Author Topic: Can't install ad-aware and spybot (Read 2523 times)

NuCK · « **Reply #40 on:** December 18, 2008, 12:43:53 AM »

abk.bat is gone but there's a iok.exe in my phone card

NuCK · « **Reply #41 on:** December 18, 2008, 12:48:17 AM »

i also see thse on my D: !!

6.bat
6.cmd
ewatr.cmd
fphj6j31.bat
iok.exe
prjydpe.cmd

guestolo · « **Reply #42 on:** December 18, 2008, 12:56:49 AM »

Delete all those files on D:
6.bat
6.cmd
ewatr.cmd
fphj6j31.bat
iok.exe
prjydpe.cmd

and iok.exe on phone

Open Malwarebytes, check for updates
Then under the scanner tab, Ensure Full Scan is ticked
Click SCAN
Select All drives except for CD/DVD roms

Post the log after you have removed anything it finds

NuCK · « **Reply #43 on:** December 19, 2008, 02:01:33 AM »

i split up the scan between my phone and my pc cos i needed to leave.

here's the log for G:\

Malwarebytes' Anti-Malware 1.31
Database version: 1506
Windows 5.1.2600 Service Pack 2

12/19/2008 12:05:42 PM
mbam-log-2008-12-19 (12-05-42).txt

Scan type: Full Scan (G:\|)
Objects scanned: 52235
Time elapsed: 12 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

here's C:\ and D:\

Malwarebytes' Anti-Malware 1.31
Database version: 1506
Windows 5.1.2600 Service Pack 2

12/19/2008 1:52:45 PM
mbam-log-2008-12-19 (13-52-45).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 157566
Time elapsed: 1 hour(s), 34 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

guestolo · « **Reply #44 on:** December 19, 2008, 02:06:03 AM »

How are things running now?

Can you post one final Hijackthis log, just for a double check

P.S. You should of checked for updates with Malwarebytes
It was a bit outdated

NuCK · « **Reply #45 on:** December 19, 2008, 02:30:00 AM »

fphj6j31.bat is back in my c: and d: but the rest of the files are gone

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21, on 12/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\NVIDIA\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\INITIO\HID Button Manager v1.59\inihid.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nTrayFw] C:\NVIDIA\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: HID Button Manager v1.59.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF641EA-F711-443F-B73C-A1C73FE09E1F}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF641EA-F711-443F-B73C-A1C73FE09E1F}: NameServer = ,
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF641EA-F711-443F-B73C-A1C73FE09E1F}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: app_filter - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 11128 bytes

guestolo · « **Reply #46 on:** December 19, 2008, 04:45:52 AM »

delete that file
What's McAfee's doing?
Is it outdated?

Can you run one more log for me please
Download and save to your desktop
[color=\"#FF0000\"]OTScanIt2[/color][/url]
by OldTimer

Double click on it to Run it and then Extract it to a folder on desktop
Open that newly created folder and double click on OTScanIt2.exe

Then click on [color=\"#0000FF\"]Run Scan [/color]

When done, it will produce a log
Can you post the contents of that log back here please
A copy of it can also be found it the OTScanIt2 folder on desktop

NuCK · « **Reply #47 on:** December 22, 2008, 01:13:06 AM »

[code]OTScanIt2 logfile created on: 12/22/2008 1:57:56 PM - Run 1
OTScanIt2 by OldTimer - Version 1.0.4.0    Folder = C:\Documents and Settings\EDITOR\Desktop\OTScanIt2
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 60.77% Memory free
3.86 Gb Paging File | 3.04 Gb Available in Paging File | 78.73% Paging File free
Paging file location(s): C:\pagefile.sys 2060 4096;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 24.65 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 184.05 Gb Total Space | 96.77 Gb Free Space | 52.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ELLIE
Current User Name: EDITOR
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft)
airgcfg.exe -> %ProgramFiles%\D-Link\AirPlus G\AirGCFG.exe -> [2005/03/29 11:41:10 | 01,245,184 | ---- | M] (D-Link)
apache.exe -> %SystemDrive%\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> [2004/08/10 05:04:08 | 00,020,543 | ---- | M] (Apache Software Foundation)
apache.exe -> %SystemDrive%\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> [2004/08/10 05:04:08 | 00,020,543 | ---- | M] (Apache Software Foundation)
application launcher.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> [2005/10/26 17:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2005/09/21 22:53:06 | 00,376,832 | ---- | M] (ATI Technologies Inc.)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2005/09/21 22:53:06 | 00,376,832 | ---- | M] (ATI Technologies Inc.)
bitcomet.exe -> %ProgramFiles%\BitComet\BitComet.exe -> [2006/12/15 16:05:10 | 04,954,176 | ---- | M] (www.BitComet.com)
capabilitymanager.exe -> %CommonProgramFiles%\Teleca Shared\CapabilityManager.exe -> [2005/06/08 17:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB)
cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2005/09/22 00:55:04 | 00,057,344 | ---- | M] (ATI Technologies Inc.)
cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2005/09/22 00:55:04 | 00,057,344 | ---- | M] (ATI Technologies Inc.)
epmworker.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe -> [2006/03/16 09:43:28 | 00,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB)
generic.exe -> %CommonProgramFiles%\Teleca Shared\Generic.exe -> [2005/08/10 08:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions)
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> [2006/09/28 22:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.)
iexplore.exe -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2004/08/04 20:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2004/08/04 20:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2004/08/04 20:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2004/08/04 20:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation)
inihid.exe -> %ProgramFiles%\INITIO\HID Button Manager v1.59\inihid.exe -> [2005/11/28 15:04:02 | 00,196,608 | ---- | M] ()
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2004/12/18 00:19:58 | 00,327,680 | ---- | M] (Apple Computer, Inc.)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2004/12/18 00:20:14 | 00,278,528 | ---- | M] (Apple Computer, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> [2005/09/22 18:29:08 | 00,303,104 | ---- | M] (McAfee, Inc)
mcdetect.exe -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> [2005/10/13 19:56:16 | 00,126,976 | ---- | M] (McAfee, Inc)
mcsacore.exe -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/09/08 08:50:32 | 00,198,944 | ---- | M] ()
mcshield.exe -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> [2005/08/10 11:22:02 | 00,221,184 | ---- | M] (McAfee Inc.)
mctskshd.exe -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> [2005/08/24 16:01:04 | 00,122,368 | ---- | M] (McAfee, Inc)
mcvsescn.exe -> %ProgramFiles%\McAfee.com\VSO\McVSEscn.exe -> [2005/07/08 18:16:16 | 00,483,328 | ---- | M] (McAfee, Inc.)
mcvsftsn.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsftsn.exe -> [2005/07/01 20:43:00 | 00,299,008 | ---- | M] (McAfee, Inc.)
mcvsshld.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsshld.exe -> [2005/08/10 12:49:20 | 00,163,840 | ---- | M] (McAfee, Inc.)
mpapi3s.exe -> %CommonProgramFiles%\Nokia\MPAPI\MPAPI3s.exe -> [2008/03/19 15:24:20 | 00,474,624 | ---- | M] (Nokia Corporation)
msmsgs.exe -> %ProgramFiles%\Messenger\msmsgs.exe -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
msnmsgr.exe -> %ProgramFiles%\MSN Messenger\msnmsgr.exe -> [2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
nclirsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclIrSrv.exe -> [2008/01/04 13:36:10 | 00,089,088 | ---- | M] ()
nclrssrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclRSSrv.exe -> [2008/02/22 09:11:02 | 00,120,320 | ---- | M] ()
nclusbsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclUSBSrv.exe -> [2008/04/29 10:03:58 | 00,130,560 | ---- | M] ()
nsvcappflt.exe -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nSvcAppFlt.exe -> [2004/10/05 17:05:34 | 00,126,976 | ---- | M] ()
nsvcip.exe -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe -> [2004/10/05 17:04:24 | 00,110,653 | ---- | M] ()
ntrayfw.exe -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nTrayFw.exe -> [2004/10/05 17:04:34 | 00,266,240 | ---- | M] (NVIDIA Corporation)
oasclnt.exe -> %ProgramFiles%\McAfee.com\VSO\oasclnt.exe -> [2005/08/11 22:02:44 | 00,053,248 | ---- | M] (McAfee, Inc.)
opwarese2.exe -> %ProgramFiles%\ScanSoft\OmniPageSE2.0\opwareSE2.exe -> [2003/05/08 12:00:58 | 00,049,152 | ---- | M] (ScanSoft, Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/12/21 18:43:24 | 00,477,184 | ---- | M] (OldTimer Tools)
pcsuite.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe -> [2008/04/16 12:53:46 | 01,079,808 | ---- | M] (Nokia)
pcsync2.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PcSync2.exe -> [2008/03/26 18:41:50 | 01,232,896 | ---- | M] (Time Information Services Ltd.)
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> [2005/01/12 03:01:32 | 00,032,768 | ---- | M] (Cyberlink Corp.)
servicelayer.exe -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/29 10:04:58 | 00,572,928 | ---- | M] (Nokia.)
soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> [2005/11/11 14:07:40 | 00,090,112 | R--- | M] (Realtek Semiconductor Corp.)
starwindserviceae.exe -> %ProgramFiles%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> [2007/05/29 00:57:54 | 00,275,968 | ---- | M] (Rocket Division Software)
usnsvc.exe -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
wdfmgr.exe -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2004/08/04 20:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation)
wscntfy.exe -> %SystemRoot%\system32\wscntfy.exe -> [2004/08/04 20:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation)
wzcsldr2.exe -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe -> [2004/12/16 17:49:14 | 00,049,152 | ---- | M] (Alpha Networks Inc.)

[Win32 Services - Safe List]
(aawservice) Lavasoft Ad-Aware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft)
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2006/05/05 19:00:54 | 00,072,704 | ---- | M] (Adobe Systems)
(ANIWZCSdService) ANIWZCSd Service [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -> [2004/10/22 13:42:44 | 00,049,152 | ---- | M] (Alpha Networks Inc.)
(app_filter) app_filter [Win32_Own | Auto | Running] -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nSvcAppFlt.exe -> [2004/10/05 17:05:34 | 00,126,976 | ---- | M] ()
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -> [2004/07/15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2005/09/21 22:53:06 | 00,376,832 | ---- | M] (ATI Technologies Inc.)
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [2005/09/21 21:15:00 | 00,516,096 | ---- | M] ()
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> [2006/09/28 22:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.)
(ForcewareWebInterface) Forceware Web Interface [Win32_Own | Auto | Running] -> %SystemDrive%\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -> [2004/08/10 05:04:08 | 00,020,543 | ---- | M] (Apache Software Foundation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 20:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation)
(Imapi Helper) Imapi Helper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alex Feinman\ISO Recorder\ImapiHelper.exe -> [2006/01/05 00:06:02 | 00,163,840 | ---- | M] (Alex Feinman)
(iPodService) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2004/12/18 00:19:58 | 00,327,680 | ---- | M] (Apple Computer, Inc.)
(Irmon) Infrared Monitor [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\irmon.dll -> [2004/08/04 08:56:44 | 00,027,136 | ---- | M] (Microsoft Corporation)
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/09/08 08:50:32 | 00,198,944 | ---- | M] ()
(McDetect.exe) McAfee WSC Integration [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> [2005/10/13 19:56:16 | 00,126,976 | ---- | M] (McAfee, Inc)
(McShield) McAfee.com McShield [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> [2005/08/10 11:22:02 | 00,221,184 | ---- | M] (McAfee Inc.)
(McTskshd.exe) McAfee Task Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> [2005/08/24 16:01:04 | 00,122,368 | ---- | M] (McAfee, Inc)
(mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee.com\Agent\mcupdmgr.exe -> [2005/07/01 19:22:50 | 00,245,760 | ---- | M] (McAfee, Inc)
(nSvcIp) ForceWare IP service [Win32_Own | Auto | Running] -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe -> [2004/10/05 17:04:24 | 00,110,653 | ---- | M] ()
(nSvcLog) ForceWare user log service [Win32_Own | Auto | Stopped] -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe -> [2004/10/05 17:03:50 | 00,053,313 | ---- | M] ()
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/29 00:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Running] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/29 10:04:58 | 00,572,928 | ---- | M] (Nokia.)
(StarWindServiceAE) StarWind AE Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> [2007/05/29 00:57:54 | 00,275,968 | ---- | M] (Rocket Division Software)
(UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\A3AB.sys -> [2005/03/22 03:17:34 | 00,450,400 | ---- | M] (D-Link Corporation)
(A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\A3AB.sys -> [2005/03/22 03:17:34 | 00,450,400 | ---- | M] (D-Link Corporation)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> [2005/11/22 14:44:22 | 03,804,416 | R--- | M] (Realtek Semiconductor Corp.)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> [2005/11/22 14:44:22 | 03,804,416 | R--- | M] (Realtek Semiconductor Corp.)
(ANIO) ANIO Service [Kernel | Auto | Running] -> %SystemRoot%\system32\ANIO.sys -> [2004/07/27 11:20:46 | 00,028,205 | ---- | M] (Alpha Networks Inc.)
(ANIO) ANIO Service [Kernel | Auto | Running] -> %SystemRoot%\system32\ANIO.sys -> [2004/07/27 11:20:46 | 00,028,205 | ---- | M] (Alpha Networks Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2005/09/21 22:59:12 | 01,334,784 | ---- | M] (ATI Technologies Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2005/09/21 22:59:12 | 01,334,784 | ---- | M] (ATI Technologies Inc.)
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [2006/09/28 22:13:34 | 00,004,096 | ---- | M] ()
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [2006/09/28 22:13:34 | 00,004,096 | ---- | M] ()
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> [2006/09/06 00:03:16 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.)
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> [2006/09/06 00:03:16 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.)
(FsVga) FsVga [Kernel | System | Running] -> %SystemRoot%\system32\drivers\fsvga.sys -> [2004/08/04 20:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation)
(FsVga) FsVga [Kernel | System | Running] -> %SystemRoot%\system32\drivers\fsvga.sys -> [2004/08/04 20:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation)
(GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2004/09/14 14:38:26 | 00,013,872 | ---- | M] (GEAR Software Inc.)
(GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2004/09/14 14:38:26 | 00,013,872 | ---- | M] (GEAR Software Inc.)
(gmer) gmer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gmer.sys -> [2008/11/19 13:54:28 | 00,085,969 | ---- | M] (GMER)
(gmer) gmer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gmer.sys -> [2008/11/19 13:54:28 | 00,085,969 | ---- | M] (GMER)
(irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\irsir.sys -> [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation)
(irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\irsir.sys -> [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation)
(NaiAvFilter1) NaiAvFilter1 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\naiavf5x.sys -> [2005/08/10 11:22:10 | 00,114,464 | ---- | M] (McAfee Inc.)
(NaiAvFilter1) NaiAvFilter1 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\naiavf5x.sys -> [2005/08/10 11:22:10 | 00,114,464 | ---- | M] (McAfee Inc.)
(nmwcd) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ccdcmb.sys -> [2007/11/29 10:39:42 | 00,016,896 | ---- | M] (Nokia)
(nmwcd) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ccdcmb.sys -> [2007/11/29 10:39:42 | 00,016,896 | ---- | M] (Nokia)
(nmwcdc) Nokia USB Generic [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ccdcmbo.sys -> [2007/11/29 10:39:40 | 00,019,328 | ---- | M] (Nokia)
(nmwcdc) Nokia USB Generic [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ccdcmbo.sys -> [2007/11/29 10:39:40 | 00,019,328 | ---- | M] (Nokia)
(nvatabus) nvatabus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\nvatabus.sys -> [2004/09/02 15:24:38 | 00,082,816 | R--- | M] (NVIDIA Corporation)
(nvatabus) nvatabus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\nvatabus.sys -> [2004/09/02 15:24:38 | 00,082,816 | R--- | M] (NVIDIA Corporation)
(nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nvax.sys -> [2004/09/10 12:58:52 | 00,052,224 | R--- | M] (NVIDIA Corporation)
(nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nvax.sys -> [2004/09/10 12:58:52 | 00,052,224 | R--- | M] (NVIDIA Corporation)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> [2004/10/05 16:38:12 | 00,033,280 | R--- | M] (NVIDIA Corporation)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> [2004/10/05 16:38:12 | 00,033,280 | R--- | M] (NVIDIA Corporation)
(nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> [2004/10/05 16:38:16 | 00,012,928 | R--- | M] (NVIDIA Corporation)
(nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> [2004/10/05 16:38:16 | 00,012,928 | R--- | M] (NVIDIA Corporation)
(nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nvapu.sys -> [2004/09/10 13:02:12 | 00,412,032 | R--- | M] (NVIDIA Corporation)
(nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nvapu.sys -> [2004/09/10 13:02:12 | 00,412,032 | R--- | M] (NVIDIA Corporation)
(NVTCP) NVIDIA TCP/IP Protocol Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NVTCP.SYS -> [2006/04/25 11:16:32 | 00,089,088 | ---- | M] (NVIDIA Corporation)
(NVTCP) NVIDIA TCP/IP Protocol Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NVTCP.SYS -> [2006/04/25 11:16:32 | 00,089,088 | ---- | M] (NVIDIA Corporation)
(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\pccsmcfd.sys -> [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia)
(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\pccsmcfd.sys -> [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2005/12/05 13:12:26 | 00,020,640 | ---- | M] (Sonic Solutions)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2005/12/05 13:12:26 | 00,020,640 | ---- | M] (Sonic Solutions)
(SE27bus) Sony Ericsson Device 039 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27bus.sys -> [2006/04/28 23:24:42 | 00,061,600 | R--- | M] (MCCI)
(SE27bus) Sony Ericsson Device 039 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27bus.sys -> [2006/04/28 23:24:42 | 00,061,600 | R--- | M] (MCCI)
(SE27mdfl) Sony Ericsson Device 039 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdfl.sys -> [2006/04/28 23:25:40 | 00,009,360 | R--- | M] (MCCI)
(SE27mdfl) Sony Ericsson Device 039 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdfl.sys -> [2006/04/28 23:25:40 | 00,009,360 | R--- | M] (MCCI)
(SE27mdm) Sony Ericsson Device 039 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdm.sys -> [2006/04/28 23:25:44 | 00,097,184 | R--- | M] (MCCI)
(SE27mdm) Sony Ericsson Device 039 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mdm.sys -> [2006/04/28 23:25:44 | 00,097,184 | R--- | M] (MCCI)
(SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mgmt.sys -> [2006/04/28 23:26:46 | 00,088,688 | R--- | M] (MCCI)
(SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27mgmt.sys -> [2006/04/28 23:26:46 | 00,088,688 | R--- | M] (MCCI)
(se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\se27nd5.sys -> [2006/04/28 23:24:06 | 00,018,704 | R--- | M] (MCCI)
(se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\se27nd5.sys -> [2006/04/28 23:24:06 | 00,018,704 | R--- | M] (MCCI)
(SE27obex) Sony Ericsson Device 039 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27obex.sys -> [2006/04/28 23:27:48 | 00,086,560 | R--- | M] (MCCI)
(SE27obex) Sony Ericsson Device 039 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SE27obex.sys -> [2006/04/28 23:27:48 | 00,086,560 | R--- | M] (MCCI)
(se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\se27unic.sys -> [2006/04/28 23:24:00 | 00,090,800 | R--- | M] (MCCI)
(se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\se27unic.sys -> [2006/04/28 23:24:00 | 00,090,800 | R--- | M] (MCCI)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2004/08/04 20:00:00 | 00,027,440 | ---- | M] ()
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2004/08/04 20:00:00 | 00,027,440 | ---- | M] ()
(Sentinel) Sentinel [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\sentinel.sys -> [2001/06/22 05:39:02 | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.)
(Sentinel) Sentinel [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\sentinel.sys -> [2001/06/22 05:39:02 | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.)
(Slp1kdr) SmartLock Pro(1K) [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\SLP1KDR.SYS -> [2001/02/14 03:17:04 | 00,006,325 | ---- | M] ()
(Slp1kdr) SmartLock Pro(1K) [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\SLP1KDR.SYS -> [2001/02/14 03:17:04 | 00,006,325 | ---- | M] ()
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2007/12/27 17:14:14 | 00,715,248 | ---- | M] ()
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2007/12/27 17:14:14 | 00,715,248 | ---- | M] ()
(upperdev) upperdev [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser_lowerflt.sys -> [2007/11/29 10:39:42 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(upperdev) upperdev [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser_lowerflt.sys -> [2007/11/29 10:39:42 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(usbser) Nokia USB Serial Port [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser.sys -> [2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation)
(usbser) Nokia USB Serial Port [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser.sys -> [2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation)
(UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser_lowerfltj.sys -> [2007/11/29 10:39:52 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser_lowerfltj.sys -> [2007/11/29 10:39:52 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(Wdf01000) Wdf01000 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2006/11/02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation)
(Wdf01000) Wdf01000 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2006/11/02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation)
(WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2004/08/04 20:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation)
(WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2004/08/04 20:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> about:blank ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.yahoo.com/ ->
HKEY_CURRENT_USER\: SearchURL\\"provider" -> ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< HOSTS File > (289210 bytes and 10012 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
127.0.0.1    localhost
127.0.0.1   www.007guard.com
127.0.0.1   007guard.com
127.0.0.1   008i.com
127.0.0.1   www.008k.com
127.0.0.1   008k.com
127.0.0.1   www.00hq.com
127.0.0.1   00hq.com
127.0.0.1   010402.com
127.0.0.1   www.032439.com
127.0.0.1   032439.com
127.0.0.1   www.0scan.com
127.0.0.1   0scan.com
127.0.0.1   1000gratisproben.com
127.0.0.1   www.1000gratisproben.com
127.0.0.1   www.1001namen.com
127.0.0.1   1001namen.com
127.0.0.1   100888290cs.com
127.0.0.1   www.100888290cs.com
127.0.0.1   100sexlinks.com
127.0.0.1   www.100sexlinks.com
127.0.0.1   10sek.com
127.0.0.1   www.10sek.com
127.0.0.1   www.123haustiereundmehr.com
127.0.0.1   123haustiereundmehr.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2004/12/14 01:56:50 | 00,063,136 | ---- | M] (Adobe Systems Incorporated)
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO.dll [BitComet Helper] -> [2006/12/15 16:05:08 | 00,325,184 | ---- | M] (BitComet)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2008/09/04 11:43:36 | 00,121,632 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2008/09/04 11:43:36 | 00,121,632 | ---- | M] ()
"{BA52B914-B692-46c4-B683-905236F6F655}" [HKLM] -> %ProgramFiles%\McAfee.com\VSO\mcvsshl.dll [McAfee VirusScan] -> [2005/07/01 20:44:30 | 00,114,688 | ---- | M] (McAfee, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ANIWZCS2Service" -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe [C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe] -> [2004/12/16 17:49:14 | 00,049,152 | ---- | M] (Alpha Networks Inc.)
"ATICCC" -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe ["C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime] -> [2005/09/22 00:55:04 | 00,057,344 | ---- | M] (ATI Technologies Inc.)
"D-Link AirPlus G" -> %ProgramFiles%\D-Link\AirPlus G\AirGCFG.exe [C:\Program Files\D-Link\AirPlus G\AirGCFG.exe] -> [2005/03/29 11:41:10 | 01,245,184 | ---- | M] (D-Link)
"IMJPMIG8.1" -> %SystemRoot%\ime\IMJP8_1\imjpmig.exe ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2004/08/04 20:00:00 | 00,208,952 | ---- | M] (Microsoft Corporation)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe [C:\Program Files\iTunes\iTunesHelper.exe] -> [2004/12/18 00:20:14 | 00,278,528 | ---- | M] (Apple Computer, Inc.)
"MCAgentExe" -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [c:\PROGRA~1\mcafee.com\agent\mcagent.exe] -> [2005/09/22 18:29:08 | 00,303,104 | ---- | M] (McAfee, Inc)
"MCUpdateExe" -> %ProgramFiles%\McAfee.com\Agent\mcupdate.exe [c:\PROGRA~1\mcafee.com\agent\mcupdate.exe] -> [2006/01/11 12:05:42 | 00,212,992 | ---- | M] (McAfee, Inc)
"NeroFilterCheck" -> %SystemRoot%\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 11:50:42 | 00,155,648 | ---- | M] (Ahead Software Gmbh)
"nTrayFw" -> %SystemDrive%\NVIDIA\NetworkAccessManager\bin\nTrayFw.exe [C:\NVIDIA\NetworkAccessManager\bin\nTrayFw.exe] -> [2004/10/05 17:04:34 | 00,266,240 | ---- | M] (NVIDIA Corporation)
"NVMixerTray" -> %ProgramFiles%\NVIDIA Corporation\NvMixer\NvMixerTray.exe ["C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"] -> [2004/10/07 17:53:06 | 00,131,072 | ---- | M] (NVIDIA Corporation)
"OASClnt" -> %ProgramFiles%\McAfee.com\VSO\oasclnt.exe [C:\Program Files\McAfee.com\VSO\oasclnt.exe] -> [2005/08/11 22:02:44 | 00,053,248 | ---- | M] (McAfee, Inc.)
"OpwareSE2" -> %ProgramFiles%\ScanSoft\OmniPageSE2.0\opwareSE2.exe ["C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"] -> [2003/05/08 12:00:58 | 00,049,152 | ---- | M] (ScanSoft, Inc.)
"PHIME2002A" -> %SystemRoot%\system32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] -> [2004/08/04 20:00:00 | 00,455,168 | ---- | M] (Microsoft Corporation)
"PHIME2002ASync" -> [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] -> File not found
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2006/05/24 10:19:50 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
"RemoteControl" -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"] -> [2005/01/12 03:01:32 | 00,032,768 | ---- | M] (Cyberlink Corp.)
"Sony Ericsson PC Suite" -> ["C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions] -> File not found
"SoundMan" -> %SystemRoot%\SOUNDMAN.EXE [SOUNDMAN.EXE] -> [2005/11/11 14:07:40 | 00,090,112 | R--- | M] (Realtek Semiconductor Corp.)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"VirusScan Online" -> %ProgramFiles%\McAfee.com\VSO\mcvsshld.exe [C:\Program Files\McAfee.com\VSO\mcvsshld.exe] -> [2005/08/10 12:49:20 | 00,163,840 | ---- | M] (McAfee, Inc.)
"VSOCheckTask" -> %ProgramFiles%\McAfee.com\VSO\mcmnhdlr.exe ["C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask] -> [2005/07/08 18:18:22 | 00,151,552 | ---- | M] (McAfee, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AlcoholAutomount" -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AxCmd.exe ["C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount] -> [2007/12/22 15:20:59 | 00,222,080 | ---- | M] (Alcohol Soft Development Team)
"msnmsgr" -> %ProgramFiles%\MSN Messenger\msnmsgr.exe ["C:\Program Files\MSN Messenger\msnmsgr.exe" /background] -> [2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
"Nokia.PCSync" -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PcSync2.exe ["C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog] -> [2008/03/26 18:41:50 | 01,232,896 | ---- | M] (Time Information Services Ltd.)
"PC Suite Tray" -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe ["C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray] -> [2008/04/16 12:53:46 | 01,079,808 | ---- | M] (Nokia)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
%AllUsersProfile%\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2005/09/22 00:55:04 | 00,057,344 | ---- | M] (ATI Technologies Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\Free WebSite Tools.lnk -> %ProgramFiles%\CoffeeCup Software\CoffeeCup Free FTP\ThirtyDayTimer.exe -> [2003/08/07 14:20:10 | 00,372,224 | ---- | M] ()
%AllUsersProfile%\Start Menu\Programs\Startup\HID Button Manager v1.59.lnk -> %ProgramFiles%\INITIO\HID Button Manager v1.59\inihid.exe -> [2005/11/28 15:04:02 | 00,196,608 | ---- | M] ()
< EDITOR Startup Folder > -> C:\Documents and Settings\EDITOR\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [255] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"HideLegacyLogonScripts" -> [0] -> File not found
\\"HideLogoffScripts" -> [0] -> File not found
\\"RunLogonScriptSync" -> [1] -> File not found
\\"RunStartupScriptSync" -> [0] -> File not found
\\"HideStartupScripts" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [36] -> File not found
\\"NoDriveAutoRun" -> [FF FF FF FF [binary data]] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" -> [0] -> File not found
\\"HideLogoffScripts" -> [0] -> File not found
\\"RunLogonScriptSync" -> [1] -> File not found
\\"RunStartupScriptSync" -> [0] -> File not found
\\"HideStartupScripts" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm] -> [2006/12/15 16:05:10 | 04,954,176 | ---- | M] (www.BitComet.com)
&D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm] -> [2006/12/15 16:05:10 | 04,954,176 | ---- | M] (www.BitComet.com)
&D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm] -> [2006/12/15 16:05:10 | 04,954,176 | ---- | M] (www.BitComet.com)
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2005/05/27 13:06:54 | 10,095,808 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2003/07/15 10:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/15 10:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{d9288080-1baa-4bc4-9cf8-a92d743db949}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5225 domain(s) found. ->
51 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7713 domain(s) found. ->
58 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [HKLM] -> http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab[McAfee.com Operating System Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{1DF641EA-F711-443F-B73C-A1C73FE09E1F} -> 202.188.0.133,202.188.1.5 (D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.B)) ->
{2F66B63E-27B3-46E1-A81D-8A2F51E0B4E7} ->   (Sony Ericsson Device 039 USB Ethernet Emulation (NDIS 5)) ->
{55D4B9DF-5025-46B6-9D4F-C732561EF122} ->   () ->
{A6ECEDB9-E1AA-47B4-AFE1-E2B1DF089D74} ->   (1394 Net Adapter) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
Antiwpa -> %SystemRoot%\system32\antiwpa.dll -> [2005/12/29 19:26:48 | 00,005,376 | R--- | M] ()
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> [2005/09/21 22:54:10 | 00,046,080 | ---- | M] (ATI Technologies Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> [2006/09/28 22:13:28 | 00,073,728 | ---- | M] (Anti-Malware Development a.s.)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 20:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 20:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Documents and Settings\EDITOR\My Documents\Stupid Clips\WoW BC\WOWEx_Blizcon-downloader.exe" -> C:\Documents and Settings\EDITOR\My Documents\Stupid Clips\WoW BC\WOWEx_Blizcon-downloader.exe [C:\Documents and Settings\EDITOR\My Documents\Stupid Clips\WoW BC\WOWEx_Blizcon-downloader.exe:*:Enabled:Blizzard Downloader] -> [2006/11/01 13:58:06 | 00,741,386 | ---- | M] (Blizzard Entertainment)
"C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" -> C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe [C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server] -> [2004/08/10 05:04:08 | 00,020,543 | ---- | M] (Apache Software Foundation)
"C:\Program Files\BitComet\BitComet.exe" -> C:\Program Files\BitComet\BitComet.exe [C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client] -> [2006/12/15 16:05:10 | 04,954,176 | ---- | M] (www.BitComet.com)
"C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\FreeFTP.exe" -> C&#

NuCK · « **Reply #48 on:** December 22, 2008, 01:16:48 AM »

yeah my mcafee is wayyy outdated. i didn't renew it.

guestolo · « **Reply #49 on:** December 22, 2008, 01:46:46 AM »

[quote name=\'NuCK\' post=\'452167\' date=\'Dec 21 2008, 10:16 PM\']yeah my mcafee is wayyy outdated. i didn't renew it.[/quote]

That doesn't help having outdated AntiVirus software, we should remove it and get you some free AntiVirus if that is what you prefer

I have a couple suggestions
Take a look at either
Avast Home Edition by ALWIL
OR
Avira AntiVir Personal Edition Classic

You only need one
Let me know which one your prefer, download and save the installer to desktop, but DO NOT install it yet
Come back here and let me know which you decided on

NuCK · « **Reply #50 on:** December 22, 2008, 04:55:31 AM »

I dunno... both look alright to me, which would you recommend?

guestolo · « **Reply #51 on:** December 22, 2008, 12:14:37 PM »

I forgot to throw AVG in there too, but let's try the following

Download and save the installer for Avira to desktop, from the following link
http://www.free-av.com/en/download/1/downl..._antivirus.html

Don't install it yet

Next, download and save to desktop [color=\"#FF0000\"]MCPR.exe[/color]
It's a McAfee removal tool

Access your Add and Remove programs
Remove McAfee Security Center, you should be prompted on what products you want removed at this point, tick entries and continue with the uninstallation
Reboot afterwards:

Back in Windows
Run MCPR.exe you downloaded earlier, follow on screen instructions, reboot if required

Install Avira AntiVir from desktop
Ensure that you have it check for Updates
The first time it updates may take awhile, but allow it time

NOTE: Avira will display a single big Ad on your computer
Don't be alarmed, just click OK at the bottom of the Ad to close it

A scan of your System should then start
If a scan does not start after updating, double click on the Avira icon by the clock (the red/white umbrella)
and select "Scan system now"

Quarantine or delete everything it finds
When the scan is finished
Reboot the computer
Back in Windows
Can you post all the following back please:
1. Post a fresh hijackthis log
2. Please post the log from Avira
Open Avira again (Double click on the red Umbrella icon by the clock)
Click on REPORTS under Overview
Double click on the Scan report you just made
Then click on "Report File"

TheTechGuide Forum

News:

Author Topic: Can't install ad-aware and spybot (Read 2523 times)

NuCK

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

guestolo

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

guestolo

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

guestolo

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

guestolo

Can't install ad-aware and spybot

NuCK

Can't install ad-aware and spybot

guestolo

Can't install ad-aware and spybot