here the
superantispyware scan log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 03/25/2008 at 02:09 PM
Application Version : 4.0.1154
Core Rules Database Version : 3412
Trace Rules Database Version: 1404
Scan type : Complete Scan
Total Scan Time : 00:52:48
Memory items scanned : 407
Memory threats detected : 0
Registry items scanned : 7005
Registry threats detected : 0
File items scanned : 64960
File threats detected : 1
Unclassified.Unknown Origin
C:\SYSTEM VOLUME INFORMATION\_RESTORE{7A16B448-C93E-4739-AD0C-1C73C012D302}\RP529\A0598871.NFO
here the
OTscanit :
OTScanIt logfile created on: 3/25/2008 2:18:52 PM
OTScanIt by OldTimer - Version 1.0.6.0 Folder = C:\OTScanIt
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.30 Mb Total Physical Memory | 226.01 Mb Available Physical Memory | 44.20% Memory free
1.22 Gb Paging File | 0.96 Gb Available in Paging File | 79.17% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 1.43 Gb Free Space | 3.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALES
Current User Name: Diding
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 2:09:16 PM | Attr = ]
ctsvccda.exe -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 9:01:00 AM | Attr = ]
ekrn.exe -> %ProgramFiles%\ESET\ESET NOD32 Antivirus\ekrn.exe -> ESET [Ver = 3.0.630 | Size = 468224 bytes | Modified Date = 1/30/2008 12:37:26 PM | Attr = ]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
vdtask.exe -> %ProgramFiles%\FarStone\VirtualDrive\vdtask.exe -> FarStone Technology Inc. [Ver = 7, 0, 0, 1 | Size = 184320 bytes | Modified Date = 1/9/2002 2:11:50 PM | Attr = ]
vcdplayx.exe -> %SystemRoot%\vcdplayx.exe -> Far Stone Technology Inc. [Ver = 6, 2, 0, 0 | Size = 49152 bytes | Modified Date = 1/4/2002 3:47:32 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 36975 bytes | Modified Date = 8/26/2005 6:14:44 PM | Attr = ]
smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 6, 0, 0, 20 | Size = 925696 bytes | Modified Date = 5/20/2005 9:11:06 AM | Attr = ]
smax4.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 12 | Size = 716800 bytes | Modified Date = 9/7/2005 3:35:36 PM | Attr = ]
application launcher.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> Sony Ericsson Mobile Communications AB [Ver = 1.1.1.3 | Size = 159744 bytes | Modified Date = 10/26/2005 4:17:24 PM | Attr = R ]
qttask.exe -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.3 | Size = 286720 bytes | Modified Date = 11/14/2007 11:43:10 PM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 11/15/2007 1:11:04 PM | Attr = ]
egui.exe -> %ProgramFiles%\ESET\ESET NOD32 Antivirus\egui.exe -> ESET [Ver = 3.0.630 | Size = 1443072 bytes | Modified Date = 1/30/2008 12:37:12 PM | Attr = ]
ctdetect.exe -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 2.2.1.0 | Size = 98304 bytes | Modified Date = 10/2/2003 2:06:00 PM | Attr = ]
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr = ]
capabilitymanager.exe -> %CommonProgramFiles%\Teleca Shared\CapabilityManager.exe -> Teleca Software Solutions AB [Ver = 0.0.1.48 | Size = 278528 bytes | Modified Date = 6/8/2005 4:45:04 PM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/15/2007 1:10:54 PM | Attr = ]
generic.exe -> %CommonProgramFiles%\Teleca Shared\Generic.exe -> Teleca Software Solutions [Ver = 1, 0, 3, 2 | Size = 385024 bytes | Modified Date = 8/10/2005 7:54:34 AM | Attr = R ]
epmworker.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe -> Sony Ericsson Mobile Communications AB [Ver = 1, 2, 0,1183 | Size = 868352 bytes | Modified Date = 2/24/2006 11:58:14 AM | Attr = R ]
otscanit.exe -> %SystemDrive%\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.6.0 | Size = 311808 bytes | Modified Date = 3/19/2008 6:01:26 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 2:09:16 PM | Attr = ]
(Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.80.011 | Size = 85096 bytes | Modified Date = 11/5/2007 9:53:08 AM | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 9:01:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 6:56:50 AM | Attr = ]
(EhttpSrv) Eset HTTP Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -> ESET [Ver = 3.0.630 | Size = 19200 bytes | Modified Date = 1/30/2008 12:39:14 PM | Attr = ]
(ekrn) Eset Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\ESET NOD32 Antivirus\ekrn.exe -> ESET [Ver = 3.0.630 | Size = 468224 bytes | Modified Date = 1/30/2008 12:37:26 PM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/15/2007 1:10:54 PM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
(Ad-Watch Connect Filter) Ad-Watch Connect Kernel Filter [Kernel | On_Demand | Stopped] -> -> File not found
(ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ADIHdAud.sys -> Analog Devices, Inc. [Ver = 5.10.01.4151 built by: WinDDK | Size = 141312 bytes | Modified Date = 10/5/2005 5:21:10 PM | Attr = ]
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
(AEAudioService) AEAudio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aeaudio.sys -> Andrea Electronics Corporation [Ver = 4.0.1.14 | Size = 127872 bytes | Modified Date = 3/4/2005 8:53:00 PM | Attr = ]
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
(AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
(amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
(asc) asc [Kernel | Disabled | Stopped] -> -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(BANTExt) Belarc SMBios Access [Kernel | System | Running] -> %SystemRoot%\system32\drivers\BANTExt.sys -> [Ver = | Size = 3840 bytes | Modified Date = 4/7/2005 5:18:34 PM | Attr = ]
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
(cdawdm) cdawdm [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdawdm.sys -> [Ver = | Size = 46735 bytes | Modified Date = 12/21/2001 6:39:26 PM | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/4/2004 5:07:18 AM | Attr = ]
(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/4/2004 5:07:18 AM | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
(eamon) eamon [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\eamon.sys -> ESET [Ver = 3.0.630 | Size = 39944 bytes | Modified Date = 1/30/2008 12:35:30 PM | Attr = ]
(easdrv) easdrv [Kernel | System | Running] -> %SystemRoot%\system32\drivers\easdrv.sys -> ESET [Ver = 3.0.630 | Size = 29704 bytes | Modified Date = 1/30/2008 12:35:56 PM | Attr = ]
(epfwtdir) epfwtdir [Kernel | System | Running] -> %SystemRoot%\system32\drivers\epfwtdir.sys -> [Ver = | Size = 34312 bytes | Modified Date = 1/30/2008 12:38:08 PM | Attr = ]
(FETNDIS) VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Modified Date = 8/17/2001 8:13:08 PM | Attr = ]
(FsHotKey) FsHotKey [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\fshotkey.sys -> Farstone Inc. [Ver = 1.00 | Size = 3855 bytes | Modified Date = 12/31/2001 11:35:16 AM | Attr = ]
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 9/19/2006 2:44:04 PM | Attr = ]
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Hdaudio.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5012 built by: WinDDK | Size = 145920 bytes | Modified Date = 10/27/2004 3:21:30 PM | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5012 built by: WinDDK | Size = 138240 bytes | Modified Date = 10/27/2004 3:21:36 PM | Attr = ]
(hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
(i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
(imagedrv) imagedrv [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\imagedrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 5888 bytes | Modified Date = 8/15/2005 12:08:26 PM | Attr = ]
(imagesrv) imagesrv [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\imagesrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 127488 bytes | Modified Date = 8/15/2005 12:08:26 PM | Attr = ]
(ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
(IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ASACPI.sys -> [Ver = 1043, 2, 15, 37 | Size = 5810 bytes | Modified Date = 8/13/2004 10:56:20 AM | Attr = ]
(mxnic) Macronix MX987xx Family Fast Ethernet NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mxnic.sys -> Macronix International Co., Ltd. [Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Modified Date = 8/17/2001 1:49:32 PM | Attr = ]
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 3994624 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
(PfModNT) PfModNT [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\PfModNT.sys -> Creative Technology Ltd. [Ver = 3.0.0.3 | Size = 15840 bytes | Modified Date = 3/5/2003 12:19:28 PM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Modified Date = 4/23/2007 8:15:25 AM | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 8/4/2004 6:31:34 AM | Attr = ]
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 8944 bytes | Modified Date = 2/29/2008 4:03:48 PM | Attr = ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2/16/2006 4:51:08 PM | Attr = R ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1050 | Size = 51440 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr = ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.00.060 | Size = 163644 bytes | Modified Date = 8/3/2007 9:27:20 PM | Attr = ]
(SenFiltService) SenFilt Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> Sensaura [Ver = 5.10.00.3521 | Size = 393088 bytes | Modified Date = 8/11/2005 1:49:28 PM | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(SmartCd) SmartCd [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SmartCd.sys -> [Ver = | Size = 6356 bytes | Modified Date = 12/22/2001 5:03:48 PM | Attr = ]
(smserial) smserial [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\smserial.sys -> Motorola Inc. [Ver = SM56 Rel. 5.00 Build 84.40 | Size = 810770 bytes | Modified Date = 3/9/2001 9:21:44 PM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [Ver = | Size = 611064 bytes | Modified Date = 11/28/2007 2:54:09 PM | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
(TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
(w810bus) Sony Ericsson W810 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w810bus.sys -> MCCI [Ver = V4.34 | Size = 58288 bytes | Modified Date = 2/20/2006 5:59:28 PM | Attr = R ]
(w810mdfl) Sony Ericsson W810 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w810mdfl.sys -> MCCI [Ver = V4.34 | Size = 8336 bytes | Modified Date = 2/20/2006 5:59:32 PM | Attr = R ]
(w810mdm) Sony Ericsson W810 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w810mdm.sys -> MCCI [Ver = V4.34 | Size = 94064 bytes | Modified Date = 2/20/2006 5:59:34 PM | Attr = R ]
(w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w810mgmt.sys -> MCCI [Ver = V4.34 | Size = 85408 bytes | Modified Date = 2/20/2006 5:59:34 PM | Attr = R ]
(w810obex) Sony Ericsson W810 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w810obex.sys -> MCCI [Ver = V4.34 | Size = 83344 bytes | Modified Date = 2/20/2006 5:59:36 PM | Attr = R ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
egui -> %ProgramFiles%\ESET\ESET NOD32 Antivirus\egui.exe -> ESET [Ver = 3.0.630 | Size = 1443072 bytes | Modified Date = 1/30/2008 12:37:12 PM | Attr = ]
High Definition Audio Property Page Shortcut -> %SystemRoot%\system32\HdAShCut.exe -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5012 built by: WinDDK | Size = 61952 bytes | Modified Date = 10/27/2004 3:21:30 PM | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 11/15/2007 1:11:04 PM | Attr = ]
NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 5 | Size = 155648 bytes | Modified Date = 1/12/2006 4:40:44 PM | Attr = ]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
nwiz -> %SystemRoot%\system32\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.3 | Size = 286720 bytes | Modified Date = 11/14/2007 11:43:10 PM | Attr = ]
SMSERIAL -> %SystemRoot%\sm56hlpr.exe -> Motorola Inc. [Ver = 5.00.84.23 | Size = 462848 bytes | Modified Date = 11/22/2000 7:40:56 PM | Attr = ]
Sony Ericsson PC Suite -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> Sony Ericsson Mobile Communications AB [Ver = 1.1.1.3 | Size = 159744 bytes | Modified Date = 10/26/2005 4:17:24 PM | Attr = R ]
SoundMAX -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 12 | Size = 716800 bytes | Modified Date = 9/7/2005 3:35:36 PM | Attr = ]
SoundMAXPnP -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 6, 0, 0, 20 | Size = 925696 bytes | Modified Date = 5/20/2005 9:11:06 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 36975 bytes | Modified Date = 8/26/2005 6:14:44 PM | Attr = ]
vcdplayx -> %SystemRoot%\vcdplayx.exe -> Far Stone Technology Inc. [Ver = 6, 2, 0, 0 | Size = 49152 bytes | Modified Date = 1/4/2002 3:47:32 PM | Attr = ]
VirtualDrive -> %ProgramFiles%\FarStone\VirtualDrive\vdtask.exe -> FarStone Technology Inc. [Ver = 7, 0, 0, 1 | Size = 184320 bytes | Modified Date = 1/9/2002 2:11:50 PM | Attr = ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Creative Detector -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 2.2.1.0 | Size = 98304 bytes | Modified Date = 10/2/2003 2:06:00 PM | Attr = ]
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Diding Startup Folder > -> C:\Documents and Settings\Diding\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 4/19/2007 12:41:36 PM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> (binary data) ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (687 bytes) -> C:\windows\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.yahoo.com/ ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.google.com ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.searchgateway.net/search/ ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\System32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Bar -> http://ie.search.msn.com ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com/ ->
HKEY_CURRENT_USER\: SearchURL\\ -> [gogl] ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2005, 11, 21, 1 | Size = 399424 bytes | Modified Date = 11/21/2005 3:54:28 PM | Attr = ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 1, 5, 1 | Size = 181752 bytes | Modified Date = 1/6/2006 11:52:14 AM | Attr = ]
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2005, 12, 13, 1 | Size = 325184 bytes | Modified Date = 12/14/2005 3:29:40 PM | Attr = ]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2005, 12, 13, 1 | Size = 325184 bytes | Modified Date = 12/14/2005 3:29:40 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 11, 21, 1 | Size = 399424 bytes | Modified Date = 11/21/2005 3:54:28 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 11, 21, 1 | Size = 399424 bytes | Modified Date = 11/21/2005 3:54:28 PM | Attr = ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_05\bin\NPJPI150_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 69746 bytes | Modified Date = 8/26/2005 6:33:54 PM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! Services] -> Yahoo! Inc. [Ver = 2006, 1, 5, 1 | Size = 181752 bytes | Modified Date = 1/6/2006 11:52:14 AM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_05\bin\NPJPI150_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 69746 bytes | Modified Date = 8/26/2005 6:33:54 PM | Attr = ]
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 1, 5, 1 | Size = 181752 bytes | Modified Date = 1/6/2006 11:52:14 AM | Attr = ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Yahoo! &Dictionary -> -> File not found
Yahoo! &Maps -> -> File not found
Yahoo! &SMS -> -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 -> ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{5E4B9295-AE55-427F-99BE-869F47BAD192} -> () ->
{8AA63438-8DAB-4598-A15B-D33D7BBE0BC4} -> (Macronix MX98715-Based Ethernet Adapter (Generic)) ->
{C8F709B3-2C1A-43B3-BE75-DDCB9695DF42} -> (VIA Compatable Fast Ethernet Adapter) ->
{CFFA1D9F-28D0-4232-92F8-54EBB856B869} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
belarc:{6318E0AB-2E93-11D1-B8ED-00608CC9A71F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll[VoilaXctl Class] -> Belarc, Inc. [Ver = 7.2k | Size = 33280 bytes | Modified Date = 2/22/2007 8:02:38 PM | Attr = ]
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll[YInstStarter Class] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145264160515[WUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab[Java Plug-in 1.5.0_05] ->
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab[Java Plug-in 1.5.0_05] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
[Files/Folders - Created Within 30 days]
BackUpMSNCleaner -> %SystemDrive%\BackUpMSNCleaner -> [Folder | Created Date = 3/9/2008 1:27:32 AM | Attr = ]
DIVX -> %SystemDrive%\DIVX -> [Folder | Created Date = 3/3/2008 9:32:51 PM | Attr = ]
Hello taenamo and welcome to the BC HijackThis forum.doc -> %SystemDrive%\Hello taenamo and welcome to the BC HijackThis forum.doc -> [Ver = | Size = 31744 bytes | Created Date = 3/23/2008 8:19:18 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536203264 bytes | Created Date = 3/10/2008 5:14:28 PM | Attr = HS]
New Microsoft Word Document.doc -> %SystemDrive%\New Microsoft Word Document.doc -> [Ver = | Size = 37888 bytes | Created Date = 3/25/2008 12:45:05 AM | Attr = ]
OTScanIt -> %SystemDrive%\OTScanIt -> [Folder | Created Date = 3/24/2008 2:05:12 PM | Attr = ]
PROCESSLIST -> %SystemDrive%\PROCESSLIST -> [Folder | Created Date = 3/25/2008 3:51:45 AM | Attr = ]
PROCESSLIST.ZIP -> %SystemDrive%\PROCESSLIST.ZIP -> [Ver = | Size = 2029217 bytes | Created Date = 3/25/2008 12:41:46 AM | Attr = ]
PROCESSLISTRELATED -> %SystemDrive%\PROCESSLISTRELATED -> [Folder | Created Date = 3/25/2008 3:51:53 AM | Attr = ]
PROCESSLISTRELATED.ZIP -> %SystemDrive%\PROCESSLISTRELATED.ZIP -> [Ver = | Size = 134438 bytes | Created Date = 3/25/2008 12:42:55 AM | Attr = ]
SilentSoftech.exe -> %SystemDrive%\SilentSoftech.exe -> [Ver = | Size = 100000 bytes | Created Date = 3/13/2008 1:18:19 PM | Attr = RHS]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 6342680 bytes | Created Date = 3/25/2008 12:39:25 AM | Attr = ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 3/5/2008 5:57:48 PM | Attr = ]
~$w Microsoft Word Document.doc -> %SystemDrive%\~$w Microsoft Word Document.doc -> [Ver = | Size = 162 bytes | Created Date = 3/25/2008 2:09:52 PM | Attr = H ]
cdr4_xp.sys -> %SystemRoot%\System32\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 3/6/2008 7:35:33 AM | Attr = ]
cdralw2k.sys -> %SystemRoot%\System32\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
PxHelp20.sys -> %SystemRoot%\System32\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Created Date = 3/6/2008 7:35:33 AM | Attr = ]
px.dll -> %SystemRoot%\System32\px.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 527096 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxafs.dll -> %SystemRoot%\System32\pxafs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxcpya64.exe -> %SystemRoot%\System32\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 64760 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxcpyi64.exe -> %SystemRoot%\System32\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 116472 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxdrv.dll -> %SystemRoot%\System32\pxdrv.dll -> Sonic Solutions [Ver = 1.02.01a | Size = 502520 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxhpinst.exe -> %SystemRoot%\System32\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 72440 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxinsa64.exe -> %SystemRoot%\System32\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 64760 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxinsi64.exe -> %SystemRoot%\System32\pxinsi64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 118520 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxmas.dll -> %SystemRoot%\System32\pxmas.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 183032 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxsfs.dll -> %SystemRoot%\System32\pxsfs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 1329912 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
pxwave.dll -> %SystemRoot%\System32\pxwave.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 379640 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
SilentSoftech.exe -> %SystemRoot%\System32\SilentSoftech.exe -> [Ver = | Size = 100000 bytes | Created Date = 3/13/2008 1:18:19 PM | Attr = RHS]
vxblock.dll -> %SystemRoot%\System32\vxblock.dll -> Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Created Date = 3/6/2008 7:35:32 AM | Attr = ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 26112 bytes | Created Date = 3/15/2008 3:52:45 PM | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Created Date = 2/24/2008 6:46:05 PM | Attr = ]
[Files/Folders - Modified Within 30 days]
BackUpMSNCleaner -> %SystemDrive%\BackUpMSNCleaner -> [Folder | Modified Date = 3/9/2008 1:28:04 AM | Attr = ]
DIVX -> %SystemDrive%\DIVX -> [Folder | Modified Date = 3/6/2008 7:30:39 AM | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 3/8/2008 3:08:26 PM | Attr = ]
Hello taenamo and welcome to the BC HijackThis forum.doc -> %SystemDrive%\Hello taenamo and welcome to the BC HijackThis forum.doc -> [Ver = | Size = 31744 bytes | Modified Date = 3/23/2008 8:19:20 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536203264 bytes | Modified Date = 3/25/2008 2:12:08 PM | Attr = HS]
MGA NAKALAGAY SA USB!!! -> %SystemDrive%\MGA NAKALAGAY SA USB!!! -> [Folder | Modified Date = 3/24/2008 2:11:58 PM | Attr = ]
mukhamo!!!!! -> %SystemDrive%\mukhamo!!!!! -> [Folder | Modified Date = 3/13/2008 2:54:15 PM | Attr = ]
New Microsoft Word Document.doc -> %SystemDrive%\New Microsoft Word Document.doc -> [Ver = | Size = 37888 bytes | Modified Date = 3/25/2008 12:45:58 AM | Attr = ]
OTScanIt -> %SystemDrive%\OTScanIt -> [Folder | Modified Date = 3/25/2008 2:59:48 AM | Attr = ]
PROCESSLIST -> %SystemDrive%\PROCESSLIST -> [Folder | Modified Date = 3/25/2008 3:51:45 AM | Attr = ]
PROCESSLIST.ZIP -> %SystemDrive%\PROCESSLIST.ZIP -> [Ver = | Size = 2029217 bytes | Modified Date = 3/25/2008 12:41:50 AM | Attr = ]
PROCESSLISTRELATED -> %SystemDrive%\PROCESSLISTRELATED -> [Folder | Modified Date = 3/25/2008 3:51:53 AM | Attr = ]
PROCESSLISTRELATED.ZIP -> %SystemDrive%\PROCESSLISTRELATED.ZIP -> [Ver = | Size = 134438 bytes | Modified Date = 3/25/2008 12:42:58 AM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/25/2008 2:51:25 AM | Attr = R ]
psroms -> %SystemDrive%\psroms -> [Folder | Modified Date = 3/15/2008 3:53:30 PM | Attr = ]
SilentSoftech.exe -> %SystemDrive%\SilentSoftech.exe -> [Ver = | Size = 100000 bytes | Modified Date = 3/15/2008 1:58:21 PM | Attr = RHS]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 6342680 bytes | Modified Date = 3/25/2008 12:39:26 AM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/25/2008 2:59:48 AM | Attr = ]
WOW Magic sing -> %SystemDrive%\WOW Magic sing -> [Folder | Modified Date = 3/23/2008 8:53:08 PM | Attr = ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 3/5/2008 5:57:48 PM | Attr = ]
~$w Microsoft Word Document.doc -> %SystemDrive%\~$w Microsoft Word Document.doc -> [Ver = | Size = 162 bytes | Modified Date = 3/25/2008 2:09:52 PM | Attr = H ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 3/25/2008 1:52:40 PM | Attr = ]
drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 3/24/2008 2:20:36 PM | Attr = ]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2/24/2008 6:45:44 PM | Attr = ]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 235960 bytes | Modified Date = 2/24/2008 9:35:25 PM | Attr = ]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 0 bytes | Modified Date = 3/25/2008 2:12:42 PM | Attr = ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 62490 bytes | Modified Date = 3/25/2008 2:56:01 AM | Attr = ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 400954 bytes | Modified Date = 3/25/2008 2:56:01 AM | Attr = ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 470828 bytes | Modified Date = 3/25/2008 2:56:01 AM | Attr = ]
SilentSoftech.exe -> %SystemRoot%\System32\SilentSoftech.exe -> [Ver = | Size = 100000 bytes | Modified Date = 3/14/2008 2:04:01 AM | Attr = RHS]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2/29/2008 2:38:47 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/25/2008 2:12:10 PM | Attr = S]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2/24/2008 7:13:41 PM | Attr = R S]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/8/2008 7:06:53 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/25/2008 2:51:33 AM | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 3/22/2008 4:04:10 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 230 bytes | Modified Date = 3/23/2008 9:04:24 PM | Attr = ]
option.ini -> %SystemRoot%\option.ini -> [Ver = | Size = 187 bytes | Modified Date = 3/24/2008 3:39:43 PM | Attr = ]
PhotoSnapViewer.INI -> %SystemRoot%\PhotoSnapViewer.INI -> [Ver = | Size = 151 bytes | Modified Date = 3/1/2008 5:20:27 PM | Attr = ]
popcinfo.dat -> %SystemRoot%\popcinfo.dat -> [Ver = | Size = 41 bytes | Modified Date = 3/24/2008 10:52:26 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/25/2008 2:17:28 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 3/25/2008 2:12:56 PM | Attr = H ]
system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 3/25/2008 2:59:48 AM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/24/2008 6:46:05 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 3/25/2008 2:17:40 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 934 bytes | Modified Date = 3/2/2008 3:04:05 AM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2/24/2008 6:45:22 PM | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 2/24/2008 6:46:05 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/25/2008 2:12:11 PM | Attr = H ]
hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 2294 bytes | Modified Date = 4/10/2007 11:37:38 PM | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4232 bytes | Modified Date = 11/1/2007 8:45:44 PM | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4617 bytes | Modified Date = 8/26/2007 11:20:57 AM | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 3/10/2008 3:37:15 PM | Attr = ]
SSUPDATE.EXE -> C:\WINDOWS\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 146672 bytes | Modified Date = 2/29/2008 4:03:44 PM | Attr = ]
2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
SSUPDATE.EXE -> C:\WINDOWS\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 146672 bytes | Modified Date = 2/29/2008 4:03:44 PM | Attr = ]
2 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp ->
< End of report >
here the
movefolder scan log:
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\(Default) deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Photo Downloader deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CPQEASYBTTN deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winmxw32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Google Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Yahoo! Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to AMV Converter...\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Media Manager...\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Backward Links\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Cached Snapshot of Page\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Similar Pages\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate into English\ deleted successfully.
[Registry - Additional Scans - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Connectix\Connectix Virtual PC\Virtual PC.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA GAMES\MOHAA\MOHAA.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\game.dat deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\3D Groove\Death From Above\dfa.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Games\Rise of Nations\rise.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\windows\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\windows\win.exe deleted successfully.
C:\WINDOWS\win.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\windows\system32\syschk.exe deleted successfully.
C:\WINDOWS\system32\syschk.exe moved successfully.
[Files/Folders - Modified Within 30 days]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
[Empty Temp Folders]
File delete failed. C:\WINDOWS\Temp\~DF3D9F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\Temp\~DF8B4B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Diding\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\windows\temp\~DF3D9F.tmp scheduled to be deleted on reboot.
File delete failed. C:\windows\temp\~DF8B4B.tmp scheduled to be deleted on reboot.
User temp folders emptied.
SystemRoot temp folder emptied.
IE temp folders emptied
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTScanIt by OldTimer - Version 1.0.6.0 fix logfile created on 03252008_025948
Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
Back to top
