OTViewIt logfile created on: 8/25/2008 6:39:57 PM - Run 1 OTViewIt by OldTimer - Version 1.0.0.12 Folder = E:\lindas pc Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.31 Mb Total Physical Memory | 451.59 Mb Available Physical Memory | 44.17% Memory free 2.43 Gb Paging File | 1.92 Gb Available in Paging File | 78.78% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232.88 Gb Total Space | 212.89 Gb Free Space | 91.42% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 1.92 Gb Total Space | 0.51 Gb Free Space | 26.46% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ALL-STAR Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users ===== Processes - Non-Microsoft Only ===== [04/04/2005 06:58 PM | 00,163,840 | ---- | M] (Adobe Systems Incorporated) - C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [08/22/2008 01:42 AM | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\Program Files\AVG\AVG8\avgwdsvc.exe [11/30/2004 10:08 AM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe [02/24/2005 05:19 PM | 00,057,409 | ---- | M] (NVIDIA) - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [01/04/2007 04:38 PM | 00,024,652 | ---- | M] (Viewpoint Corporation) - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [02/24/2005 05:23 PM | 00,139,264 | ---- | M] () - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [11/30/2004 10:08 AM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe [04/04/2005 06:58 PM | 03,502,080 | ---- | M] () - C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe [12/20/2004 05:12 PM | 00,131,072 | ---- | M] (NVIDIA Corporation) - C:\Program Files (x86)\NVIDIA Corporation\NvMixer\NvMixerTray.exe [11/03/2004 12:01 PM | 00,073,728 | ---- | M] (PROMT Ltd.) - C:\Program Files (x86)\PRMT6\PRMTED\EDLauncher.exe [01/20/2005 07:36 PM | 00,110,592 | ---- | M] (PROMT Ltd.) - C:\Program Files (x86)\PRMT6\PRMTED\prmedsvr.exe [04/04/2005 06:58 PM | 00,856,064 | ---- | M] (Adobe Sytems Incorporated) - C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [12/14/2004 02:12 AM | 00,483,328 | ---- | M] (Adobe Systems Inc.) - C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe [01/05/2006 11:57 AM | 00,114,688 | ---- | M] (SanDisk) - C:\Program Files (x86)\SanDisk\SanDisk TransferMate\SD Monitor.exe [06/06/2005 11:46 PM | 00,057,344 | ---- | M] (Adobe Systems Incorporated) - C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [09/25/2007 02:11 AM | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) - C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe [02/04/2008 03:18 PM | 00,267,048 | ---- | M] (Apple Inc.) - C:\Program Files (x86)\iTunes\iTunesHelper.exe [08/22/2008 01:42 AM | 01,235,736 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\Program Files\AVG\AVG8\avgtray.exe [06/30/2006 12:41 AM | 00,077,824 | ---- | M] () - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe [02/04/2008 03:18 PM | 00,504,104 | ---- | M] (Apple Inc.) - C:\Program Files (x86)\iPod\bin\iPodService.exe [08/25/2008 06:38 PM | 01,299,968 | ---- | M] (OldTimer Tools) - E:\lindas pc\OTViewIt.exe ===== Win32 Services - Non-Microsoft Only ===== (Adobe LM Service) Adobe LM Service [On_Demand | Stopped] [05/15/2006 11:17 AM | 00,072,704 | ---- | M] (Adobe Systems) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Version Cue CS2) Adobe Version Cue CS2 [Auto | Running] [04/04/2005 06:58 PM | 00,163,840 | ---- | M] (Adobe Systems Incorporated) - C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (avg8wd) AVG Free8 WatchDog [Auto | Running] [08/22/2008 01:42 AM | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\Program Files\AVG\AVG8\avgwdsvc.exe (dmadmin) Logical Disk Manager Administrative Service [On_Demand | Stopped] File not found - %SystemRoot%\System32\dmadmin.exe (Eventlog) Event Log [Auto | Running] File not found - %SystemRoot%\system32\services.exe (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) [Auto | Running] [02/24/2005 05:23 PM | 00,139,264 | ---- | M] () - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe (ForcewareWebInterface) Forceware Web Interface [Auto | Running] [11/30/2004 10:08 AM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (HTTPFilter) HTTP SSL [On_Demand | Stopped] File not found - %SystemRoot%\System32\lsass.exe (ImapiService) IMAPI CD-Burning COM Service [On_Demand | Stopped] File not found - C:\WINDOWS\system32\imapi.exe (iPod Service) iPod Service [On_Demand | Running] [02/04/2008 03:18 PM | 00,504,104 | ---- | M] (Apple Inc.) - C:\Program Files (x86)\iPod\bin\iPodService.exe (MSDTC) Distributed Transaction Coordinator [On_Demand | Stopped] File not found - C:\WINDOWS\system32\msdtc.exe (Netlogon) Net Logon [On_Demand | Stopped] File not found - %SystemRoot%\system32\lsass.exe (nSvcLog) ForceWare user log service [Auto | Running] [02/24/2005 05:19 PM | 00,057,409 | ---- | M] (NVIDIA) - C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NtLmSsp) NT LM Security Support Provider [On_Demand | Stopped] File not found - %SystemRoot%\system32\lsass.exe (PlugPlay) Plug and Play [Auto | Running] File not found - %SystemRoot%\system32\services.exe (PolicyAgent) IPSEC Services [Auto | Running] File not found - %SystemRoot%\system32\lsass.exe (ProtectedStorage) Protected Storage [Auto | Running] File not found - %SystemRoot%\system32\lsass.exe (RDSessMgr) Remote Desktop Help Session Manager [On_Demand | Stopped] File not found - C:\WINDOWS\system32\sessmgr.exe (SamSs) Security Accounts Manager [Auto | Running] File not found - %SystemRoot%\system32\lsass.exe (TlntSvr) Telnet [Disabled | Stopped] File not found - C:\WINDOWS\system32\tlntsvr.exe (vds) Virtual Disk Service [On_Demand | Stopped] File not found - %SystemRoot%\System32\vds.exe (Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] [01/04/2007 04:38 PM | 00,024,652 | ---- | M] (Viewpoint Corporation) - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (VSS) Volume Shadow Copy [On_Demand | Stopped] File not found - %SystemRoot%\System32\vssvc.exe (WmiApSrv) WMI Performance Adapter [On_Demand | Stopped] File not found - C:\WINDOWS\system32\wbem\wmiapsrv.exe ===== Driver Services - Non-Microsoft Only ===== (ACPI) Microsoft ACPI Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\ACPI.sys (aec) Microsoft Kernel Acoustic Echo Canceller [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\aec.sys (AFD) AFD [System | Running] File not found - C:\WINDOWS\System32\drivers\afd.sys (AmdK8) AMD K8 Processor Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\amdk8.sys (Arp1394) 1394 ARP Client Protocol [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\arp1394.sys (AsyncMac) RAS Asynchronous Media Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\asyncmac.sys (atapi) Standard IDE/ESDI Hard Disk Controller [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\atapi.sys (Atmarpc) ATM ARP Client Protocol [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\atmarpc.sys (audstub) Audio Stub Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\audstub.sys (AvgLdx64) AVG Free AVI Loader Driver x64 [System | Running] File not found - C:\WINDOWS\System32\Drivers\avgldx64.sys (AvgMfx64) AVG Free On-access Scanner Minifilter Driver x64 [System | Running] File not found - C:\WINDOWS\System32\Drivers\avgmfx64.sys (AvgTdiA) AVG8 Network Redirector x64 [Auto | Running] File not found - C:\WINDOWS\System32\Drivers\avgtdia.sys (Beep) Beep [System | Running] File not found - (CdaC15BA) CdaC15BA [Auto | Running] File not found - C:\WINDOWS\System32\DRIVERS\CdaC15BA.sys (CdaD10BA) CdaD10BA [Auto | Running] File not found - C:\WINDOWS\System32\DRIVERS\CdaD10BA.sys (Cdfs) Cdfs [Disabled | Running] File not found - (Cdrom) CD-ROM Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\cdrom.sys (crcdisk) CRC Disk Filter Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\crcdisk.sys (Disk) Disk Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\disk.sys (dmboot) dmboot [Disabled | Stopped] File not found - C:\WINDOWS\System32\drivers\dmboot.sys (dmio) Logical Disk Manager Driver [Boot | Running] File not found - C:\WINDOWS\System32\drivers\dmio.sys (dmload) dmload [Boot | Running] File not found - C:\WINDOWS\System32\drivers\dmload.sys (Fastfat) Fastfat [Disabled | Running] File not found - (Fdc) Floppy Disk Controller Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\fdc.sys (Fips) Fips [System | Running] File not found - (Flpydisk) Floppy Disk Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\flpydisk.sys (FltMgr) FltMgr [Boot | Running] File not found - C:\WINDOWS\system32\drivers\fltmgr.sys (Ftdisk) Volume Manager Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\ftdisk.sys (GEARAspiWDM) GEARAspiWDM [On_Demand | Stopped] [09/19/2006 02:44 PM | 00,015,664 | ---- | M] (GEAR Software Inc.) - C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys (Gpc) Generic Packet Classifier [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\msgpc.sys (HidUsb) Microsoft HID Class Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\hidusb.sys (HTTP) HTTP [On_Demand | Running] File not found - C:\WINDOWS\System32\Drivers\HTTP.sys (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\i8042prt.sys (imapi) CD-Burning Filter Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\imapi.sys (Ip6Fw) IPv6 Windows Firewall Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\ip6fw.sys (IpFilterDriver) IP Traffic Filter Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys (IpInIp) IP in IP Tunnel Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\ipinip.sys (IpNat) IP Network Address Translator [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\ipnat.sys (IPSec) IPSEC driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\ipsec.sys (irda) IrDA Protocol [Auto | Running] File not found - C:\WINDOWS\System32\DRIVERS\irda.sys (IRENUM) IR Enumerator Service [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\irenum.sys (irsir) Microsoft Serial Infrared Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\irsir.sys (isapnp) PnP ISA/EISA Bus Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\isapnp.sys (Kbdclass) Keyboard Class Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\kbdclass.sys (kbdhid) Keyboard HID Driver [System | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\kbdhid.sys (kmixer) Microsoft Kernel Wave Audio Mixer [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\kmixer.sys (KSecDD) KSecDD [Boot | Running] File not found - (ksthunk) Kernel Streaming WOW64 Thunk Service [On_Demand | Running] File not found - C:\WINDOWS\System32\drivers\ksthunk.sys (L8042Kbd) Logitech SetPoint Keyboard Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys (L8042mou) Logitech SetPoint PS/2 Mouse Filter Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\L8042mou.Sys (LBeepKE) LBeepKE [Auto | Stopped] [06/30/2006 12:54 AM | 00,004,480 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\Drivers\LBeepKE.sys (LHidKe) Logitech SetPoint HID Mouse Filter Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\LHidKE.Sys (LHidUsbK) Logitech SetPoint USB Receiver device driver [On_Demand | Running] File not found - C:\WINDOWS\System32\Drivers\LHidUsbK.Sys (LMouKE) Logitech SetPoint Mouse Filter Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\LMouKE.Sys (mnmdd) mnmdd [System | Running] File not found - (Mouclass) Mouse Class Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\mouclass.sys (mouhid) Mouse HID Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\mouhid.sys (MountMgr) Mount Point Manager [Boot | Running] File not found - (MRxDAV) WebDav Client Redirector [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\mrxdav.sys (MRxSmb) MRxSmb [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys (Msfs) Msfs [System | Running] File not found - (MSKSSRV) Microsoft Streaming Service Proxy [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\MSKSSRV.sys (MSPCLOCK) Microsoft Streaming Clock Proxy [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\MSPCLOCK.sys (MSPQM) Microsoft Streaming Quality Manager Proxy [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\MSPQM.sys (mssmbios) Microsoft System Management BIOS Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\mssmbios.sys (Mup) Mup [Boot | Running] File not found - (NDIS) NDIS System Driver [Boot | Running] File not found - (NdisTapi) Remote Access NDIS TAPI Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\ndistapi.sys (Ndisuio) NDIS Usermode I/O Protocol [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\ndisuio.sys (NdisWan) Remote Access NDIS WAN Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\ndiswan.sys (NDProxy) NDIS Proxy [On_Demand | Running] File not found - (NetBIOS) NetBIOS Interface [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\netbios.sys (NetBT) NetBios over Tcpip [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\netbt.sys (NIC1394) 1394 Net Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\nic1394.sys (Npfs) Npfs [System | Running] File not found - (Ntfs) Ntfs [Disabled | Running] File not found - (Null) Null [System | Running] File not found - (nv) nv [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (nvata64) nvata64 [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\nvata64.sys (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [On_Demand | Running] File not found - C:\WINDOWS\System32\drivers\nvax64.sys (NVENETFD) NVIDIA nForce Networking Controller Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\NVENETFD.sys (nvnetbus) NVIDIA Network Bus Enumerator [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\nvnetbus.sys (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [On_Demand | Running] File not found - C:\WINDOWS\System32\drivers\nvapu64.sys (NVTCP) NVIDIA TCP/IP Protocol Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\NVTcp.sys (ohci1394) VIA OHCI Compliant IEEE 1394 Host Controller [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\ohci1394.sys (PartMgr) Partition Manager [Boot | Running] File not found - (PCI) PCI Bus Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\pci.sys (PciCon) PciCon [On_Demand | Stopped] File not found - D:\PciCon64.sys (PCIIde) PCIIde [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\pciide.sys (PptpMiniport) WAN Miniport (PPTP) [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\raspptp.sys (PSched) QoS Packet Scheduler [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\psched.sys (Ptilink) Direct Parallel Link Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\ptilink.sys (RasAcd) Remote Access Auto Connection Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\rasacd.sys (Rasirda) WAN Miniport (IrDA) [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\rasirda.sys (Rasl2tp) WAN Miniport (L2TP) [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys (RasPppoe) Remote Access PPPOE Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\raspppoe.sys (Raspti) Direct Parallel [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\raspti.sys (Rdbss) Rdbss [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\rdbss.sys (RDPCDD) RDPCDD [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (rdpdr) Terminal Server Device Redirector Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\rdpdr.sys (redbook) Digital CD Audio Playback Filter Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\redbook.sys (Secdrv) Security Driver [Auto | Running] File not found - C:\WINDOWS\System32\DRIVERS\secdrv.sys (serenum) Serenum Filter Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\serenum.sys (Serial) Serial port driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\serial.sys (splitter) Microsoft Kernel Audio Splitter [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\splitter.sys (sr) System Restore Filter Driver [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\sr.sys (Srv) Srv [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\srv.sys (swenum) Software Bus Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\swenum.sys (swmidi) Microsoft Kernel GS Wavetable Synthesizer [On_Demand | Stopped] File not found - C:\WINDOWS\System32\drivers\swmidi.sys (sysaudio) Microsoft Kernel System Audio Device [On_Demand | Running] File not found - C:\WINDOWS\System32\drivers\sysaudio.sys (Tcpip) TCP/IP Protocol Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\tcpip.sys (TermDD) Terminal Device Driver [System | Running] File not found - C:\WINDOWS\System32\DRIVERS\termdd.sys (Update) Microcode Update Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\update.sys (usbccgp) Microsoft USB Generic Parent Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\usbccgp.sys (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\usbehci.sys (usbhub) USB2 Enabled Hub [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\usbhub.sys (usbohci) Microsoft USB Open Host Controller Miniport Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\usbohci.sys (usbprint) Microsoft USB PRINTER Class [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\usbprint.sys (usbscan) USB Scanner Driver [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\usbscan.sys (USBSTOR) USB Mass Storage Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS (VgaSave) VGA Display Controller. [System | Running] File not found - C:\WINDOWS\System32\drivers\vga.sys (VolSnap) Storage volumes [Boot | Running] File not found - C:\WINDOWS\system32\DRIVERS\volsnap.sys (Wanarp) Remote Access IP ARP Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\wanarp.sys (wdmaud) Microsoft WINMM WDM Audio Compatibility Driver [On_Demand | Running] File not found - C:\WINDOWS\System32\drivers\wdmaud.sys (WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [System | Running] File not found - C:\WINDOWS\System32\drivers\ws2ifsl.sys (yukonx64) NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Controller [On_Demand | Running] File not found - C:\WINDOWS\System32\DRIVERS\yk51x64.sys ===== Run Keys ===== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "" = File not found "Acrobat Assistant 7.0" = "C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [12/14/2004 02:12 AM | 00,483,328 | ---- | M] (Adobe Systems Inc.) "Adobe Photo Downloader" = "C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 11:46 PM | 00,057,344 | ---- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" = "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 08:51 PM | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "Adobe Version Cue CS2" = "C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [04/04/2005 06:58 PM | 00,856,064 | ---- | M] (Adobe Sytems Incorporated) "Antivirus" = "C:\Program Files (x86)\VAV\vav.exe" File not found "AVG8_TRAY" = C:\PROGRA~1\AVG\AVG8\avgtray.exe [08/22/2008 01:42 AM | 01,235,736 | ---- | M] (AVG Technologies CZ, s.r.o.) "iTunesHelper" = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [02/04/2008 03:18 PM | 00,267,048 | ---- | M] (Apple Inc.) "QuickTime Task" = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [02/01/2008 12:13 AM | 00,385,024 | ---- | M] (Apple Inc.) "SunJavaUpdateSched" = "C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] "Register Homesite+.exe" = "C:\Program Files\Macromedia\HomeSite+\Homesite+.exe" /REGSERVER [08/25/2003 06:24 PM | 02,254,848 | ---- | M] (Macromedia, Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim6" = File not found "EDLauncher" = C:\Program Files (x86)\PRMT6\PRMTED\EDLauncher.exe [11/03/2004 12:01 PM | 00,073,728 | ---- | M] (PROMT Ltd.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall" = %systemroot%\system32\tscupgrd.exe File not found [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall" = %systemroot%\system32\tscupgrd.exe File not found [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall" = %systemroot%\system32\tscupgrd.exe File not found [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall" = %systemroot%\system32\tscupgrd.exe File not found [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim6" = File not found "EDLauncher" = C:\Program Files (x86)\PRMT6\PRMTED\EDLauncher.exe [11/03/2004 12:01 PM | 00,073,728 | ---- | M] (PROMT Ltd.) [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ===== Startup Folders ===== [Administrator Startup Folder - C:\Documents and Settings\Administrator\Start Menu\Programs\Startup] [All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup] [06/13/2007 10:34 PM | 00,025,214 | R--- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [03/16/2005 07:16 PM | 00,113,664 | ---- | M] (Adobe Systems, Inc.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [06/30/2006 12:36 AM | 00,878,080 | ---- | M] (Logitech Inc.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe [01/05/2006 11:57 AM | 00,114,688 | ---- | M] (SanDisk) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor.lnk = C:\Program Files (x86)\SanDisk\SanDisk TransferMate\SD Monitor.exe [12/08/2005 10:03 AM | 00,811,008 | ---- | M] (Intuit Inc.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup] ===== BHO's ===== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] HKLM CLSID: (AcroIEHlprObj Class) - [12/14/2004 01:56 AM | 00,063,136 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] HKLM CLSID: (AVG Safe Search) - [08/22/2008 01:42 AM | 00,455,960 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgssie.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] HKLM CLSID: (SSVHelper Class) - [09/25/2007 02:11 AM | 00,501,136 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll ===== Toolbars ===== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" HKLM CLSID: (Adobe PDF) - [12/14/2004 02:13 AM | 00,225,280 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{892B88A3-DC94-4A1F-A75A-9AA50061A683}" HKLM CLSID: (bgrqfetx) - File not found C:\WINDOWS\bgrqfetx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{FF284F5C-7CF9-4682-8701-D467C1DBB99F}" HKLM CLSID: (Translator) - [01/12/2005 12:32 PM | 00,434,176 | ---- | M] (PROMT Ltd.) C:\Program Files (x86)\PRMT6\PRMTIE\prmtie.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" HKLM CLSID: (Adobe PDF) - [12/14/2004 02:13 AM | 00,225,280 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" HKLM CLSID: (Adobe PDF) - [12/14/2004 02:13 AM | 00,225,280 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" HKLM CLSID: (Adobe PDF) - [12/14/2004 02:13 AM | 00,225,280 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" HKLM CLSID: (Adobe PDF) - [12/14/2004 02:13 AM | 00,225,280 | ---- | M] (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. ===== Policies ===== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "ForceActiveDesktopOn" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "scforceoption" = 0 "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] [HKEY_USERS\S-1-5-21-546561001-3092227586-539885925-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] ===== Desktop Components ===== ===== Shared Task Scheduler ===== ===== AppInit_Dlls ===== ===== Lsa Authentication Packages ===== ===== Lsa Security Packages ===== ===== Authorized Applications List ===== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe File not found "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe File not found "C:\Program Files (x86)\MSN Messenger\livecall.exe" = C:\Program Files (x86)\MSN Messenger\livecall.exe File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe File not found "C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files (x86)\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe [11/30/2004 10:08 AM | 00,020,543 | ---- | M] (Apache Software Foundation) "C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" = C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [04/04/2005 06:58 PM | 00,163,840 | ---- | M] (Adobe Systems Incorporated) "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe File not found "C:\Program Files (x86)\MSN Messenger\livecall.exe" = C:\Program Files (x86)\MSN Messenger\livecall.exe File not found "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe File not found "C:\Program Files (x86)\Yahoo!\Messenger\YServer.exe" = C:\Program Files (x86)\Yahoo!\Messenger\YServer.exe File not found "C:\Program Files (x86)\iTunes\iTunes.exe" = C:\Program Files (x86)\iTunes\iTunes.exe [02/04/2008 03:18 PM | 19,926,824 | ---- | M] (Apple Inc.) "C:\Program Files (x86)\TurboTax\Home & Business 2007\32bit\ttax.exe" = C:\Program Files (x86)\TurboTax\Home & Business 2007\32bit\ttax.exe [03/05/2008 11:29 PM | 10,343,712 | ---- | M] (Intuit, Inc.) "C:\Program Files (x86)\TurboTax\Home & Business 2007\32bit\updatemgr.exe" = C:\Program Files (x86)\TurboTax\Home & Business 2007\32bit\updatemgr.exe [10/22/2007 06:56 PM | 03,597,600 | ---- | M] (Intuit, Inc.) "C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe" = C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe [11/03/2006 02:17 AM | 00,010,800 | ---- | M] (AOL LLC) "C:\Program Files (x86)\AIM6\aim6.exe" = C:\Program Files (x86)\AIM6\aim6.exe [06/19/2008 12:51 PM | 00,050,528 | ---- | M] (AOL LLC) "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe [08/22/2008 01:42 AM | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgnsa.exe" = C:\Program Files\AVG\AVG8\avgnsa.exe [08/22/2008 01:42 AM | 00,877,848 | ---- | M] (AVG Technologies CZ, s.r.o.) ===== HKLM Winlogon Settings ===== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] "Explorer.exe" - [02/18/2007 11:05 AM | 01,053,184 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System] "lsass.exe" - File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] "C:\WINDOWS\system32\userinit.exe" - [02/18/2007 11:05 AM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] "%SystemRoot%\system32\logonui.exe" - [02/18/2007 11:05 AM | 00,516,096 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] "rundll32 shell32" - [11/08/2007 12:55 AM | 08,360,448 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll "Control_RunDLL "sysdm.cpl"" - [02/18/2007 11:05 AM | 00,301,568 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ===== User's Winlogon Settings ===== ===== Winlogon Notify Settings ===== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccdeeEt] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DllName" = File not found ===== Safeboot Options ===== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] "AlternateShell" = cmd.exe ===== Disabled MsConfig Items ===== Unable to open key or key not present! ===== DNS Name Servers ===== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{00EBBE09-3E9B-4016-9B22-6D0520641A74}] Servers: | Description: 1394 Net Adapter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{348D7A33-E7E3-4E61-B679-514853B044A5}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{739C7507-F20A-43D9-AF81-F7003C1486FD}] Servers: | Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller ===== CDRom AutoRun Settings ===== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ===== Autorun Files on Drives ===== AUTOEXEC.BAT [] [05/09/2006 04:10 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ] autorun.inf [[autorun] | open=PortableVault.exe | icon=..\Vault\Memorex.ico | | action=Portable Vault | action=@PortableVault.exe | ] [03/08/2007 05:25 PM | 00,000,112 | ---- | M] () E:\autorun.inf [ FAT ] ===== MountPoints2 ===== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{023608c3-1279-11db-b9b2-000129d4c51c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{023608c3-1279-11db-b9b2-000129d4c51c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [11/08/2007 12:55 AM | 08,360,448 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{023608c3-1279-11db-b9b2-000129d4c51c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101ef1c2-6fda-11dd-9ae4-000129d4c51c}\Shell] "" = Open [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101ef1c2-6fda-11dd-9ae4-000129d4c51c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [11/08/2007 12:55 AM | 08,360,448 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101ef1c2-6fda-11dd-9ae4-000129d4c51c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101ef1c2-6fda-11dd-9ae4-000129d4c51c}\Shell\AutoRun] "Extended" = [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101ef1c2-6fda-11dd-9ae4-000129d4c51c}\Shell\AutoRun\command] "" = E:\PortableVault.exe [03/12/2007 01:10 PM | 01,446,592 | ---- | M] (Migo Software) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc3-b849-11db-831d-000129d4c51c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc3-b849-11db-831d-000129d4c51c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [11/08/2007 12:55 AM | 08,360,448 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc3-b849-11db-831d-000129d4c51c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc8-b849-11db-831d-000129d4c51c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc8-b849-11db-831d-000129d4c51c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [11/08/2007 12:55 AM | 08,360,448 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a39cc8-b849-11db-831d-000129d4c51c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} ===== Hosts File ===== HOSTS File = (259164 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com 127.0.0.1 www.132.com 127.0.0.1 132.com 127.0.0.1 www.136136.net 127.0.0.1 136136.net [Files/Folders - Created Within 90 days] [06/27/2008 01:56 PM | 00,000,369 | -H-- | C] () - C:\IPH.PH [08/19/2008 07:00 PM | 01,463,521 | ---- | C] () - C:\SDFix.exe [08/21/2008 06:50 PM | ---D | C] - C:\SDFix [08/24/2008 07:22 PM | ---D | C] - C:\smitrem [08/25/2008 11:47 AM | -H-D | C] - C:\$AVG8.VAULT$ [08/17/2008 03:01 PM | 00,017,144 | ---- | C] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys [08/17/2008 03:01 PM | 00,038,472 | ---- | C] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2 C:\WINDOWS\System32\*.tmp files] [01/09/2006 10:36 AM | 00,040,960 | ---- | C] () - C:\WINDOWS\System32\swsc.exe [04/27/2006 05:49 PM | 00,288,417 | ---- | C] (S!Ri) - C:\WINDOWS\System32\SrchSTS.exe [05/29/2008 09:35 AM | 00,086,528 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe [06/05/2003 09:13 PM | 00,053,248 | ---- | C] (http://www.beyondlogic.org) - C:\WINDOWS\System32\Process.exe [06/13/2008 09:46 AM | ---D | C] - C:\WINDOWS\System32\en [07/31/2004 06:50 PM | 00,051,200 | ---- | C] () - C:\WINDOWS\System32\dumphive.exe [08/14/2008 09:52 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe [08/18/2008 07:17 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\System32\config.nt [08/18/2008 12:19 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe [08/21/2008 11:41 PM | 00,087,552 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe [08/24/2008 07:24 PM | 00,003,420 | ---- | C] () - C:\WINDOWS\System32\tmp.reg [08/29/2006 07:43 PM | 00,135,168 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swreg.exe [09/06/2007 12:22 AM | 00,289,144 | ---- | C] (S!Ri) - C:\WINDOWS\System32\VCCLSID.exe [10/04/2007 12:36 AM | 00,025,600 | ---- | C] () - C:\WINDOWS\System32\WS2Fix.exe [12/01/2006 06:20 AM | 00,079,360 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swxcacls.exe [2 C:\WINDOWS\*.tmp files] [02/18/2007 10:46 AM | 01,099,264 | ---- | C] () - C:\WINDOWS\adfs.msp [06/13/2008 09:38 AM | ---D | C] - C:\WINDOWS\PolicyBackup [06/13/2008 09:40 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$ [06/13/2008 09:46 AM | ---D | C] - C:\WINDOWS\adfs [06/13/2008 09:46 AM | ---D | C] - C:\WINDOWS\ServicePackFiles [08/18/2008 08:09 PM | 00,000,152 | ---- | C] () - C:\WINDOWS\wininit.ini [08/22/2008 09:32 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\nsreg.dat [08/25/2008 06:40 PM | ---D | C] - C:\WINDOWS\temp [06/27/2008 01:56 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\acccore [06/27/2008 01:56 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\AOL [06/27/2008 01:56 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Viewpoint [06/27/2008 01:57 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\AOL OCP [08/21/2008 06:39 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [08/22/2008 01:48 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\avg8 [08/25/2008 11:21 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes [06/27/2008 01:57 PM | ---D | C] - C:\Documents and Settings\Administrator\Application Data\acccore [08/22/2008 09:32 PM | ---D | C] - C:\Documents and Settings\Administrator\Application Data\Mozilla [08/25/2008 11:22 AM | ---D | C] - C:\Documents and Settings\Administrator\Application Data\Malwarebytes [06/27/2008 01:56 PM | ---D | C] - C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL [06/27/2008 01:56 PM | ---D | C] - C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL OCP [08/22/2008 09:32 PM | ---D | C] - C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla [06/21/2008 02:35 PM | 00,000,974 | ---- | C] () - C:\Documents and Settings\Administrator\My Documents\My Sharing Folders.lnk [07/01/2008 01:44 PM | ---D | C] - C:\Documents and Settings\Administrator\My Documents\AIMLogger [08/25/2008 11:20 AM | ---D | C] - C:\Documents and Settings\Administrator\My Documents\anit-virus downloads [06/13/2008 09:47 AM | 00,000,099 | -HS- | C] () - C:\Documents and Settings\All Users\Desktop\desktop.ini [08/22/2008 01:42 AM | 00,001,491 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\AVG 8.0.lnk [08/22/2008 09:32 PM | 00,001,586 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Internet Explorer.lnk [06/30/2008 10:20 PM | ---D | C] - C:\Documents and Settings\Administrator\Desktop\itunes library [08/25/2008 03:08 PM | ---D | C] - C:\Documents and Settings\Administrator\Desktop\shortcuts [06/27/2008 01:56 PM | ---D | C] - C:\Program Files (x86)\Common Files\AOL [06/27/2008 01:56 PM | ---D | C] - C:\Program Files (x86)\AIM6 [06/27/2008 01:56 PM | ---D | C] - C:\Program Files (x86)\Viewpoint [08/21/2008 06:39 PM | ---D | C] - C:\Program Files (x86)\Spybot - Search & Destroy [08/21/2008 07:58 PM | ---D | C] - C:\Program Files (x86)\AVG [Files/Folders - Modified Within 90 days] [06/13/2008 09:41 AM | 00,297,072 | RHS- | M] () - C:\ntldr [06/27/2008 01:56 PM | 00,000,369 | -H-- | M] () - C:\IPH.PH [08/19/2008 07:00 PM | 01,463,521 | ---- | M] () - C:\SDFix.exe [08/21/2008 06:50 PM | ---D | M] - C:\SDFix [08/21/2008 07:14 PM | -HSD | M] - C:\System Volume Information [08/21/2008 07:58 PM | -H-D | M] - C:\Config.Msi [08/22/2008 09:32 PM | ---D | M] - C:\WINDOWS [08/24/2008 07:22 PM | ---D | M] - C:\smitrem [08/25/2008 11:21 AM | R--D | M] - C:\Program Files [08/25/2008 11:47 AM | -H-D | M] - C:\$AVG8.VAULT$ [08/25/2008 12:28 PM | R--D | M] - C:\Program Files (x86) [08/17/2008 03:01 PM | 00,017,144 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys [08/17/2008 03:01 PM | 00,038,472 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2 C:\WINDOWS\System32\*.tmp files] [05/29/2008 09:35 AM | 00,086,528 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe [06/13/2008 09:41 AM | ---D | M] - C:\WINDOWS\System32\ias [06/13/2008 09:43 AM | ---D | M] - C:\WINDOWS\System32\usmt [06/13/2008 09:46 AM | ---D | M] - C:\WINDOWS\System32\en [06/13/2008 09:46 AM | ---D | M] - C:\WINDOWS\System32\inetsrv [06/15/2008 07:46 PM | ---D | M] - C:\WINDOWS\System32\wbem [08/14/2008 09:52 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe [08/18/2008 07:17 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\System32\config.nt [08/18/2008 12:19 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe [08/21/2008 11:41 PM | 00,087,552 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe [08/24/2008 07:24 PM | 00,003,420 | ---- | M] () - C:\WINDOWS\System32\tmp.reg [08/25/2008 11:21 AM | ---D | M] - C:\WINDOWS\System32\Drivers [2 C:\WINDOWS\*.tmp files] [06/13/2008 09:38 AM | ---D | M] - C:\WINDOWS\PolicyBackup [06/13/2008 09:40 AM | -H-D | M] - C:\WINDOWS\$NtServicePackUninstall$ [06/13/2008 09:43 AM | ---D | M] - C:\WINDOWS\ime [06/13/2008 09:43 AM | ---D | M] - C:\WINDOWS\ime (x86) [06/13/2008 09:43 AM | ---D | M] - C:\WINDOWS\srchasst [06/13/2008 09:46 AM | ---D | M] - C:\WINDOWS\adfs [06/13/2008 09:46 AM | ---D | M] - C:\WINDOWS\Help [06/13/2008 09:46 AM | ---D | M] - C:\WINDOWS\ServicePackFiles [06/13/2008 09:46 AM | R-SD | M] - C:\WINDOWS\assembly [06/13/2008 09:48 AM | ---D | M] - C:\WINDOWS\msagent [06/13/2008 11:11 AM | ---D | M] - C:\WINDOWS\security [06/15/2008 07:46 PM | ---D | M] - C:\WINDOWS\AppPatch [06/15/2008 07:46 PM | ---D | M] - C:\WINDOWS\msagent64 [06/15/2008 07:46 PM | R-SD | M] - C:\WINDOWS\Fonts [06/21/2008 02:34 PM | ---D | M] - C:\WINDOWS\Lhsp [08/13/2008 12:02 AM | 00,000,970 | ---- | M] () - C:\WINDOWS\imsins.BAK [08/13/2008 12:02 AM | -H-D | M] - C:\WINDOWS\$hf_mig$ [08/18/2008 06:28 PM | -H-D | M] - C:\WINDOWS\inf [08/18/2008 07:03 PM | ---D | M] - C:\WINDOWS\SoftwareDistribution [08/18/2008 07:10 PM | 00,000,150 | ---- | M] () - C:\WINDOWS\SYSTEM.INI [08/18/2008 08:09 PM | 00,000,152 | ---- | M] () - C:\WINDOWS\wininit.ini [08/18/2008 08:09 PM | --SD | M] - C:\WINDOWS\Downloaded Program Files [08/19/2008 06:47 PM | ---D | M] - C:\WINDOWS\twain_32 [08/19/2008 07:41 PM | ---D | M] - C:\WINDOWS\Minidump [08/21/2008 07:58 PM | ---D | M] - C:\WINDOWS\WinSxS [08/22/2008 09:32 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\nsreg.dat [08/25/2008 05:45 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [08/25/2008 05:49 PM | ---D | M] - C:\WINDOWS\system32 [08/25/2008 06:39 PM | ---D | M] - C:\WINDOWS\Prefetch [08/25/2008 06:40 PM | ---D | M] - C:\WINDOWS\temp [08/25/2008 11:20 AM | -HSD | M] - C:\WINDOWS\Installer [08/25/2008 12:28 PM | ---D | M] - C:\WINDOWS\SysWOW64 [08/11/2008 04:54 PM | 00,000,296 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job [08/25/2008 05:45 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [06/21/2008 02:34 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Google [06/21/2008 02:35 PM | --SD | M] - C:\Documents and Settings\All Users\Application Data\Microsoft [06/27/2008 01:56 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\acccore [06/27/2008 01:56 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\AOL [06/27/2008 01:56 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Viewpoint [06/27/2008 01:57 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\AOL OCP [08/18/2008 07:10 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Yahoo! [08/21/2008 06:39 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [08/22/2008 01:48 AM | ---D | M] - C:\Documents and Settings\All Users\Application Data\avg8 [08/25/2008 11:21 AM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Malwarebytes [06/27/2008 01:57 PM | ---D | M] - C:\Documents and Settings\Administrator\Application Data\acccore [08/22/2008 09:32 PM | ---D | M] - C:\Documents and Settings\Administrator\Application Data\Mozilla [08/25/2008 11:22 AM | ---D | M] - C:\Documents and Settings\Administrator\Application Data\Malwarebytes [06/27/2008 01:56 PM | ---D | M] - C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL [06/27/2008 01:56 PM | ---D | M] - C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL OCP [08/22/2008 09:32 PM | ---D | M] - C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla [08/25/2008 03:08 PM | 04,306,122 | -H-- | M] () - C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [08/25/2008 11:22 AM | --SD | M] - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft [06/21/2008 02:35 PM | 00,000,974 | ---- | M] () - C:\Documents and Settings\Administrator\My Documents\My Sharing Folders.lnk [06/30/2008 10:03 PM | R--D | M] - C:\Documents and Settings\Administrator\My Documents\My Pictures [07/01/2008 01:44 PM | ---D | M] - C:\Documents and Settings\Administrator\My Documents\AIMLogger [07/15/2008 04:00 PM | ---D | M] - C:\Documents and Settings\Administrator\My Documents\2007 tax info [08/04/2008 04:22 PM | ---D | M] - C:\Documents and Settings\Administrator\My Documents\Resume [08/25/2008 11:20 AM | ---D | M] - C:\Documents and Settings\Administrator\My Documents\anit-virus downloads [06/13/2008 09:47 AM | 00,000,099 | -HS- | M] () - C:\Documents and Settings\All Users\Desktop\desktop.ini [08/04/2008 04:19 PM | 00,002,161 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk [08/22/2008 01:42 AM | 00,001,491 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\AVG 8.0.lnk [08/22/2008 09:32 PM | 00,001,586 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Internet Explorer.lnk [06/30/2008 10:20 PM | ---D | M] - C:\Documents and Settings\Administrator\Desktop\itunes library [08/04/2008 04:12 PM | ---D | M] - C:\Documents and Settings\Administrator\Desktop\All Star Info [08/25/2008 03:08 PM | ---D | M] - C:\Documents and Settings\Administrator\Desktop\shortcuts [08/25/2008 05:45 PM | 00,002,383 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [06/13/2008 09:48 AM | ---D | M] - C:\Program Files (x86)\Common Files\System [06/27/2008 01:56 PM | ---D | M] - C:\Program Files (x86)\Common Files\AOL [08/18/2008 07:10 PM | ---D | M] - C:\Program Files (x86)\Common Files\Scanner < End of report >