwc.cpl.manifest
sapi.cpl.manifest
Scrnscps.GID
WindowsLogon.manifest
wuaucpl.cpl.manifest


PATH: C:\windows\system32\drivers



PATH: C:\

boot.ini
boot.ini.whitecanyon
ehthumbs.db
hiberfil.sys
IO.SYS
MSDOS.SYS
MSOCache
NTDETECT.COM
ntldr
pagefile.sys
RECYCLER
System Volume Information


User Profile check

public


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Documents and Settings
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
Flags REG_DWORD 0xc
State REG_DWORD 0x0
RefCount REG_DWORD 0x1
Sid REG_BINARY 010100000000000512000000
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService
Sid REG_BINARY 010100000000000513000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xaf392666
ProfileLoadTimeHigh REG_DWORD 0x1cb0135
RefCount REG_DWORD 0x4

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService
Sid REG_BINARY 010100000000000514000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xaf0bd9b8
ProfileLoadTimeHigh REG_DWORD 0x1cb0135
RefCount REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-161134817-1714075396-1781636095-1003
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\default
Sid REG_BINARY 010500000000000515000000E1B89A0904B72A66FF9B316AEB030000
Flags REG_DWORD 0x0
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x95cc1270
ProfileLoadTimeHigh REG_DWORD 0x1c9528f
RefCount REG_DWORD 0x0
RunLogonscriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-161134817-1714075396-1781636095-1004
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Test
Sid REG_BINARY 010500000000000515000000E1B89A0904B72A66FF9B316AEC030000
Flags REG_DWORD 0x0
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x5c0db250
ProfileLoadTimeHigh REG_DWORD 0x1c5c908
RefCount REG_DWORD 0x0
RunLogonscriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
NextLogonCacheable REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-161134817-1714075396-1781636095-1005
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\test2
Sid REG_BINARY 010500000000000515000000E1B89A0904B72A66FF9B316AED030000
Flags REG_DWORD 0x0
State REG_DWORD 0x4
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x663a39b8
ProfileLoadTimeHigh REG_DWORD 0x1c5c90a
RefCount REG_DWORD 0x0
RunLogonscriptSync REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-161134817-1714075396-1781636095-1010
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Owner
Sid REG_BINARY 010500000000000515000000E1B89A0904B72A66FF9B316AF2030000
Flags REG_DWORD 0x1
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0xbe6e8680
ProfileLoadTimeHigh REG_DWORD 0x1cb0135
RefCount REG_DWORD 0x2
RunLogonscriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
NextLogonCacheable REG_DWORD 0x0


Current Scheduled Tasks

PATH: C:\Windows\Tasks

Ad-Aware Update (Weekly).job
Google Software Updater.job
HP Usg Daily.job
desktop.ini
Microsoft_Hardware_Launch_IType_exe.job
SA.DAT


Windows Drivers and NT-Services

Volume in drive C has no label.
Volume Serial Number is A4EE-8BEA

Directory of C:\Windows\System32\Drivers

Volume in drive C has no label.
Volume Serial Number is A4EE-8BEA

Directory of C:\Windows\System32\Drivers

09/10/1999 12:06 PM 25,244 ASPI32.SYS
08/17/2001 06:59 AM 3,072 audstub.sys
08/17/2001 01:51 PM 3,328 pciide.sys
08/17/2001 02:48 PM 12,160 mouhid.sys
01/06/2004 12:58 AM 69,575 HidCom.sys
07/17/2004 11:35 AM 67,866 netwlan5.img
07/17/2004 11:36 AM 64,352 ativmc20.cod
07/17/2004 10:55 PM 129,045 cxthsfs2.cty
08/03/2004 03:31 PM 20,992 RTL8139.sys
08/03/2004 10:29 PM 57,856 atinbtxx.sys
08/03/2004 10:29 PM 701,440 ati2mtag.sys
08/03/2004 10:29 PM 327,040 ati2mtaa.sys
08/03/2004 10:29 PM 11,615 ati1mdxx.sys
08/03/2004 10:29 PM 12,047 ati1pdxx.sys
08/03/2004 10:29 PM 52,224 atinraxx.sys
08/03/2004 10:29 PM 56,623 ati1btxx.sys
08/03/2004 10:29 PM 13,824 atinmdxx.sys
08/03/2004 10:29 PM 14,336 atinpdxx.sys
08/03/2004 10:29 PM 31,744 atinxbxx.sys
08/03/2004 10:29 PM 73,216 atintuxx.sys
08/03/2004 10:29 PM 13,824 atinttxx.sys
08/03/2004 10:29 PM 28,672 atinsnxx.sys
08/03/2004 10:29 PM 26,367 ati1snxx.sys
08/03/2004 10:29 PM 104,960 atinrvxx.sys
08/03/2004 10:29 PM 21,343 ati1ttxx.sys
08/03/2004 10:29 PM 29,455 ati1xbxx.sys
08/03/2004 10:29 PM 34,735 ati1xsxx.sys
08/03/2004 10:29 PM 36,463 ati1tuxx.sys
08/03/2004 10:29 PM 30,671 ati1raxx.sys
08/03/2004 10:29 PM 63,663 ati1rvxx.sys
08/03/2004 10:29 PM 63,488 atinxsxx.sys
08/03/2004 10:29 PM 452,736 mtxparhm.sys
08/03/2004 10:29 PM 11,295 wadv08nt.sys
08/03/2004 10:29 PM 11,807 wadv07nt.sys
08/03/2004 10:29 PM 11,871 wadv09nt.sys
08/03/2004 10:29 PM 11,935 wadv11nt.sys
08/03/2004 10:29 PM 25,471 watv10nt.sys
08/03/2004 10:29 PM 22,271 watv06nt.sys
08/03/2004 10:29 PM 166,912 s3gnbm.sys
08/03/2004 10:29 PM 1,897,408 nv4_mini.sys
08/03/2004 10:41 PM 1,309,184 mtlstrm.sys
08/03/2004 10:41 PM 13,776 recagent.sys
08/03/2004 10:41 PM 126,686 mtlmnt5.sys
08/03/2004 10:41 PM 180,360 ntmtlfax.sys
08/03/2004 10:41 PM 129,535 slnt7554.sys
08/03/2004 10:41 PM 404,990 slntamr.sys
08/03/2004 10:41 PM 95,424 slnthal.sys
08/03/2004 10:41 PM 13,240 slwdmsup.sys
08/03/2004 10:41 PM 220,032 hsfbs2s2.sys
08/03/2004 10:41 PM 685,056 hsfcxts2.sys
08/03/2004 10:41 PM 11,868 mdmxsdk.sys
08/03/2004 10:41 PM 1,041,536 hsfdpsp2.sys
08/10/2004 03:45 AM 11,008 mhndrv.sys
08/10/2004 05:00 AM 352,256 atmuni.sys
08/10/2004 05:00 AM 31,360 atmepvc.sys
08/10/2004 05:00 AM 4,736 usbd.sys
08/10/2004 05:00 AM 58,112 vdmindvd.sys
08/10/2004 05:00 AM 646 gmreadme.txt
08/10/2004 05:00 AM 4,352 wmilib.sys
08/10/2004 05:00 AM 32,896 ipfltdrv.sys
08/10/2004 05:00 AM 125,056 ftdisk.sys
08/10/2004 05:00 AM 7,680 mcd.sys
08/10/2004 05:00 AM 12,160 fsvga.sys
08/10/2004 05:00 AM 4,224 beep.sys
08/10/2004 05:00 AM 5,888 rootmdm.sys
08/10/2004 05:00 AM 12,032 riodrv.sys
08/10/2004 05:00 AM 12,032 rio8drv.sys
08/10/2004 05:00 AM 3,440,660 gm.dls
08/10/2004 05:00 AM 4,224 rdpcdd.sys
08/10/2004 05:00 AM 34,432 rawwan.sys
08/10/2004 05:00 AM 16,512 raspti.sys
08/10/2004 05:00 AM 13,952 cbidf2k.sys
08/10/2004 05:00 AM 18,688 cdaudio.sys
08/10/2004 05:00 AM 8,832 rasacd.sys
08/10/2004 05:00 AM 21,376 tsbvcap.sys
08/10/2004 05:00 AM 17,792 ptilink.sys
08/10/2004 05:00 AM 262,528 cinemst2.sys
08/10/2004 05:00 AM 51,712 tosdvd.sys
08/10/2004 05:00 AM 11,776 cpqdap01.sys
08/10/2004 05:00 AM 2,944 null.sys
08/10/2004 05:00 AM 11,648 acpiec.sys
08/10/2004 05:00 AM 12,032 ws2ifsl.sys
08/10/2004 05:00 AM 7,936 fs_rec.sys
08/10/2004 05:00 AM 6,784 parvdm.sys
08/10/2004 05:00 AM 4,224 mnmdd.sys
08/10/2004 05:00 AM 3,456 oprghdlr.sys
08/10/2004 05:00 AM 55,936 nwlnkspx.sys
08/10/2004 05:00 AM 5,888 dmload.sys
08/10/2004 05:00 AM 63,232 nwlnknb.sys
08/10/2004 05:00 AM 32,512 nwlnkfwd.sys
08/10/2004 05:00 AM 12,416 nwlnkflt.sys
08/10/2004 05:00 AM 10,496 dxapi.sys
08/10/2004 05:00 AM 14,592 smclib.sys
08/10/2004 05:00 AM 3,328 dxgthk.sys
08/10/2004 05:00 AM 12,032 nikedrv.sys
08/10/2004 11:39 PM 41,984 DGIVECP.SYS
09/13/2004 09:00 AM 88,960 MidiSyn.sys
01/01/2005 10:16 PM 20,747 AegisP.sys
02/01/2005 07:18 PM 17,992 bcm42rly.sys
02/28/2005 09:01 PM 392,704 senfilt.sys
03/03/2005 08:10 PM 74,496 Rtlnicxp.sys
03/04/2005 04:53 AM 127,872 aeaudio.sys
03/28/2005 09:19 AM 220,992 smwdm.sys
04/24/2005 07:56 PM 889,628 ialmnt5.sys
09/21/2005 08:07 AM etc
11/17/2005 06:38 PM 2,048 rt73.bin
11/24/2005 07:51 PM 245,248 rt73.sys
09/28/2006 06:55 PM 77,568 WudfPf.sys
09/28/2006 07:00 PM 82,944 WudfRd.sys
10/18/2006 04:00 AM 36,624 pxhelp20.sys
10/18/2006 08:00 PM 38,528 wpdusb.sys
11/13/2007 03:25 AM 20,480 secdrv.sys
04/13/2008 09:36 AM 144,384 hdaudbus.sys
04/13/2008 09:39 AM 142,592 aec.sys
04/13/2008 11:31 AM 35,840 processr.sys
04/13/2008 11:31 AM 42,752 p3.sys
04/13/2008 11:31 AM 36,736 crusoe.sys
04/13/2008 11:31 AM 37,376 amdk6.sys
04/13/2008 11:31 AM 36,352 intelppm.sys
04/13/2008 11:31 AM 37,760 amdk7.sys
04/13/2008 11:32 AM 66,048 udfs.sys
04/13/2008 11:32 AM 19,072 msfs.sys
04/13/2008 11:32 AM 30,848 npfs.sys
04/13/2008 11:32 AM 180,608 mrxdav.sys
04/13/2008 11:32 AM 196,224 rdpdr.sys
04/13/2008 11:32 AM 129,792 fltmgr.sys
04/13/2008 11:33 AM 44,544 fips.sys
04/13/2008 11:34 AM 163,584 nwrdr.sys
04/13/2008 11:36 AM 5,888 smbali.sys
04/13/2008 11:36 AM 187,776 acpi.sys
04/13/2008 11:36 AM 42,368 agp440.sys
04/13/2008 11:36 AM 42,752 alim1541.sys
04/13/2008 11:36 AM 43,008 amdagp.sys
04/13/2008 11:36 AM 40,960 sisagp.sys
04/13/2008 11:36 AM 44,928 agpcpq.sys
04/13/2008 11:36 AM 44,672 uagp35.sys
04/13/2008 11:36 AM 42,240 viaagp.sys
04/13/2008 11:36 AM 46,464 gagp30kx.sys
04/13/2008 11:36 AM 37,248 isapnp.sys
04/13/2008 11:36 AM 63,744 mf.sys
04/13/2008 11:36 AM 120,192 pcmcia.sys
04/13/2008 11:36 AM 79,232 sdbus.sys
04/13/2008 11:36 AM 68,224 pci.sys
04/13/2008 11:36 AM 15,488 mssmbios.sys
04/13/2008 11:36 AM 73,472 sr.sys
04/13/2008 11:38 AM 71,168 dxg.sys
04/13/2008 11:39 AM 92,544 mqac.sys
04/13/2008 11:39 AM 384,768 update.sys
04/13/2008 11:39 AM 42,368 mountmgr.sys
04/13/2008 11:39 AM 23,040 mouclass.sys
04/13/2008 11:39 AM 24,576 kbdclass.sys
04/13/2008 11:39 AM 14,592 kbdhid.sys
04/13/2008 11:39 AM 5,376 mspclock.sys
04/13/2008 11:39 AM 4,992 mspqm.sys
04/13/2008 11:39 AM 7,552 mskssrv.sys
04/13/2008 11:39 AM 4,352 swenum.sys
04/13/2008 11:40 AM 80,128 parport.sys
04/13/2008 11:40 AM 15,744 serenum.sys
04/13/2008 11:40 AM 27,392 fdc.sys
04/13/2008 11:40 AM 20,480 flpydisk.sys
04/13/2008 11:40 AM 57,600 redbook.sys
04/13/2008 11:40 AM 24,960 pciidex.sys
04/13/2008 11:40 AM 5,504 intelide.sys
04/13/2008 11:40 AM 96,512 atapi.sys
04/13/2008 11:40 AM 96,384 scsiport.sys
04/13/2008 11:40 AM 14,208 diskdump.sys
04/13/2008 11:40 AM 62,976 cdrom.sys
04/13/2008 11:40 AM 11,008 sffp_sd.sys
04/13/2008 11:40 AM 11,904 sffdisk.sys
04/13/2008 11:40 AM 36,352 disk.sys
04/13/2008 11:40 AM 10,240 sffp_mmc.sys
04/13/2008 11:40 AM 11,392 sfloppy.sys
04/13/2008 11:40 AM 19,712 partmgr.sys
04/13/2008 11:40 AM 14,976 tape.sys
04/13/2008 11:40 AM 42,112 imapi.sys
04/13/2008 11:41 AM 52,352 volsnap.sys
04/13/2008 11:43 AM 12,672 mutohpen.sys
04/13/2008 11:43 AM 14,208 wacompen.sys
04/13/2008 11:44 AM 81,664 videoprt.sys
04/13/2008 11:44 AM 20,992 vga.sys
04/13/2008 11:44 AM 153,344 dmio.sys
04/13/2008 11:44 AM 799,744 dmboot.sys
04/13/2008 11:45 AM 52,864 dmusic.sys
04/13/2008 11:45 AM 6,272 splitter.sys
04/13/2008 11:45 AM 172,416 kmixer.sys
04/13/2008 11:45 AM 56,576 swmidi.sys
04/13/2008 11:45 AM 2,944 drmkaud.sys
04/13/2008 11:45 AM 60,160 drmk.sys
04/13/2008 11:45 AM 49,408 stream.sys
04/13/2008 11:45 AM 24,960 hidparse.sys
04/13/2008 11:45 AM 36,864 hidclass.sys
04/13/2008 11:45 AM 19,200 hidir.sys
04/13/2008 11:45 AM 10,368 hidusb.sys
04/13/2008 11:45 AM 46,592 irbus.sys
04/13/2008 11:45 AM 15,104 usbscan.sys
04/13/2008 11:45 AM 20,608 usbuhci.sys
04/13/2008 11:45 AM 30,208 usbehci.sys
04/13/2008 11:45 AM 143,872 usbport.sys
04/13/2008 11:45 AM 59,520 usbhub.sys
04/13/2008 11:45 AM 26,368 usbstor.sys
04/13/2008 11:45 AM 32,128 usbccgp.sys
04/13/2008 11:45 AM 25,600 usbcamd.sys
04/13/2008 11:45 AM 25,728 usbcamd2.sys
04/13/2008 11:45 AM 15,872 usbintel.sys
04/13/2008 11:46 AM 25,344 sonydcam.sys
04/13/2008 11:46 AM 121,984 usbvideo.sys
04/13/2008 11:46 AM 18,944 bthusb.sys
04/13/2008 11:46 AM 25,600 hidbth.sys
04/13/2008 11:46 AM 36,480 bthprint.sys
04/13/2008 11:46 AM 59,136 rfcomm.sys
04/13/2008 11:46 AM 37,888 bthmodem.sys
04/13/2008 11:46 AM 17,024 bthenum.sys
04/13/2008 11:47 AM 25,856 usbprint.sys
04/13/2008 11:51 AM 61,824 nic1394.sys
04/13/2008 11:51 AM 59,904 atmarpc.sys
04/13/2008 11:51 AM 60,800 arp1394.sys
04/13/2008 11:51 AM 55,808 atmlane.sys
04/13/2008 11:51 AM 101,120 bthpan.sys
04/13/2008 11:53 AM 40,320 nmnt.sys
04/13/2008 11:53 AM 71,552 bridge.sys
04/13/2008 11:53 AM 36,608 ip6fw.sys
04/13/2008 11:54 AM 11,264 irenum.sys
04/13/2008 11:55 AM 14,592 ndisuio.sys
04/13/2008 11:56 AM 12,288 tunmp.sys
04/13/2008 11:56 AM 34,688 netbios.sys
04/13/2008 11:56 AM 88,320 nwlnkipx.sys
04/13/2008 11:56 AM 35,072 msgpc.sys
04/13/2008 11:56 AM 69,120 psched.sys
04/13/2008 11:56 AM 12,800 usb8023x.sys
04/13/2008 11:56 AM 30,592 rndismpx.sys
04/13/2008 11:56 AM 30,592 rndismp.sys
04/13/2008 11:56 AM 12,800 usb8023.sys
04/13/2008 11:57 AM 20,864 ipinip.sys
04/13/2008 11:57 AM 152,832 ipnat.sys
04/13/2008 11:57 AM 34,560 wanarp.sys
04/13/2008 11:57 AM 10,112 ndistapi.sys
04/13/2008 11:57 AM 14,336 asyncmac.sys
04/13/2008 11:57 AM 40,576 ndproxy.sys
04/13/2008 11:57 AM 41,472 raspppoe.sys
04/13/2008 12:00 PM 19,072 tdi.sys
04/13/2008 12:00 PM 30,080 modem.sys
04/13/2008 12:14 PM 63,744 cdfs.sys
04/13/2008 12:14 PM 143,744 fastfat.sys
04/13/2008 12:15 PM 64,512 serial.sys
04/13/2008 12:15 PM 574,976 ntfs.sys
04/13/2008 12:15 PM 60,800 sysaudio.sys
04/13/2008 12:16 PM 49,536 classpnp.sys
04/13/2008 12:16 PM 141,056 ks.sys
04/13/2008 12:17 PM 105,344 mup.sys
04/13/2008 12:17 PM 83,072 wdmaud.sys
04/13/2008 12:18 PM 52,480 i8042prt.sys
04/13/2008 12:19 PM 146,048 portcls.sys
04/13/2008 12:19 PM 75,264 ipsec.sys
04/13/2008 12:19 PM 51,328 rasl2tp.sys
04/13/2008 12:19 PM 48,384 raspptp.sys
04/13/2008 12:20 PM 182,656 ndis.sys
04/13/2008 12:20 PM 91,520 ndiswan.sys
04/13/2008 12:21 PM 162,816 netbt.sys
04/13/2008 12:28 PM 175,744 rdbss.sys
04/13/2008 05:11 PM 3,647 adv07nt5.dll
04/13/2008 05:11 PM 3,135 adv08nt5.dll
04/13/2008 05:11 PM 3,615 adv05nt5.dll
04/13/2008 05:11 PM 4,255 adv01nt5.dll
04/13/2008 05:11 PM 3,967 adv02nt5.dll
04/13/2008 05:11 PM 3,775 adv11nt5.dll
04/13/2008 05:11 PM 3,711 adv09nt5.dll
04/13/2008 05:11 PM 17,279 atv10nt5.dll
04/13/2008 05:11 PM 14,143 atv06nt5.dll
04/13/2008 05:11 PM 21,183 atv01nt5.dll
04/13/2008 05:11 PM 11,359 atv02nt5.dll
04/13/2008 05:11 PM 25,471 atv04nt5.dll
04/13/2008 05:11 PM 15,423 ch7xxnt5.dll
04/13/2008 05:12 PM 3,901 siint5.dll
04/13/2008 05:12 PM 11,325 vchnt5.dll
04/13/2008 05:13 PM 12,040 tdpipe.sys
04/13/2008 05:13 PM 40,840 termdd.sys
04/13/2008 05:13 PM 21,896 tdtcp.sys
04/13/2008 05:13 PM 139,656 rdpwd.sys
05/08/2008 07:02 AM 203,136 rmcast.sys
06/13/2008 04:05 AM 272,128 bthport.sys
06/20/2008 04:51 AM 361,600 tcpip.sys
08/14/2008 03:04 AM 138,496 afd.sys
02/13/2009 12:17 PM 45,416 avgntdd.sys
02/13/2009 12:29 PM 22,360 avgntmgr.sys
03/25/2009 06:29 AM 130,432 Rtnicxp.sys
03/30/2009 10:33 AM 96,104 avipbb.sys
05/11/2009 10:12 AM 28,520 ssmdrv.sys
06/24/2009 04:18 AM 92,928 ksecdd.sys
08/26/2009 10:40 PM 21,568 HPZius12.sys
08/26/2009 10:41 PM 16,496 HPZipr12.sys
08/26/2009 10:41 PM 49,920 HPZid412.sys
09/08/2009 09:33 AM disdn
10/20/2009 09:20 AM 265,728 http.sys
11/25/2009 12:19 PM 56,816 avgntflt.sys
12/31/2009 09:50 AM 353,792 srv.sys
02/11/2010 05:02 AM 226,880 tcpip6.sys
02/24/2010 06:11 AM 455,680 mrxsmb.sys
04/05/2010 09:45 PM UMDF
04/29/2010 03:39 PM 20,952 mbam.sys
04/29/2010 03:39 PM 38,224 mbamswissarmy.sys
05/21/2010 11:20 AM .
05/21/2010 11:20 AM ..
297 File(s) 29,109,559 bytes
5 Dir(s) 135,971,717,120 bytes free


Virtual drives found?



Environment variables

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WINTEC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\WINTEC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0403
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=WINTEC
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


Stealth malware?


Internet Explorer


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Enable_Disk_Cache REG_SZ yes
Cache_Percent_of_Disk REG_BINARY 0A000000
Delete_Temp_Files_On_Exit REG_SZ yes
Local Page REG_EXPAND_SZ %SystemRoot%\system32\blank.htm
Anchor_Visitation_Horizon REG_BINARY 01000000
Use_Async_DNS REG_SZ yes
Placeholder_Width REG_BINARY 1A000000
Placeholder_Height REG_BINARY 1A000000
Start Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
CompanyName REG_SZ Microsoft Corporation
Custom_Key REG_SZ MICROSO
Wizard_Version REG_SZ 6.0.2600.0000
Default_Secondary_Page_URL REG_MULTI_SZ \0\0
Extensions Off Page REG_SZ about:NoAdd-ons
Security Risk Page REG_SZ about:SecurityRisk
Check_Associations REG_SZ yes
IEWatsonDisable REG_DWORD 0x1
BigBitmap REG_SZ custom\38vrzn_static.bmp
SmallBitmap REG_SZ custom\22vrzn_static.bmp

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 7.0; Win32)
IE5_UA_Backup_Flag REG_SZ 5.0
NoNetAutodial REG_DWORD 0x0
MigrateProxy REG_DWORD 0x1
EnableNegotiate REG_DWORD 0x1
ProxyEnable REG_DWORD 0x0
EmailName REG_SZ IEUser@
AutoConfigProxy REG_SZ wininet.dll
MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
WarnOnPost REG_BINARY 01000000
UseSchannelDirectly REG_BINARY 01000000
EnableHttp1_1 REG_DWORD 0x1
SecureProtocols REG_DWORD 0xa0
PrivDiscUiShown REG_DWORD 0x1
PrivacyAdvanced REG_DWORD 0x0
WarnonZoneCrossing REG_DWORD 0x0
EnableAutodial REG_DWORD 0x0
WarnOnIntranet REG_DWORD 0x0
ProxyHttp1.1 REG_DWORD 0x1
ShowPunycode REG_DWORD 0x0
EnablePunycode REG_DWORD 0x1
UrlEncoding REG_DWORD 0x0
DisableIDNPrompt REG_DWORD 0x0
CertificateRevocation REG_DWORD 0x0
DisableCachingOfSSLPages REG_DWORD 0x0
WarnonBadCertRecving REG_DWORD 0x1
WarnOnPostRedirect REG_DWORD 0x1
MaxConnectionsPerServer REG_DWORD 0xa
MaxConnectionsPer1_0Server REG_DWORD 0xa
ProxyOverride REG_SZ *.local
SyncMode5 REG_DWORD 0x4
GlobalUserOffline REG_DWORD 0x0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
Disable script Debugger REG_SZ yes
Search Page REG_SZ
Anchor Underline REG_SZ yes
Cache_Update_Frequency REG_SZ Once_Per_Session
Display Inline Images REG_SZ yes
Do404Search REG_BINARY 01000000
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Save_Session_History_On_Exit REG_SZ no
Show_FullURL REG_SZ no
Show_StatusBar REG_SZ yes
Show_ToolBar REG_SZ yes
Show_URLinStatusBar REG_SZ yes
Show_URLToolBar REG_SZ yes
Use_DlgBox_Colors REG_SZ yes
XMLHTTP REG_DWORD 0x1
UseClearType REG_SZ no
SearchMigrated REG_DWORD 0x1
SearchMigratedDefaultName REG_SZ Yahoo! Search
SearchMigratedDefaultURL REG_SZ http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
Expand Alt Text REG_SZ no
Move System Caret REG_SZ no
NoUpdateCheck REG_DWORD 0x1
NscSingleExpand REG_DWORD 0x0
DisablescriptDebuggerIE REG_SZ yes
Error Dlg Displayed On Every Error REG_SZ no
Page_Transitions REG_DWORD 0x1
FavIntelliMenus REG_SZ no
Enable Browser Extensions REG_SZ yes
UseThemes REG_DWORD 0x1
EnableSearchPane REG_DWORD 0x0
Force Offscreen Composition REG_DWORD 0x0
NotifyDownloadComplete REG_SZ yes
AllowWindowReuse REG_DWORD 0x1
Enable AutoImageResize REG_SZ yes
Play_Animations REG_SZ yes
Play_Background_Sounds REG_SZ yes
Show image placeholders REG_DWORD 0x0
Print_Background REG_SZ no
AutoSearch REG_DWORD 0x4
FullScreen REG_SZ no
Window_Placement REG_BINARY 2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3A0100000D000000B7030000D7020000
CompatibilityFlags REG_DWORD 0x0
SearchMigratedInstalled REG_DWORD 0x1
RunOnceHasShown REG_DWORD 0x1
RunOnceComplete REG_DWORD 0x1
Start Page REG_SZ http://www.google.com/
FormSuggest PW Ask REG_SZ no
Use FormSuggest REG_SZ no
AutoHide REG_SZ yes
AlwaysShowMenus REG_DWORD 0x1
StatusBarWeb REG_DWORD 0x0
Friendly http errors REG_SZ no
SmoothScroll REG_DWORD 0x0
Use StyleSheets REG_SZ yes
Use Search Asst REG_SZ
Search Bar REG_SZ
SearchAssistant REG_SZ

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default Feeds

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} REG_SZ

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} REG_BINARY 00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\QuickComplete

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt


Security Center

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:19 pm

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
NoRemove REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 4.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare 3_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon MP3 Downloader

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avira AntiVir Desktop

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Branding

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Easy DVD Shrink

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Updater

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884016

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB884267

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB885353

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB886612

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887078

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB887626

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB888656

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB889858

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB891122

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892130

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892313

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893240

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893241

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893803

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895181

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895316

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB895572

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB897586

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB898549

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB900325

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB900399

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB902344

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB903157

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB907658

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB909520

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911565

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911854

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB913433

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB915800-v4

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB917734_WMP10

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923561

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923689

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_WMP64

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB925766

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB928090-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB929399

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB929969

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB931768-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB931906

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB933566-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB936782_WMP10

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB937143-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938127-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938464

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938464-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB939653-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB939683

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB940157

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB941569

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB942615-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB943729

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB944533-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB946648

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB947864-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950759-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950760

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950762

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950974

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951066

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951072-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951698

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951748

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951978

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952004

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952011

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952069_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952287

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952954

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953295

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953838-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953839

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954154_WM11

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954155_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954211

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954459

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954550-v5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954600

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955069

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955759

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955839

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956390-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956391

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956572

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956744

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956802

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956803

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956841

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956844

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957095

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957097

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958644

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958687

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958690

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958869

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959426

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960225

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960715

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960803

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960859

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961118

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961371

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961373

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961501

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB963027-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB963093

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB967715

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968389

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968537

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968816_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969059

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969897-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969898

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969947

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970238

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970430

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970653-v3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971468

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971486

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971513

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971557

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971633

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971657

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971737

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971961

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972260-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972270

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973346

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973354

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973507

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973525

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973687

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973768

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973815

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973869

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973904

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974112

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974318

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974392

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974455-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974571

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975025

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975467

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975560

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975561

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975713

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976098-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976325-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976749-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977165-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977816

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977914

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978037

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978251

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978262

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978338

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978542

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978601

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978706

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979306

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979309

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979683

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980182-IE7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980232

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981349

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981793

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\M953297

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 3.5 SP1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft PhotoDraw 2000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSN Music Assistant

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Screenscapes

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedFan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBlaster_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WGA

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wmp11

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{00000409-78E1-11D2-B60F-006097C998E7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{00040409-78E1-11D2-B60F-006097C998E7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{07287123-B8AC-41CE-8346-3D777245C35B}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216015FB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216019FB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216020FB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{287ECFA4-719A-2143-A09B-D6A12DE54E40}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2CCBABCB-6427-4A55-B091-49864623C43F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CCC7F68-A437-4559-A840-F5E010934951}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BBDFB3E-F8BE-4D52-98BA-B6087F8F1D58}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8777AC6D-89F9-4793-8266-DE406F343E89}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8A708DD8-A5E6-11D4-A706-000629E95E20}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0020-0409-0000-0000000FF1CE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{91120409-6000-11D3-8CFE-0150048383C9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{94FB906A-CF42-4128-A509-D353026A607E}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00AF-0409-0000-0000000FF1CE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00B9-0409-0000-0000000FF1CE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98E8A2EF-4EAE-43B8-A172-74842B764777}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{998D6972-F58E-479D-9248-8F179E55AE38}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2BCA9F1-566C-4805-97D1-7FDC93386723}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A93000000001}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-5464-3428-900000000004}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C04E32E0-0416-434D-AFB9-6969D703A9EF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DE2EBD6F-81B6-4E9A-B137-C11FD6790CFF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EFE26D3B-2789-4068-A5BB-77E389FAEB98}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0A37341-D692-11D4-A984-009027EC0A9C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF0D5234-E7D8-41DA-9287-C89C3B045ADC}

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LEGO Digital Designer

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Move Networks Player - IE

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New LEGO Digital Designer

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Octoshape add-in for Adobe Flash Player

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer


Autorun

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:25 pm

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Advanced SystemCare 3 REG_SZ "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
ehTray REG_SZ C:\WINDOWS\ehome\ehtray.exe
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
Persistence REG_SZ C:\WINDOWS\system32\igfxpers.exe
SoundMAXPnP REG_SZ C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
SoundMAX REG_SZ "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
ISUSPM Startup REG_SZ C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
ISUSScheduler REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
HPDJ Taskbar Utility REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
HPHUPD05 REG_SZ C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
HP Component Manager REG_SZ "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
HP Software Update REG_SZ "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
HPHmon05 REG_SZ C:\WINDOWS\system32\hphmon05.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents


Restrictions - Internet Explorer


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
Homepage REG_DWORD 0x0


Restrictions - REGEDIT


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell


Restrictions - Explorer


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoDriveTypeAutoRun REG_DWORD 0x91
LinkResolveIgnoreLinkInfo REG_DWORD 0x0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
ActiveX


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{01113300-3E00-11D2-8470-0060089874ED}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BCC737-B171-4746-94C9-0D8A0B2C0089}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6414512B-B978-451D-A0D8-FCFDF33E833C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6F15128C-E66A-490C-B848-5000B5ABEEAC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E77F23EB-E7AB-4502-8F37-247DBAF1A147}


DNS Settings


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BA9F2CC-8E15-48FD-8443-22BAE0EF50CF}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2D63CA42-AAE2-4147-8DEF-45A3BCC61316}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86FD6B7A-5F0C-44EC-BB4C-2EB13F106315}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B2165220-0C71-435A-B975-F64C9B7FE0A6}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F1ACF0F0-12F2-4E66-8424-4EC7BE5104FA}


Windows IP Configuration



Host Name . . . . . . . . . . . . : wintec

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-01-6C-D8-DE-77



Ethernet adapter Wireless Network Connection 4:



Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Compact Wireless-G USB Adapter #2

Physical Address. . . . . . . . . : 00-18-39-1E-00-5F

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

68.238.64.12

Lease Obtained. . . . . . . . . . : Saturday, June 05, 2010 7:55:10 AM

Lease Expires . . . . . . . . . . : Sunday, June 06, 2010 7:55:10 AM



AppInit DLLs


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs REG_SZ



Shell Service Object Delay Load


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}
WPDShServiceObj REG_SZ {AAA288BA-9A4C-45B0-95D7-94D524869DB5}



Shell Execute Hooks


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{56F9679E-7826-4C84-81F3-532071A8BCC5} REG_SZ


Image File Execution Options

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:26 pm

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apitrap.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASSTE.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSTE.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divxdec.ax

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DJSMAR00.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRMINST.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncodeDivXExt.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncryptPatchVer.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\front.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fullsoft.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GBROWSER.DLL

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmarq.ocx

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmm.ocx

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ishscan.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ISSTE.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javai.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_g.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\main123w.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mngreg32.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msci_uno.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvr.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msjava.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mso.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVOPTRF.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NeVideoFX.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPMLIC.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NSWSTE.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photohse.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMSTE.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppw32hlp.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printhse.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prwin8.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ps80.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psdmt.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qfinder.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qpw.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\salwrap.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup32.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sevinst.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcnet.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcore_ebook.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TFDTCTT8.DLL

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ua80.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udtapi.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ums.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vb40032.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbe6.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wpwin8.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xlmlEN.dll

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xwsetup.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_INSTPGM.EXE


Security Providers



Local Security Authority


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Bounds REG_BINARY 0030000000200000
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
ImpersonatePrivilegeUpgradeToolHasRun REG_DWORD 0x1
LsaPid REG_DWORD 0x380
SecureBoot REG_DWORD 0x1
auditbaseobjects REG_DWORD 0x0
crashonauditfail REG_DWORD 0x0
disabledomaincreds REG_DWORD 0x0
everyoneincludesanonymous REG_DWORD 0x0
fipsalgorithmpolicy REG_DWORD 0x0
forceguest REG_DWORD 0x1
fullprivilegeauditing REG_BINARY 00
limitblankpassworduse REG_DWORD 0x1
lmcompatibilitylevel REG_DWORD 0x0
nodefaultadminowner REG_DWORD 0x1
nolmhash REG_DWORD 0x0
restrictanonymous REG_DWORD 0x0
restrictanonymoussam REG_DWORD 0x1
Notification Packages REG_MULTI_SZ \0scecli\0scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache


SafeBoot



AppCert DLLs



Extra


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\0

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\1

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\2

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\3

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\4

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\5

HKEY_LOCAL_MACHINE\HARDWARE\DEscriptION\System\MultifunctionAdapter\6


App Paths


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcroRd32.exe
REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Path REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\bckgzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ccleaner.exe
REG_SZ C:\Program Files\CCleaner\ccleaner.exe
Path REG_SZ C:\Program Files\CCleaner

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\chkrzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\cmmgr32.exe
ProfilesUpgraded REG_DWORD 0x1
Path REG_SZ C:\WINDOWS\system32
CmstpExtensionDll REG_SZ C:\WINDOWS\system32\cmcfg32.dll
CMInternalVersion REG_SZ 1.2
CmNative REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\CONF.EXE
REG_SZ C:\Program Files\NetMeeting\conf.exe
Path REG_SZ C:\Program Files\NetMeeting;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\dialer.exe
REG_SZ C:\Program Files\Windows NT\dialer.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\excel.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE
SaveURL REG_SZ 1
useURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\frontpg.exe
useURL REG_SZ yes
Path REG_SZ C:\Program Files\Microsoft Office\Office\
REG_SZ C:\PROGRA~1\MICROS~2\Office\FRONTPG.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\HELPCTR.EXE
REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\HijackThis.exe
Path REG_SZ C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis[1].zip
REG_SZ C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis[1].zip\hijackthis.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hrtzzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hypertrm.exe
REG_SZ "C:\Program Files\Windows NT\hypertrm.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN1.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN2.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IEXPLORE.EXE
REG_SZ C:\Program Files\Internet Explorer\IEXPLORE.EXE
Path REG_SZ C:\Program Files\Internet Explorer;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImLc.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\ImLc.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImLcU.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin
REG_SZ C:\PROGRA~1\INCRED~1\bin\ImLc.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\impackr.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin
REG_SZ C:\PROGRA~1\INCRED~1\bin\impackr.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\impackrU.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\impackr.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImpCnt.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\ImpCnt.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImpCntU.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\ImpCnt.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ImpContent.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\ImpCnt.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IncMailU.exe
REG_SZ C:\PROGRA~1\INCRED~1\bin\IncMail.exe
Path REG_SZ C:\PROGRA~1\INCRED~1\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\INETWIZ.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\install.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe
Path REG_SZ "C:\Program Files\Common Files\Motive\InstallHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\ClientSyncLoader.htm
Path REG_SZ C:\Program Files\Common Files\Motive\ClientSyncLoader.htm

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\ClientSyncLoader.htm\LEGACY_MOTIVE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\ClientSyncLoaderDriver.htm
Path REG_SZ C:\Program Files\Common Files\Motive\ClientSyncLoaderDriver.htm

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\ClientSyncLoaderDriver.htm\LEGACY_MOTIVE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\hourglass.gif
Path REG_SZ C:\Program Files\Common Files\Motive\hourglass.gif

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\InstallHelper.exe\hourglass.gif\LEGACY_MOTIVE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ISIGNUP.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\javaws.exe
REG_SZ C:\Program Files\Java\jre6\bin\javaws.exe
Path REG_SZ C:\Program Files\Java\jre6\bin

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mbam.exe
REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\migwiz.exe
REG_EXPAND_SZ %SystemRoot%\system32\usmt\migwiz.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\moviemk.exe
REG_SZ C:\Program Files\Movie Maker\moviemk.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mplayer2.exe
Path REG_SZ "C:\Program Files\Windows Media Player"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSACCESS.EXE
Path REG_SZ C:\Program Files\Microsoft Office\Office\
REG_SZ C:\PROGRA~1\MICROS~2\Office\MSACCESS.EXE
useURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSCONFIG.EXE
REG_SZ C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msimn.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\msimn.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 5th June 2010, 11:27 pm

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msinfo32.exe
REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSMSGS.EXE
REG_SZ C:\Program Files\Messenger\msmsgs.exe
Path REG_SZ C:\Program Files\Messenger;

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MsoHtmEd.exe
useURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msoxmled.exe
useURL REG_SZ 1
REG_SZ C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLED.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSPUB.EXE
REG_SZ C:\PROGRA~1\MICROS~2\Office\MSPUB.EXE
Path REG_SZ C:\Program Files\Microsoft Office\Office\
useURL REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mspview.exe
Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\
REG_SZ C:\PROGRA~1\COMMON~1\MICROS~1\MODI\11.0\MSPVIEW.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msworks.exe
REG_SZ C:\Program Files\Microsoft Works\msworks.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ois.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\OIS.EXE
SaveURL REG_SZ 0
useURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\OUTLOOK.EXE
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pbrush.exe
REG_EXPAND_SZ %SystemRoot%\system32\mspaint.exe
Path REG_EXPAND_SZ %SystemRoot%\system32

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PHOTODRW.EXE
REG_SZ C:\Program Files\Microsoft Office\Office\PHOTODRW.EXE
Path REG_SZ C:\Program Files\Microsoft Office\Office\;C:\Program Files\Microsoft Office\Office

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PhotoScape.exe
REG_SZ "C:\Program Files\PhotoScape\PhotoScape.exe"
Path REG_SZ "C:\Program Files\PhotoScape\PhotoScape.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PictureViewer.exe
REG_SZ C:\Program Files\QuickTime\PictureViewer.exe
Path REG_SZ C:\Program Files\QuickTime\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pinball.exe
REG_SZ C:\Program Files\Windows NT\Pinball\pinball.exe
Path REG_SZ C:\Program Files\Windows NT\Pinball

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\powerpnt.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\POWERPNT.EXE
SaveURL REG_SZ 1
useURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\QuickTimePlayer.exe
REG_SZ C:\Program Files\QuickTime\QuickTimePlayer.exe
Path REG_SZ C:\Program Files\QuickTime\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\rvsezm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\schdpl32.exe
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\1033\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\1033\SCHDPL32.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\setup.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1
Path REG_SZ C:\Program Files\REALTEK Semiconductor Corporation\REALTEK Gigabit and Fast Ethernet NIC Driver

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\shvlzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\smax4.exe
REG_SZ C:\Program Files\Analog Devices\SoundMAX\smax4.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\SoundMAX
Path REG_SZ C:\Program Files\Analog Devices\SoundMAX

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\table30.exe
UseShortName REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wab.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wab.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wabmig.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wabmig.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WinDVD.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\winnt32.exe
RunAsOnNonAdminInstall REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Winword.exe
useURL REG_SZ 1
Path REG_SZ C:\Program Files\Microsoft Office\OFFICE11\
REG_SZ C:\PROGRA~1\MICROS~2\OFFICE11\WINWORD.EXE
SaveURL REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WKSAB.EXE
REG_SZ C:\Program Files\Microsoft Works\WKSAB.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wkscal.exe
REG_SZ C:\PROGRA~1\MICROS~4\WksCal.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wksdb.exe
REG_SZ C:\Program Files\Microsoft Works\wksdb.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WKSSB.EXE
REG_SZ C:\Program Files\Microsoft Works\WKSSB.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wksss.exe
REG_SZ C:\Program Files\Microsoft Works\wksss.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wkswp.exe
REG_SZ C:\Program Files\Microsoft Works\wkswp.exe
Path REG_SZ C:\Program Files\Microsoft Works\

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wmplayer.exe
REG_SZ C:\Program Files\Windows Media Player\wmplayer.exe
Path REG_SZ C:\Program Files\Windows Media Player

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WORDPAD.EXE
REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WRITE.EXE
REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\XPSViewer.exe
REG_SZ "C:\WINDOWS\system32\XPSViewer\XPSViewer.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\YourApp.exe
Path REG_SZ C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor


Mozilla


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions
{20a82645-c095-46ed-80e3-08825760534b} REG_SZ c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[You must be registered and logged in to see this link.] REG_EXPAND_SZ C:\Program Files\Java\jre6\lib\deploy\jqs\ff

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla
CurrentVersion REG_SZ 1.7.5


Shared Task Scheduler


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon


SafeBootMinimal


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}


SafeBootNetwork


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}


File Rename Operations - Session


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations


Known DLLs - Session


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls
advapi32 REG_SZ advapi32.dll
comdlg32 REG_SZ comdlg32.dll
DllDirectory REG_EXPAND_SZ %SystemRoot%\system32
gdi32 REG_SZ gdi32.dll
imagehlp REG_SZ imagehlp.dll
kernel32 REG_SZ kernel32.dll
lz32 REG_SZ lz32.dll
ole32 REG_SZ ole32.dll
oleaut32 REG_SZ oleaut32.dll
olecli32 REG_SZ olecli32.dll
olecnv32 REG_SZ olecnv32.dll
olesvr32 REG_SZ olesvr32.dll
olethk32 REG_SZ olethk32.dll
rpcrt4 REG_SZ rpcrt4.dll
shell32 REG_SZ shell32.dll
url REG_SZ url.dll
urlmon REG_SZ urlmon.dll
user32 REG_SZ user32.dll
version REG_SZ version.dll
wininet REG_SZ wininet.dll
wldap32 REG_SZ wldap32.dll


Adobe Products



{END OF FILE}

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 6th June 2010, 3:05 am

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 6th June 2010, 5:59 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17023 (vista_gdr.100222-0012)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=16ae6919aeb8a544930e49b9d3db017b
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-06-06 11:56:49
# local_time=2010-06-06 04:56:49 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 23297621 23297621 0 0
# compatibility_mode=768 16777215 100 0 14998616 14998616 0 0
# compatibility_mode=1797 16775141 100 94 57914 48359272 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=62126
# found=1
# cleaned=1
# scan_time=5453
C:\Program Files\Mozilla Firefox\chrome\m3ffxtbr.jar Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 6th June 2010, 6:22 pm

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].
Alternate link: [You must be registered and logged in to see this link.].
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 7th June 2010, 4:27 am

It didn't pick it up.


Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4174

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

6/6/2010 9:25:43 PM
mbam-log-2010-06-06 (21-25-43).txt

Scan type: Full scan (C:\|)
Objects scanned: 173343
Time elapsed: 47 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 7th June 2010, 4:35 am

Please download the latest version of Kaspersky GetSystemInfo (GSI) from [You must be registered and logged in to see this link.] and save it to your Desktop.

Note: please close all other applications running on your system.

Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

Click the Settings button.



Set the slider to Maximum.



IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.




On the General tab, make sure all of the boxes are checked.




On the Misc tab, make sure all the checkboxes are checked.

Then, click OK on the windows that you launched.



Click Create Report to run it.


It will begin scanning.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

It should automatically upload it to [You must be registered and logged in to see this link.] If it does not, then please submit it manually by going to the site and doing the upload process.

It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 7th June 2010, 3:45 pm

[You must be registered and logged in to see this link.]

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 7th June 2010, 9:14 pm

Your logs are clean.

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download [You must be registered and logged in to see this link.] to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Unknown Problem

Post by aww1157 on 7th June 2010, 10:30 pm

Results of screen317's Security Check version 0.99.4
Windows XP Service Pack 3
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 20
Java DB 10.4.1.3
Adobe Flash Player
Adobe Reader 9.3.2
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

aww1157
Intermediate
Intermediate

Posts Posts : 64
Joined Joined : 2009-01-23
Gender Gender : Male
OS OS : Windows XP SP2
Points Points : 29243
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Unknown Problem

Post by Dr Jay on 7th June 2010, 10:31 pm

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Firewall

  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version.
  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  • [You must be registered and logged in to see this link.]: free and excellent firewall.


AntiSpyware

  • [You must be registered and logged in to see this link.]
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found [You must be registered and logged in to see this link.].
  • [You must be registered and logged in to see this link.].
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302970
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum