Checking for EXPLORER.EXE instances:
C:\Windows\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registry Editor'
Registry check failed!
--------------------------------------------------
Enumerating Browser Helper Objects:
IE7Pro - C:\Program Files\IE7pro\IE7Pro.dll - {00011268-E188-40DF-A514-835FCD78B1BF}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - D:\PROGRA~1\IDA\idaiehlp.dll - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}
(no name) - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
(no name) - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
--------------------------------------------------
Enumerating Task Scheduler jobs:
1-Click Maintenance.job
User_Feed_Synchronization-{371CCB78-4DF7-4D0F-9081-6B14D59BC5D5}.job
--------------------------------------------------
Enumerating Download Program Files:
[Microsoft XML Parser for Java]
CODEBASE = file:///C:/Windows/Java/classes/xmldso.cab
OSD = C:\Windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
[QuickTime Object]
InProcServer32 = D:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE =
http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab[Shockwave ActiveX Control]
InProcServer32 = C:\Windows\system32\macromed\Director\SwDir.dll
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Java Plug-in 1.6.0_02]
InProcServer32 = C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
CODEBASE =
http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab[Java Plug-in 1.6.0_02]
InProcServer32 = C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
CODEBASE =
http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02]
InProcServer32 = C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
CODEBASE =
http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Domino Web Access 7 Control]
InProcServer32 = C:\Windows\Downloaded Program Files\dwa7W.dll
CODEBASE =
https://npsdmail3.np.edu.sg/dwa7W.cab--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\System32\mswsock.dll
NameSpace #3: C:\Windows\System32\winrnr.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Windows\system32\wshbth.dll
Protocol #1: C:\Windows\system32\imon.dll
Protocol #2: C:\Windows\system32\imon.dll
Protocol #3: C:\Windows\system32\imon.dll
Protocol #4: C:\Windows\system32\imon.dll
Protocol #5: C:\Windows\system32\imon.dll
Protocol #6: C:\Windows\system32\imon.dll
Protocol #7: C:\Windows\system32\imon.dll
Protocol #8: C:\Windows\system32\imon.dll
Protocol #9: C:\Windows\system32\imon.dll
Protocol #10: C:\Windows\system32\imon.dll
Protocol #11: C:\Windows\system32\mswsock.dll
Protocol #12: C:\Windows\system32\mswsock.dll
Protocol #13: C:\Windows\system32\mswsock.dll
Protocol #14: C:\Windows\system32\mswsock.dll
Protocol #15: C:\Windows\system32\mswsock.dll
Protocol #16: C:\Windows\system32\mswsock.dll
Protocol #17: C:\Windows\system32\mswsock.dll
Protocol #18: C:\Windows\system32\mswsock.dll
Protocol #19: C:\Windows\system32\mswsock.dll
Protocol #20: C:\Windows\system32\mswsock.dll
Protocol #21: C:\Windows\system32\mswsock.dll
Protocol #22: C:\Windows\system32\imon.dll
Protocol #23: C:\Windows\system32\mswsock.dll
Protocol #24: C:\Windows\system32\mswsock.dll
Protocol #25: C:\Windows\system32\mswsock.dll
Protocol #26: C:\Windows\system32\mswsock.dll
Protocol #27: C:\Windows\system32\mswsock.dll
Protocol #28: C:\Windows\system32\mswsock.dll
Protocol #29: C:\Windows\system32\mswsock.dll
Protocol #30: C:\Windows\system32\mswsock.dll
Protocol #31: C:\Windows\system32\mswsock.dll
Protocol #32: C:\Windows\system32\mswsock.dll
Protocol #33: C:\Windows\system32\mswsock.dll
Protocol #34: C:\Windows\system32\mswsock.dll
Protocol #35: C:\Windows\system32\mswsock.dll
Protocol #36: C:\Windows\system32\mswsock.dll
Protocol #37: C:\Windows\system32\mswsock.dll
Protocol #38: C:\Windows\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
Microsoft ACPI Driver: system32\drivers\acpi.sys (system)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled)
adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system)
Agere Modem Call Progress Audio: C:\Windows\system32\agrsmsvc.exe (autostart)
Agere Systems Soft Modem: system32\DRIVERS\AGRSM.sys (manual start)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled)
@%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
aliide: \SystemRoot\system32\drivers\aliide.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\system32\drivers\amdagp.sys (manual start)
amdide: \SystemRoot\system32\drivers\amdide.sys (disabled)
AMD K7 Processor Driver: \SystemRoot\system32\drivers\amdk7.sys (disabled)
AMD K8 Processor Driver: \SystemRoot\system32\drivers\amdk8.sys (disabled)
AMON: \SystemRoot\system32\drivers\amon.sys (autostart)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart)
arc: \SystemRoot\system32\drivers\arc.sys (disabled)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled)
Advanced SCSI Programming Interface Driver: \??\C:\Windows\System32\DRIVERS\ASPI32.sys (manual start)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
IDE Channel: system32\drivers\atapi.sys (system)
Atheros Extensible Wireless LAN device driver: system32\DRIVERS\athr.sys (manual start)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Autodesk Licensing Service: "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe" (manual start)
Autodesk Network Licensing Service: C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe (manual start)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled)
Bowser: system32\DRIVERS\bowser.sys (manual start)