Go Back   Cyber Tech Help Support Forums > Operating Systems > Older Windows Versions > Windows Vista

Notices

Windows Vista Problem solving for the Windows Vista Operating System. Please remember to state which edition of Vista you are using - Home Basic, Home Premium, Business, Ultimate etc. and whether you are using the 32-bit or 64-bit version if you know.

Reply
 
Topic Tools
  #1  
Old December 1st, 2008, 12:02 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
Mail problem in Vista Home Prem 32-bit

Hi there, first of all i have posted this in internet forum but maybe that is not right place. Sorry for double post.

around 3pm yesterday i stopped receiving or sending mail.

So far i have uninstalled and reinstalled Outlook 2007, no change.

been onto my ISP who say all is well and that my PC is blocking emails.

I have not made any changes to my PC for a couple of weeks when i added Spyware Doctor.

However i can ping my ISP POP server and SMTP, Please help if possible.

Also tried to send / receive with kaspersky and Spyware doctor switched off, all to no avail and also plugged direct into my cable modem instead of through my router/hardware firewall so can t see what can be blocking me unless there is something sinister on the PC.

i am getting 0x800CCC0D error message whenever i try to send receive mail.

been on loads of forums and still no help.

same also happening now that i have set up windows mail.

dont know if ths is related but while browsing for answers just now i had a very obvious winantivirus 2008 pop up and site address was http://free-av-chek-online-tool.com even though thats not where i went.

can you at least tell me which forum i should be posting in please.

regards

jon
Reply With Quote
  #2  
Old December 1st, 2008, 12:44 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Hi Jon. I think it would be a good idea if I had a look at what is running on your computer.

Download OldTimer's OTViewIt from here to your desktop,and doubleclick on OTViewIt.exe to start the scan.

When the display opens place a check next to:

Scan All Users

Then click the Run Scan button to start the scan. Once that completes a textbox will open. Copy and paste the contents here for review please. The log can also be found on your desktop as OTViewIt.Txt. It will be a reasonably large log so you may have to divide the log into sections and make several posts to post it. Extras.txt will also be generated. Please post that log as well.

Note - do not press any other buttons or make any other changes when running the scan.
Reply With Quote
  #3  
Old December 1st, 2008, 01:19 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
Part 1

OTViewIt logfile created on: 01/12/2008 00:15:55 - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\Jon\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 95.45% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.11 Gb Total Space | 443.57 Gb Free Space | 76.33% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.91 Gb Free Space | 66.08% Space Free | Partition Type: NTFS
Drive E: | 532.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JON-PC
Current User Name: Jon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/01/21 02:23:42 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/21 02:23:44 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2008/08/22 23:35:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
[2008/01/21 02:25:00 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2008/01/21 02:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2006/11/02 09:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
[2008/07/29 19:20:28 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
[2007/02/13 10:43:36 | 00,441,136 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
[2007/08/30 08:27:42 | 00,165,120 | ---- | M] (Avanquest Software USA, Inc.) -- C:\Program Files\VCOM\Fix-It\mxtask.exe
[2007/12/17 10:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[2007/10/03 14:45:02 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
[2008/06/13 16:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
[2008/10/09 13:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
[2008/03/11 11:44:38 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
[2008/01/21 02:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2008/01/21 02:24:44 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/08/30 08:27:42 | 00,165,120 | ---- | M] (Avanquest Software USA, Inc.) -- C:\Program Files\VCOM\Fix-It\mxtask.exe
[2008/01/21 02:24:44 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/01/21 02:24:44 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2007/10/03 14:44:58 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[2008/06/12 01:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[2008/03/11 11:44:36 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
[2006/11/02 09:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
[2008/07/29 19:20:28 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
[2006/11/02 12:35:35 | 00,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
[2007/12/17 10:12:58 | 00,243,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fssui.exe
[2008/11/15 14:10:08 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/08/25 12:36:36 | 01,168,264 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
[2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2008/07/22 12:34:50 | 02,772,992 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\Core.exe
[2008/01/21 02:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2007/02/13 10:43:38 | 00,715,568 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[2007/02/13 10:43:36 | 01,600,304 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
[2008/01/21 02:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/01/21 02:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2008/05/27 05:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2007/08/23 14:58:58 | 02,070,000 | ---- | M] () -- C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
[2008/01/21 02:24:44 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/01/21 02:24:49 | 00,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
[2008/01/21 02:23:50 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2007/09/20 09:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
[2008/05/27 05:18:16 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2008/01/21 02:24:28 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2008/05/27 05:17:55 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2008/12/01 00:14:56 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\Jon\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/07/29 19:20:28 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running])
[2007/02/13 10:43:36 | 00,441,136 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
File not found -- -- (CertPropSvc [Unknown | Stopped])
[2008/01/21 02:24:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (DcomLaunch [Unknown | Running])
[2008/01/21 02:23:41 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2008/01/21 02:24:35 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
[2008/01/21 02:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 12:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2007/08/30 08:27:42 | 00,165,120 | ---- | M] (Avanquest Software USA, Inc.) -- C:\Program Files\VCOM\Fix-It\mxtask.exe -- (Fix-It Task Manager [Auto | Running])
[2008/01/21 02:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2007/12/17 10:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
[2008/10/01 10:00:57 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist [On_Demand | Stopped])
[2008/01/21 02:24:55 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
[2007/10/03 14:45:02 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/11/07 19:18:53 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2008/01/21 02:25:21 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2008/08/22 23:35:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
[2008/05/14 09:32:18 | 00,309,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10 [Auto | Stopped])
[2008/05/14 09:31:38 | 01,120,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10 [On_Demand | Stopped])
[2008/05/14 09:32:10 | 00,166,384 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10 [Auto | Stopped])
[2008/01/21 02:24:06 | 00,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs [Unknown | Running])
[2008/09/08 18:19:46 | 00,098,488 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe -- (SandraAgentSrv [On_Demand | Stopped])
[2008/01/21 02:24:20 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- -- (Schedule [Unknown | Running])
File not found -- -- (SCPolicySvc [Unknown | Stopped])
[2008/06/13 16:29:14 | 00,356,920 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
[2008/10/09 13:47:42 | 01,079,176 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
[2008/01/21 02:25:00 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 09:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2008/03/11 11:44:38 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter [Auto | Running])
[2008/03/24 06:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
[2008/01/21 02:24:08 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2008/01/21 02:25:00 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Running])
[2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2008/01/21 02:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
[2008/05/27 05:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
Reply With Quote
  #4  
Old December 1st, 2008, 01:21 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
2008/01/21 02:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2008/01/21 02:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2008/01/21 02:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2008/01/21 02:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 09:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2008/01/21 02:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2008/01/21 02:23:00 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2008/01/21 02:23:00 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2008/01/21 02:23:00 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2008/01/21 02:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
[2008/01/21 02:23:53 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 08:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 08:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 08:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 08:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 08:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 08:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2008/01/21 02:23:25 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])
[2006/11/02 08:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2008/01/21 02:23:20 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])
[2008/10/01 18:25:37 | 00,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2008/10/01 18:25:37 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Running])
[2007/04/02 04:42:02 | 00,079,664 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running])
[2007/04/02 04:42:04 | 00,080,688 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running])
[2007/04/02 04:42:08 | 00,016,432 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand | Running])
[2008/01/21 02:23:26 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
[2008/01/21 02:23:54 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2008/01/21 02:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2008/01/21 02:23:22 | 00,024,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2008/01/21 02:23:00 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2008/01/21 02:24:55 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2008/01/21 02:23:01 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4 [On_Demand | Running])
[2008/01/21 02:23:03 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Running])
[2008/01/21 02:23:01 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb [On_Demand | Running])
[2008/08/02 01:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2007/09/12 08:44:34 | 00,228,224 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express [On_Demand | Running])
[2008/01/21 02:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/21 02:23:39 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2008/01/21 02:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2008/01/21 02:23:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev [Disabled | Stopped])
[2008/01/21 02:25:02 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/21 02:24:04 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/21 02:24:21 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2007/10/17 12:53:16 | 00,043,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr [Auto | Running])
[2008/01/21 02:23:22 | 00,061,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2006/11/02 07:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
[2008/01/21 02:23:22 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 08:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 08:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2008/01/17 18:30:36 | 00,038,448 | ---- | M] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3 [Boot | Running])
[2008/01/21 02:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2007/12/11 08:43:48 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [Boot | Running])
[2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/02 09:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2008/08/25 12:36:28 | 00,040,840 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\ikfilesec.sys -- (IKFileSec [Boot | Running])
[2008/08/25 12:36:28 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksysflt.sys -- (IKSysFlt [System | Running])
[2008/08/25 12:36:30 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksyssec.sys -- (IKSysSec [System | Running])
[2008/01/21 02:23:22 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 09:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 09:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/07/21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kl1.sys -- (kl1 [System | Running])
[2008/01/29 17:29:38 | 00,032,784 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klbg.sys -- (klbg [Boot | Running])
[2008/03/13 18:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klfltdev.sys -- (KLFLTDEV [On_Demand | Running])
[2008/10/04 12:23:04 | 00,216,080 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys -- (KLIF [System | Running])
[2008/07/09 17:28:26 | 00,020,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6 [System | Running])
[2008/01/21 02:24:37 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2008/01/21 02:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2008/01/21 02:24:37 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2008/01/21 02:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2008/01/21 02:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR [Disabled | Stopped])
[2008/01/21 02:23:22 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2008/01/21 02:23:20 | 00,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2008/01/21 02:24:47 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 09:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2008/08/27 01:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2008/01/21 02:24:28 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/10/01 18:24:47 | 00,028,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])
[2008/01/21 02:23:21 | 00,094,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2008/01/21 02:24:26 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/05/20 02:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Stopped])
[2006/11/02 09:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2008/01/21 02:24:47 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 07:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2008/08/22 23:35:00 | 07,475,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
[2008/01/21 02:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,109,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2008/11/29 11:01:26 | 00,160,792 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctfw2.sys -- (pctfw2 [System | Running])
[2006/11/02 09:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2008/10/01 18:25:34 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/04/08 02:00:00 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2008/01/21 02:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 09:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
Reply With Quote
  #5  
Old December 1st, 2008, 01:22 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
2008/01/21 02:23:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/02 07:36:43 | 02,028,032 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300 [On_Demand | Stopped])
[2008/01/21 02:25:05 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/21 02:24:50 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2008/01/21 02:23:03 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])
[2008/01/21 02:24:37 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2008/07/29 13:35:18 | 00,021,920 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\sandra.sys -- (SANDRA [On_Demand | Stopped])
[2006/11/02 09:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2006/11/02 06:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/21 02:23:20 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2008/01/21 02:23:23 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2008/01/21 02:23:01 | 00,055,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2008/01/21 02:23:26 | 00,041,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2008/01/21 02:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2008/01/21 02:25:00 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2008/01/21 02:24:11 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2008/01/21 02:24:59 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2008/01/21 02:23:45 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2006/11/02 09:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 09:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 09:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2008/01/21 02:23:43 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2008/01/21 02:24:53 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/01/21 02:24:59 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2008/01/21 02:24:25 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/21 02:24:25 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2008/01/21 02:23:22 | 00,059,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
[2008/01/17 18:30:36 | 00,032,352 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus [System | Running])
[2008/01/17 18:30:36 | 00,131,456 | ---- | M] (Paragon) -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM [System | Running])
[2008/01/21 02:23:01 | 00,060,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2008/01/21 02:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 09:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2008/01/21 02:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/01/21 02:23:22 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2006/11/02 08:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2008/01/21 02:23:02 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2008/01/21 02:23:00 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2008/01/21 02:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/21 02:23:01 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2008/01/21 02:24:27 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/01/21 02:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 08:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2008/01/21 02:23:24 | 00,022,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/01/21 02:23:51 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2008/01/21 02:23:26 | 00,031,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb [On_Demand | Running])
[2008/01/21 02:23:00 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])
[2008/01/21 02:24:47 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4081001
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.msn.co.uk/
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4081001
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.msn.co.uk/
"StartPageCache"=

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
::1 localhost
Reply With Quote
  #6  
Old December 1st, 2008, 01:24 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
color=orange]========== (O2) BHO's ==========[/color]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (HKLM) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} (HKLM) -- C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Adobe Reader Speed Launcher"="c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)
"Bluetooth HCI Monitor"=RunDll32 HCIMNTR.DLL,RunCheckHCIMode (Logitech Inc.)
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
"fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun (Microsoft Corporation)
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" (Intel Corporation)
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" (Sonic Solutions)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
"WPCUMI"=C:\Windows\system32\WpcUmi.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent (Electronic Arts)
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent (Electronic Arts)
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Explorer]
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\System\UIPI\Clipboard\Exceptio nFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Banner Ad Blocker: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/07/29 19:08:28 | 00,001,411 | ---- | M] ()
E&xport to Microsoft Excel: C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE File not found
Send image to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2007/01/23 10:57:50 | 00,001,199 | ---- | M] ()
Send page to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2007/01/23 10:57:52 | 00,002,758 | ---- | M] ()

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Banner Ad Blocker: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/07/29 19:08:28 | 00,001,411 | ---- | M] ()
E&xport to Microsoft Excel: C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE File not found
Send image to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2007/01/23 10:57:50 | 00,001,199 | ---- | M] ()
Send page to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2007/01/23 10:57:52 | 00,002,758 | ---- | M] ()

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}: Button: Web traffic protection statistics -- %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [2008/07/29 19:22:28 | 00,222,472 | ---- | M] (Kaspersky Lab)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blog This -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007/10/26 17:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blog This in Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007/10/26 17:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 -- %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2007/01/23 10:57:52 | 00,002,758 | ---- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 -- %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2007/01/23 10:57:52 | 00,002,758 | ---- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

[HKEY_USERS\S-1-5-21-14011553-817203869-956003243-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/control...ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\URL\DefaultPrefix]
""=http://
Reply With Quote
  #7  
Old December 1st, 2008, 01:25 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
color=orange]========== (O16) DPF ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/...oUploader5.cab -- Facebook Photo Uploader 5 Control
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}: http://security.symantec.com/sscv6/S...in/AvSniff.cab -- Symantec AntiVirus scanner
{362C56AA-6E4F-40C7-A0B5-85501DBDAD77}: http://i.dell.com/images/global/js/s.../SysProExe.cab -- Scanner.SysScanner
{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}: http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab -- CDownloadCtrl Object
{644E432F-49D3-41A1-8DD5-E099162EEEC5}: http://security.symantec.com/sscv6/S.../bin/cabsa.cab -- Symantec RuFSI Utility Class
{6F15128C-E66A-490C-B848-5000B5ABEEAC}: https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab -- HP Download Manager
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_10
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_10
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_10

========== (O17) DNS Name Servers ==========

{D263E1DB-AA10-45FB-8EB0-2D6D75945EB4} (Servers: | Description: )
{F283E270-6575-4BA8-80F3-619D54F69134} (Servers: | Description: Intel(R) 82566DC-2 Gigabit Network Connection)

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
GoToAssist: "DllName" = C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll -- C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
klogon: "DllName" = C:\Windows\system32\klogon.dll -- C:\Windows\System32\klogon.dll (Kaspersky Lab)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/21 02:24:37 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/21 02:24:37 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 21:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

autorun.inf [[autorun] | OPEN=SETUP.EXE | ICON=SETUP.EXE,0 | | shell\configure=&Configure... | shell\configure\command=SETUP.EXE | | shell\install=&Install... | shell\install\command=SETUP.EXE | ]
[2006/10/28 06:00:20 | 00,000,175 | R--- | M] () -- E:\autorun.inf -- [ UDF ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{47f70b6c-8fa4-11dd-8805-806e6f6e6963}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{47f70b6c-8fa4-11dd-8805-806e6f6e6963}\Shell\AutoRun\command]
""=E:\SETUP.EXE -- [2006/10/28 06:30:48 | 00,463,152 | R--- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{47f70b6c-8fa4-11dd-8805-806e6f6e6963}\Shell\configure\command]
""=E:\SETUP.EXE -- [2006/10/28 06:30:48 | 00,463,152 | R--- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{47f70b6c-8fa4-11dd-8805-806e6f6e6963}\Shell\install\command]
""=E:\SETUP.EXE -- [2006/10/28 06:30:48 | 00,463,152 | R--- | M] (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[3 C:\ProgramData\*.tmp files]
[2008/12/01 00:14:53 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Users\Jon\Desktop\OTViewIt.exe
[2008/11/30 22:48:53 | 00,000,318 | ---- | C] () -- C:\Users\Jon\Documents\cc_20081130_224851.reg
[2008/11/30 21:32:32 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2008/11/29 16:49:02 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2008/11/29 16:49:01 | 00,160,792 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctfw2.sys
[2008/11/29 11:01:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2008/11/29 00:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2008/11/28 17:31:33 | 00,000,000 | ---D | C] -- C:\Users\Jon\AppData\Roaming\BitTorrent
[2008/11/26 07:52:39 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2008/11/26 07:52:37 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2008/11/26 07:52:37 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2008/11/26 07:52:37 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2008/11/26 07:52:35 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2008/11/16 20:52:31 | 00,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2008/11/16 20:52:31 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMPFC5A2B2
[2008/11/16 20:52:30 | 00,081,288 | ---- | C] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksyssec.sys
[2008/11/16 20:52:30 | 00,066,952 | ---- | C] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksysflt.sys
[2008/11/16 20:52:30 | 00,040,840 | ---- | C] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\ikfilesec.sys
[2008/11/16 20:52:30 | 00,029,576 | ---- | C] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\kcom.sys
[2008/11/16 20:52:25 | 00,000,000 | ---D | C] -- C:\Users\Jon\AppData\Roaming\PC Tools
[2008/11/16 20:52:25 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2008/11/16 20:12:33 | 00,000,128 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2008/11/15 22:08:57 | 00,021,914 | ---- | C] () -- C:\Users\Jon\Documents\cc_20081115_220855.reg
[2008/11/15 14:11:10 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2008/11/15 12:57:26 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2008/11/15 12:50:43 | 00,071,982 | ---- | C] () -- C:\Users\Jon\Documents\cc_20081115_125034.reg
[2008/11/15 12:48:40 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/11/15 11:40:01 | 00,000,000 | ---D | C] -- C:\Users\Jon\Documents\virus scans
[2008/11/14 18:55:35 | 00,000,000 | ---D | C] -- C:\Users\Jon\AppData\Roaming\Malwarebytes
[2008/11/14 18:55:34 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2008/11/14 18:55:32 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/11/14 18:55:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2008/11/14 18:55:31 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/14 18:39:52 | 00,000,000 | ---D | C] -- C:\rsit
[2008/11/14 18:39:52 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/11/11 18:17:47 | 01,191,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
[2008/11/11 18:17:47 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2008/11/11 18:17:46 | 01,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
[2008/11/08 14:58:25 | 00,000,144 | ---- | C] () -- C:\Users\Jon\AppData\Local\rx_image32.Cache
[2008/11/08 14:58:25 | 00,000,000 | ---D | C] -- C:\Users\Jon\Documents\Roxio
[2008/11/08 14:58:24 | 00,004,216 | ---- | C] () -- C:\Users\Jon\AppData\Local\rx_audio.Cache
[2008/11/08 14:58:15 | 00,000,000 | ---D | C] -- C:\Users\Jon\AppData\Roaming\Roxio
[2008/11/08 12:00:27 | 00,000,000 | ---D | C] -- C:\Users\Jon\Documents\FIFA 09 Demo
[2008/11/08 11:56:04 | 00,001,952 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2008/11/08 11:55:58 | 00,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2008/11/08 11:55:49 | 00,000,660 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg
[2008/11/08 11:55:29 | 00,000,000 | ---D | C] -- C:\Users\Jon\AppData\Local\Downloaded Installations
[2008/11/08 11:53:24 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2008/11/08 11:53:23 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2008/11/08 11:53:23 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2008/11/08 11:53:23 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2008/11/08 11:53:23 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2008/11/08 11:53:22 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2008/11/08 11:53:22 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2008/11/08 11:53:19 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2008/11/08 11:53:19 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2008/11/08 11:53:19 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2008/11/08 11:53:19 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2008/11/08 11:53:18 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2008/11/08 11:53:18 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2008/11/08 11:53:18 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2008/11/07 22:32:29 | 03,554,133 | -H-- | C] () -- C:\Users\Jon\AppData\Local\IconCache.db
[2008/11/07 20:06:32 | 00,000,000 | ---D | C] -- C:\Users\Jon\Desktop\UTILITIES
[2008/11/07 19:36:33 | 07,999,488 | ---- | C] () -- C:\ProgramData\sandra.mda
[2008/11/07 19:36:31 | 00,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2008/11/07 19:19:27 | 32,190,50496 | -HS- | C] () -- C:\hiberfil.sys
[2008/11/07 18:40:11 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2008/11/01 19:33:01 | 00,000,728 | ---- | C] () -- C:\Users\Jon\Desktop\Guild Wars.lnk
[2008/11/01 19:14:09 | 00,000,000 | ---D | C] -- C:\Users\Jon\Documents\Guild Wars

========== Files - Modified Within 30 Days ==========

[3 C:\ProgramData\*.tmp files]
[2008/12/01 00:14:56 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\Jon\Desktop\OTViewIt.exe
[2008/12/01 00:12:18 | 00,116,080 | ---- | M] () -- C:\Users\Jon\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/12/01 00:12:01 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2008/12/01 00:12:01 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2008/12/01 00:12:00 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2008/12/01 00:11:58 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2008/12/01 00:11:56 | 32,190,50496 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/30 22:48:54 | 00,000,318 | ---- | M] () -- C:\Users\Jon\Documents\cc_20081130_224851.reg
[2008/11/30 21:47:09 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/11/30 21:47:09 | 00,600,496 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2008/11/30 21:47:09 | 00,106,018 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2008/11/30 21:42:35 | 00,417,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2008/11/30 21:41:35 | 04,709,408 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2008/11/30 21:41:35 | 00,540,704 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.dat
[2008/11/30 21:41:35 | 00,039,968 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2008/11/30 21:41:35 | 00,003,976 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.idx
[2008/11/30 21:41:24 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2008/11/30 21:41:20 | 03,554,133 | -H-- | M] () -- C:\Users\Jon\AppData\Local\IconCache.db
[2008/11/30 21:32:43 | 00,000,128 | ---- | M] () -- C:\Windows\win.ini
[2008/11/29 11:01:26 | 00,160,792 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctfw2.sys
[2008/11/16 20:52:35 | 07,999,488 | ---- | M] () -- C:\ProgramData\sandra.mda
[2008/11/16 20:52:35 | 00,000,128 | ---- | M] () -- C:\ProgramData\sandra.ldb
[2008/11/16 20:52:31 | 00,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2008/11/15 22:09:00 | 00,021,914 | ---- | M] () -- C:\Users\Jon\Documents\cc_20081115_220855.reg
[2008/11/15 12:50:53 | 00,071,982 | ---- | M] () -- C:\Users\Jon\Documents\cc_20081115_125034.reg
[2008/11/08 15:02:20 | 00,004,216 | ---- | M] () -- C:\Users\Jon\AppData\Local\rx_audio.Cache
[2008/11/08 15:02:20 | 00,000,144 | ---- | M] () -- C:\Users\Jon\AppData\Local\rx_image32.Cache
[2008/11/08 11:56:04 | 00,001,952 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2008/11/08 11:55:49 | 00,000,660 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2008/11/04 00:10:25 | 17,318,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2008/11/02 10:46:44 | 00,000,728 | ---- | M] () -- C:\Users\Jon\Desktop\Guild Wars.lnk
< End of report >

Thanks for sparing the time Anne Marie much appreciated
Reply With Quote
  #8  
Old December 1st, 2008, 02:28 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
You are welcome. Can you post Extras.txt too please.
Reply With Quote
  #9  
Old December 1st, 2008, 08:55 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
OTViewIt Extras logfile created on: 01/12/2008 00:15:55 - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\Jon\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 95.45% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.11 Gb Total Space | 443.57 Gb Free Space | 76.33% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.91 Gb Free Space | 66.08% Space Free | Partition Type: NTFS
Drive E: | 532.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JON-PC
Current User Name: Jon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=1
""=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile
"EnableFirewall"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\Logging]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
File not found -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt
========== (O10) Winsock2 Catalogs ==========
Reply With Quote
  #10  
Old December 1st, 2008, 08:56 AM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000007 [Bluetooth Namespace] -- C:\Windows\System32\wshbth.dll (Microsoft Corporation)
Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000018 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000019 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000020 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000021 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000022 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000023 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000024 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000025 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000026 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000027 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000028 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000029 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000030 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000031 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000032 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000033 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000034 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000035 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000036 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000037 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000038 -- C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)
========== HKEY_USERS Protocol Defaults ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Inter net Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned
========== HKEY_USERS Protocol Defaults ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Inter net Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned
========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\]
[2007/10/18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\]
[2007/11/28 10:19:22 | 00,230,760 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\]
[2007/10/18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\]
[2007/10/23 11:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])
========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filt er\] - Protocol Filters
[2006/03/06 09:33:08 | 00,098,304 | ---- | M] () C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll application/x-internet-signup:{A173B69A-1F9B-4823-9FDA-412F641E65D6} (HKLM) [INSMimeFilterPP Class]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}"=WIDCOMM Bluetooth Software 6.0.1.4300
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}"=Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}"=DirectXInstallService
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}"=Microsoft Works
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}"=Windows Live Mail
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}"=Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}"=Java(TM) 6 Update 10
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}"=Windows Live Photo Gallery
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Roxio Update Manager
"{3403CB31-D7C1-43F4-9D2F-579758C0CF09}"=Windows Live OneCare Family Safety
"{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}"=Roxio Creator Premier 10
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}"=Roxio Creator Premier
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{50C9E7FB-FF2A-4E37-AA87-068ACA70D4C2}"=Paragon Hard Disk Manager 8.5 Special Edition
"{5158974E-2D28-4018-9335-7694C2974746}"=Fix-It Utilities 7
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}"=Tiscali Internet
"{62230596-37E5-4618-A329-0D21F529A86F}"=Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}"=Roxio Express Labeler
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}"=EDocs
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}"=Roxio Creator Audio
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}"=Intel(R) PRO Network Connections 12.1.12.4
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}"=Dell Getting Started Guide
"{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}"=Roxio CinePlayer Decoder Pack
"{90120000-0020-0409-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}"=Intel(R) Matrix Storage Manager
"{9176251A-4CC1-4DDB-B343-B487195EB397}"=Windows Live Writer
"{95120000-00AF-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint Viewer 2007 (English)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}"=Adobe AIR
"{A73BDB2A-E4A7-4FE8-960E-6A5C8BF76FCB}"=XPS MiniView Gadget
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}"=Roxio Creator Copy
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1"=SiSoftware Sandra Lite 2009
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}"=Dell Support Center
"{EC877639-07AB-495C-BFD1-D63AF9140810}"=Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}"=Roxio Creator Premier
"{EF7E931D-DC84-471B-8DB6-A83358095474}"=EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Ashampoo Photo Commander 5_is1"=Ashampoo Photo Commander 5.40
"CCleaner"=CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1"=Acrobat.com
"Download Manager"=Download Manager 2.3.7
"GoToAssist"=GoToAssist 8.0.0.514
"Guild Wars"=Guild Wars
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}"=EA Download Manager
"InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"NVIDIA Drivers"=NVIDIA Drivers
"PROSetDX"=Intel(R) PRO Network Connections 12.1.12.4
"Revo Uninstaller"=Revo Uninstaller 1.75
"Spyware Doctor"=Spyware Doctor 6.0
"WinRAR archiver"=WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28/11/2008 16:14:36 | Computer Name = Jon-PC | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 12.0.6308.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 12d8 Start Time: 01c95195cdc8b6b0 Termination Time: 66
Error - 28/11/2008 19:14:56 | Computer Name = Jon-PC | Source = Windows Search Service | ID = 3024
Description =
Error - 28/11/2008 21:48:22 | Computer Name = Jon-PC | Source = VSS | ID = 13
Description =
Error - 28/11/2008 21:48:22 | Computer Name = Jon-PC | Source = VSS | ID = 8193
Description =
Error - 29/11/2008 06:34:30 | Computer Name = Jon-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/11/2008 11:10:11 | Computer Name = Jon-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/11/2008 12:52:21 | Computer Name = Jon-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/11/2008 17:17:55 | Computer Name = Jon-PC | Source = WinMgmt | ID = 10
Description =
Error - 30/11/2008 04:26:55 | Computer Name = Jon-PC | Source = WinMgmt | ID = 10
Description =
Error - 30/11/2008 07:38:17 | Computer Name = Jon-PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 07/11/2008 15:16:58 | Computer Name = Jon-PC | Source = DCOM | ID = 10005
Description =
Error - 07/11/2008 15:19:31 | Computer Name = Jon-PC | Source = HTTP | ID = 15016
Description =
Error - 07/11/2008 15:21:15 | Computer Name = Jon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08/11/2008 06:08:36 | Computer Name = Jon-PC | Source = HTTP | ID = 15016
Description =
Error - 08/11/2008 06:10:18 | Computer Name = Jon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08/11/2008 09:40:36 | Computer Name = Jon-PC | Source = HTTP | ID = 15016
Description =
Error - 08/11/2008 09:42:19 | Computer Name = Jon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09/11/2008 05:12:49 | Computer Name = Jon-PC | Source = HTTP | ID = 15016
Description =
Error - 09/11/2008 05:14:33 | Computer Name = Jon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09/11/2008 09:38:47 | Computer Name = Jon-PC | Source = HTTP | ID = 15016
Description =

< End of report >
Reply With Quote
  #11  
Old December 1st, 2008, 10:30 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Hi Jon. I cant see anything in your log that would explain the problem so I have to suspect your security software.

I see that you disabled Kaspersky however disabling security apps is not usually sufficient to see if they are causing the problem. They have to be completely uninstalled so please take a note of your product key and uninstall Kaspersky and reboot. Did this make any difference? If not, do the same with Spyware Doctor. Post back and let me know how you get on.
Reply With Quote
  #12  
Old December 1st, 2008, 12:24 PM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
Ok ill try that when i get home tonight. I actually work in an IT dept, and some of the guys think the problem could be with the ISPs POP server. I can get to my web mail fine at the moment.

One of our tech guys wrote me this earlier today.

Possible

its possible the mailbox cluster may be getting defragmented, theres one this week but cant remember when. try it about 4pm+ ish and if it still isnt working try webmail. if you can access webmail then its the program if you cant access webmail try selfcare to double check the password if you can get into selfcare and not the other 2 then its the email server or cluster thats the problem.
Reply With Quote
  #13  
Old December 1st, 2008, 12:27 PM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
on from that is that i got onto selfcare this morning and the web mail, and pinged the servers again, all ok.

do you think that a systen restore might help at all.
Reply With Quote
  #14  
Old December 1st, 2008, 10:01 PM
jonnyred jonnyred is offline
Senior Member
 
Join Date: Sep 2005
Posts: 252
Hiya Anne Marie. I removed Kaspersky and problem went away. windows mail ran fine with Spyware Doctor. i reinstalled kaspersky and it uninstalled Spyware Doctor saying it was incompatible. weird as they have been working together for over a year now.
So now i have windows mail, with Kaspersky, but im gonna try and get back to where i was which was, outlook 2007, Kaspersky and Spyware doctor.
i have only just paid for another years subscription on both programs so would like for them to work otherwise i will have to choose. I use both as i got nailed about 9 months ago and Dahli and Acrobaze tried to help me, in the end i rebuilt the PC so maybe i am a little paranoid.

If same happens with outlook again then i guess i stick with MS web mail or move to gmail. Any preference from experience as to which is better, Kasprsky IS or Spyware doctor with AV ? maybe i should post in cyber safety forum.
Reply With Quote
  #15  
Old December 1st, 2008, 10:56 PM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Hi Jon, an update to either program can cause issues such as this. What I would do, is talk to Spyware Doctor's support team and let them know what happened. I would think that they will get onto it smartly as Kaspersky is a very popular AV. It might mean that they have to write an update or fix for the compatibility issue but I cant see them ignoring it. Personally I would go with Kaspersky and look for another antispyware solution if it comes down to the wire.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Boot info missing WIN 7 Home Prem Mike31z Windows 7 5 June 28th, 2011 07:28 PM
Win 7 Home Prem. and wireless printer eriebch Networking 6 June 23rd, 2010 12:07 AM
No Internet Connection / Vista Home Prem. Nanci252 Networking 3 November 18th, 2008 06:52 PM
Networking Vista & XP home..PROBLEM!!! bilalqadry Networking 1 July 13th, 2008 04:20 PM
problem with Vista Home Premium saffionline Windows Vista 2 March 31st, 2008 07:23 AM


All times are GMT +1. The time now is 05:24 PM.