[code] OTS logfile created on: 12/7/2009 6:39:29 PM - Run 3 OTS by OldTimer - Version 3.1.8.7 Folder = C:\Documents and Settings\User\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.42 Mb Total Physical Memory | 497.55 Mb Available Physical Memory | 48.66% Memory free 2.40 Gb Paging File | 1.96 Gb Available in Paging File | 81.60% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 298.09 Gb Total Space | 5.74 Gb Free Space | 1.92% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-89C8E3C63E Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\User\Desktop\OTS.exe -> [2009/12/07 03:04:17 | 00,532,992 | ---- | M] (OldTimer Tools) avgtray.exe -> C:\Program Files\AVG\AVG9\avgtray.exe -> [2009/11/12 09:03:48 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG9\avgnsx.exe -> [2009/11/12 09:03:44 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) avgchsvx.exe -> C:\Program Files\AVG\AVG9\avgchsvx.exe -> [2009/11/04 14:55:28 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG9\avgrsx.exe -> [2009/11/04 14:55:27 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files\AVG\AVG9\avgcsrvx.exe -> [2009/11/04 14:55:26 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) avgemc.exe -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2009/11/04 14:55:23 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/04 14:55:23 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) nvsvc32.exe -> C:\WINDOWS\system32\nvsvc32.exe -> [2009/09/27 17:19:46 | 00,172,100 | ---- | M] (NVIDIA Corporation) ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/07/13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) rimautoupdate.exe -> C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe -> [2009/07/01 22:12:46 | 00,623,960 | ---- | M] (Research In Motion Limited) mediaserver.exe -> C:\Program Files\TVersity\Media Server\MediaServer.exe -> [2008/11/27 13:00:46 | 00,827,392 | ---- | M] () realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2008/09/01 12:32:42 | 00,185,896 | ---- | M] (RealNetworks, Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) soundman.exe -> C:\WINDOWS\soundman.exe -> [2007/04/16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) pdvdserv.exe -> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe -> [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) hpzipm12.exe -> C:\WINDOWS\system32\HPZipm12.exe -> [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) [Modules - Safe List] ots.exe -> C:\Documents and Settings\User\Desktop\OTS.exe -> [2009/12/07 03:04:17 | 00,532,992 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -> [2006/08/25 07:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (RoxLiveShare9) LiveShare P2P Server 9 [Auto | Stopped] -> -> File not found (avg9emc) AVG Free E-mail Scanner [Auto | Running] -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2009/11/04 14:55:23 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) (avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/04 14:55:23 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) (nvsvc) NVIDIA Display Driver Service [Auto | Running] -> C:\WINDOWS\system32\nvsvc32.exe -> [2009/09/27 17:19:46 | 00,172,100 | ---- | M] (NVIDIA Corporation) (iPod Service) iPod Service [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) (TVersityMediaServer) TVersityMediaServer [Auto | Running] -> C:\Program Files\TVersity\Media Server\MediaServer.exe -> [2008/11/27 13:00:46 | 00,827,392 | ---- | M] () (Adobe LM Service) Adobe LM Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2007/03/29 12:43:37 | 00,072,704 | ---- | M] (Adobe Systems) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [On_Demand | Stopped] -> C:\Program Files\MSN Messenger\usnsvc.exe -> [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) (Pml Driver HPZ12) Pml Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZipm12.exe -> [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (AvgTdiX) AVG Free Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/11/09 08:32:26 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/11/04 14:55:43 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/11/04 14:55:40 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) (nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2009/09/27 15:12:22 | 07,655,872 | ---- | M] (NVIDIA Corporation) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaapl.sys -> [2009/07/09 11:16:16 | 00,039,424 | ---- | M] (Apple, Inc.) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -> [2009/03/19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) (RimVSerPort) RIM Virtual Serial Port v2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RimSerial.sys -> [2009/01/09 15:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) (ENTECH) ENTECH [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Entech.sys -> [2008/09/17 14:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) (nvgts) nvgts [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nvgts.sys -> [2008/08/18 17:54:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) (NVENETFD) NVIDIA nForce 10/100/1000 Mbps Ethernet [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NVENETFD.sys -> [2008/08/01 10:36:00 | 00,054,784 | ---- | M] (NVIDIA Corporation) (nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nvnetbus.sys -> [2008/08/01 10:36:00 | 00,022,016 | ---- | M] (NVIDIA Corporation) (RimUsb) BlackBerry Smartphone [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RimUsb.sys -> [2008/05/20 17:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\alcxwdm.sys -> [2008/01/24 15:36:16 | 04,127,488 | R--- | M] (Realtek Semiconductor Corp.) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007/05/01 02:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) (motmodem) Motorola USB CDC ACM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\motmodem.sys -> [2007/02/27 13:31:28 | 00,021,504 | ---- | M] (Motorola) (AVG Anti-Rootkit) AVG Anti-Rootkit [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\avgarkt.sys -> [2007/01/31 05:33:46 | 00,005,632 | ---- | M] (GRISOFT, s.r.o.) (usbsermpt) Motorola USB Modem Driver for MPT [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbsermpt.sys -> [2007/01/18 20:22:21 | 00,022,768 | ---- | M] (Microsoft Corporation) (AvgArCln) Avg Anti-Rootkit Clean Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AvgArCln.sys -> [2007/01/18 04:00:28 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2006/12/11 21:20:39 | 00,639,224 | ---- | M] () (SVKP) SVKP [Kernel | Auto | Running] -> C:\WINDOWS\system32\SVKP.sys -> [2006/11/23 21:35:07 | 00,002,368 | ---- | M] (AntiCracking) (AmdK8) AMD Processor Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AmdK8.sys -> [2006/07/01 21:39:40 | 00,036,864 | ---- | M] (Advanced Micro Devices) (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZid412.sys -> [2005/12/16 21:56:00 | 00,051,120 | ---- | M] (HP) (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZius12.sys -> [2005/12/16 21:56:00 | 00,021,744 | ---- | M] (HP) (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HPZipr12.sys -> [2005/12/16 21:56:00 | 00,016,496 | ---- | M] (HP) (nvata) nvata [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nvata.sys -> [2005/08/18 16:52:06 | 00,093,568 | ---- | M] (NVIDIA Corporation) (ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rootmdm.sys -> [2004/08/19 09:44:30 | 00,005,888 | ---- | M] (Microsoft Corporation) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/19 09:44:19 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ASACPI.sys -> [2004/08/12 18:56:20 | 00,005,810 | R--- | M] () (usbser) Motorola A1000 USB Modem Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbser.sys -> [2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) (USBIO) USBIO Driver (usbio.sys) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbio.sys -> [2001/05/07 10:56:02 | 00,019,805 | ---- | M] (Thesycon GmbH, Germany) (ASPI32) ASPI32 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ASPI32.SYS -> [1999/09/10 12:06:00 | 00,025,244 | ---- | M] (Adaptec) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\: Main\\"Search Page" -> http://www.google.com -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\: Main\\"Start Page" -> http://www.msn.com/ -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\User\Application Data\Mozilla\FireFox\Profiles\9ljt7ws0.default\prefs.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/07 02:31:48 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/12/07 02:31:25 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\User\Application Data\Mozilla\Extensions -> [2009/12/07 02:32:21 | 00,000,000 | ---D | M] -> C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\9ljt7ws0.default\extensions -> [2009/12/07 18:12:05 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2009/12/07 02:31:26 | 00,000,000 | ---D | M] < HOSTS File > (145 bytes and 5 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost 91.212.127.226 osguardpro.microsoft.com 91.212.127.226 os-guardpro.com 91.212.127.226 www.os-guardpro.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/11/09 08:32:24 | 01,475,864 | ---- | M] (AVG Technologies CZ, s.r.o.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AppleSyncNotifier" -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> [2009/05/13 19:58:04 | 00,177,472 | ---- | M] (Apple Inc.) "AVG9_TRAY" -> C:\Program Files\AVG\AVG9\avgtray.exe [C:\PROGRA~1\AVG\AVG9\avgtray.exe] -> [2009/11/12 09:03:48 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) "BlackBerryAutoUpdate" -> C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background] -> [2009/07/01 22:12:46 | 00,623,960 | ---- | M] (Research In Motion Limited) "IMJPMIG8.1" -> C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2004/08/19 09:40:17 | 00,208,952 | ---- | M] (Microsoft Corporation) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/07/13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) "MSPY2002" -> C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC] -> [2004/08/19 09:40:44 | 00,059,392 | ---- | M] () "NeroFilterCheck" -> C:\WINDOWS\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 10:50:42 | 00,155,648 | ---- | M] (Ahead Software Gmbh) "NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2009/09/27 17:19:46 | 13,918,208 | ---- | M] (NVIDIA Corporation) "NvMediaCenter" -> C:\WINDOWS\System32\NvMcTray.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2009/09/27 17:19:46 | 00,086,016 | ---- | M] (NVIDIA Corporation) "nwiz" -> C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install] -> [2009/09/23 22:45:12 | 01,657,448 | ---- | M] () "PHIME2002A" -> C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] -> [2004/08/19 09:41:28 | 00,455,168 | ---- | M] (Microsoft Corporation) "PHIME2002ASync" -> C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] -> [2004/08/19 09:41:28 | 00,455,168 | ---- | M] (Microsoft Corporation) "QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009/05/26 16:18:30 | 00,413,696 | ---- | M] (Apple Inc.) "RemoteControl" -> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"] -> [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) "SoundMan" -> C:\WINDOWS\soundman.exe [SOUNDMAN.EXE] -> [2007/04/16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2008/09/01 12:32:42 | 00,185,896 | ---- | M] (RealNetworks, Inc.) < Run [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "WMPNSCFG" -> C:\Program Files\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Dad Startup Folder > -> C:\Documents and Settings\Dad\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Mom Startup Folder > -> C:\Documents and Settings\Mom\Start Menu\Programs\Startup -> < Tara Startup Folder > -> C:\Documents and Settings\Tara\Start Menu\Programs\Startup -> < User Startup Folder > -> C:\Documents and Settings\User\Start Menu\Programs\Startup -> C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe -> [2005/03/16 18:16:50 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"EnableProfileQuota" -> [1] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\Software\Microsoft\Internet Explorer\MenuExt\ -> Download All Files by HiDownload -> C:\Program Files\HiDownload\HDGetAll.htm [C:\Program Files\HiDownload\HDGetAll.htm] -> [2003/06/09 00:20:00 | 00,000,662 | ---- | M] () Download by HiDownload -> C:\Program Files\HiDownload\HDGet.htm [C:\Program Files\HiDownload\HDGet.htm] -> [2003/06/09 00:20:00 | 00,001,791 | ---- | M] () Download with GetRight -> C:\Program Files\GetRight\GRDownload.htm [C:\Program Files\GetRight\GRdownload.htm] -> [2006/03/29 14:35:14 | 00,000,994 | ---- | M] () Open with GetRight Browser -> C:\Program Files\GetRight\GRBrowse.htm [C:\Program Files\GetRight\GRbrowse.htm] -> [2006/03/29 14:35:14 | 00,000,977 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.5.0_08\bin\NPJPI150_08.dll [Menu: Sun Java Console] -> [2006/07/26 02:17:55 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.) {F4FBA929-A891-492C-A0F6-5C79CC4F1742}:Exec [HKLM] -> C:\Program Files\HiDownload\hidownload.exe [Button: HiDownload] -> [2006/11/06 13:46:00 | 00,812,032 | ---- | M] (HiDownload Software) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{F4FBA929-A891-492C-A0F6-5C79CC4F1742}" [HKLM] -> C:\Program Files\HiDownload\hidownload.exe [HiDownload] -> [2006/11/06 13:46:00 | 00,812,032 | ---- | M] (HiDownload Software) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\] > -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1437597355-2081155386-2107169025-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0EC4C9E3-EC6A-11CF-8E3B-444553540000} [HKLM] -> http://www.riffinteractive.com/setup/RiffLick.cab [WaveTab Control] -> {15B782AF-55D8-11D1-B477-006097098764} [HKLM] -> http://www.kccsoft.com/authorware_web_files/awswaxd.cab [Macromedia Authorware Web Player Control] -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Reg Error: Key error.] -> {17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=39204 [Windows Genuine Advantage Validation Tool] -> {1E54D648-B804-468d-BC78-4AFFED8E262F} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab [System Requirements Lab Class] -> {3BFFE033-BF43-11D5-A271-00A024A51325} [HKLM] -> https://oak.kwantlen.ca/iNotes6W.cab [iNotes6 Class] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab [MSN Photo Upload Tool] -> {5F8469B4-B055-49DD-83F7-62B522420ECC} [HKLM] -> http://upload.facebook.com/controls/FacebookPhotoUploader.cab [Facebook Photo Uploader Control] -> {74DBCB52-F298-4110-951D-AD2FF67BC8AB} [HKLM] -> http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab [NVIDIA Smart Scan] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab [Java Plug-in 1.5.0_08] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] -> {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab [Java Plug-in 1.5.0_08] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab [Java Plug-in 1.5.0_08] -> {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} [HKLM] -> http://www.yougamers.com/systeminfo/FMSI.cab [Reg Error: Key error.] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab [Shockwave Flash Object] -> {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} [HKLM] -> http://by129fd.bay129.hotmail.msn.com/activex/HMAtchmt.ocx [Hotmail Attachments Control] -> Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 64.59.144.16 64.59.144.17 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {D2B05A76-44F3-479E-8D01-EBCBAD8AC30F}\\DhcpNameServer -> 64.59.144.16 64.59.144.17 (NVIDIA nForce 10/100/1000 Mbps Ethernet ) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/11/04 14:55:48 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) dimsntfy -> Reg Error: Value error. -> File not found < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\system32\drivers\svchost.exe" -> C:\WINDOWS\System32\drivers\svchost.exe [%windir%\system32\drivers\svchost.exe:*:Enabled:svchost] -> File not found "C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\system32\drivers\svchost.exe" -> C:\WINDOWS\System32\drivers\svchost.exe [%windir%\system32\drivers\svchost.exe:*:Enabled:svchost] -> File not found "C:\Documents and Settings\Mom\Local Settings\Application Data\Skype\Phone\Skype.exe" -> C:\Documents and Settings\Mom\Local Settings\Application Data\Skype\Phone\Skype.exe [C:\Documents and Settings\Mom\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Disabled:Skype] -> [2008/08/11 16:46:50 | 21,741,864 | R--- | M] (Skype Technologies S.A.) "C:\Documents and Settings\Tara\Desktop\Ares.exe" -> C:\Documents and Settings\Tara\Desktop\Ares.exe [C:\Documents and Settings\Tara\Desktop\Ares.exe:*:Enabled:Ares] -> [2006/11/18 07:01:47 | 00,923,648 | ---- | M] (Ares Development Group) "C:\Program Files\Ares\Ares.exe" -> C:\Program Files\Ares\Ares.exe [C:\Program Files\Ares\Ares.exe:*:Enabled:Ares] -> File not found "C:\Program Files\AVG\AVG8\avgemc.exe" -> C:\Program Files\AVG\AVG8\avgemc.exe [C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> File not found "C:\Program Files\AVG\AVG8\avgnsx.exe" -> C:\Program Files\AVG\AVG8\avgnsx.exe [C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe] -> File not found "C:\Program Files\AVG\AVG8\avgupd.exe" -> C:\Program Files\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> File not found "C:\Program Files\AVG\AVG9\avgemc.exe" -> C:\Program Files\AVG\AVG9\avgemc.exe [C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe] -> [2009/11/04 14:55:23 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" -> C:\Program Files\AVG\AVG9\avgnsx.exe [C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/11/12 09:03:44 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" -> C:\Program Files\AVG\AVG9\avgupd.exe [C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/11/20 10:18:53 | 00,844,056 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Azureus\Azureus.exe" -> C:\Program Files\Azureus\Azureus.exe [C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus] -> [2008/03/06 20:40:32 | 00,254,976 | ---- | M] (Azureus Inc) "C:\Program Files\GetRight\getright.exe" -> C:\Program Files\GetRight\getright.exe [C:\Program Files\GetRight\getright.exe:*:Enabled:GetRight® Download Manager. www.GetRight.com] -> [2006/12/10 17:06:56 | 03,364,168 | ---- | M] (Headlight Software, Inc.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> [2005/05/10 20:07:26 | 01,081,344 | ---- | M] (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] -> [2005/05/10 20:50:34 | 00,200,704 | ---- | M] () "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/07/13 13:02:56 | 14,074,656 | ---- | M] (Apple Inc.) "C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> File not found "C:\Program Files\mIRC\mirc.exe" -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> [2006/11/23 07:45:34 | 02,076,672 | ---- | M] (mIRC Co. Ltd.) "C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) "C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found "C:\Program Files\Steam\Steam.exe" -> C:\Program Files\Steam\Steam.exe [C:\Program Files\Steam\Steam.exe:*:Enabled:Steam] -> [2008/10/10 18:26:57 | 01,410,296 | ---- | M] (Valve Corporation) "C:\Program Files\Steam\SteamApps\jerk33\counter-strike source\hl2.exe" -> C:\Program Files\Steam\SteamApps\jerk33\counter-strike source\hl2.exe [C:\Program Files\Steam\SteamApps\jerk33\counter-strike source\hl2.exe:*:Enabled:hl2] -> [2006/12/06 22:55:38 | 00,106,496 | ---- | M] () "C:\Program Files\Transcode360\Transcode360Tray.exe" -> C:\Program Files\Transcode360\Transcode360Tray.exe [C:\Program Files\Transcode360\Transcode360Tray.exe:*:Enabled: ] -> File not found "C:\Program Files\TVersity\Media Server\MediaServer.exe" -> C:\Program Files\TVersity\Media Server\MediaServer.exe [C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server] -> [2008/11/27 13:00:46 | 00,827,392 | ---- | M] () "C:\Program Files\TVersity\Media Server\TVersity.exe" -> C:\Program Files\TVersity\Media Server\TVersity.exe [C:\Program Files\TVersity\Media Server\TVersity.exe:*:Enabled:TVersity Media Server] -> File not found < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2006/09/11 08:51:23 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{ca79fc7b-7416-11db-a812-806d6172696f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca79fc7b-7416-11db-a812-806d6172696f}\Shell \{ca79fc7b-7416-11db-a812-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca79fc7b-7416-11db-a812-806d6172696f}\Shell\AutoRun \{ca79fc7b-7416-11db-a812-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca79fc7b-7416-11db-a812-806d6172696f}\Shell\AutoRun\command \{ca79fc7b-7416-11db-a812-806d6172696f}\Shell\AutoRun\command\\"" -> D:\setup.exe [D:\setup.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = My Current Home Page -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> [] -> AppMgmt -> C:\WINDOWS\System32\appmgmts.dll [C:\WINDOWS\System32\appmgmts.dll] -> File not found HidServ -> C:\WINDOWS\System32\hidserv.dll [C:\WINDOWS\System32\hidserv.dll] -> File not found Ias -> [] -> Iprip -> [] -> Irmon -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> Wmi -> [] -> WmdmPmSp -> [] -> *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> [2007/04/19 13:07:38 | 00,061,280 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2004/08/19 09:36:42 | 00,135,168 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [!ezcddaxa] -> "C:\Program Files\Easy CD-DA Extractor 10\convert.exe" "%1" -> [2006/07/27 02:35:01 | 00,006,656 | ---- | M] () Directory [!ezcddaxb] -> "C:\Program Files\Easy CD-DA Extractor 10\burn.exe" "%1" -> [2006/07/27 02:35:01 | 00,006,656 | ---- | M] () Directory [!ezcddaxc] -> "C:\Program Files\Easy CD-DA Extractor 10\burn2.exe" "%1" -> [2006/07/27 02:35:01 | 00,006,656 | ---- | M] () Directory [AddToPlaylistVLC] -> C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" -> [2008/12/06 06:57:20 | 00,114,840 | ---- | M] () Directory [find] -> %SystemRoot%\Explorer.exe -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" -> [2008/12/06 06:57:20 | 00,114,840 | ---- | M] () Directory [TVersity] -> "C:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" -> [2008/10/13 13:34:34 | 00,006,656 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2007/06/13 02:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam(TM) {0B33B738-AD79-4E32-90C5-E67BFB10BBFF} -> AiO_Scan {13F3917B56CD4C25848BDC69916971BB} -> DivX Converter {172423F9-522A-483A-AD65-03600CE4CA4F} -> Microsoft Works 6-9 Converter {18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate {236BB7C4-4419-42FD-0409-1E257A25E34D} -> Adobe Photoshop CS2 {3248F0A8-6813-11D6-A77B-00B0D0150080} -> J2SE Runtime Environment 5.0 Update 8 {3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7} -> Motorola Driver Installation {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {3FC7CBBC4C1E11DCA1A752EA55D89593} -> DivX Version Checker {49FB31C1-26EC-44c6-AB47-73C66E2BC41E} -> HP PSC & OfficeJet 5.3.B {571700F0-DB9D-4B3A-B03D-35A14BB5939F} -> Windows Live Messenger {582D2A53-F426-4C5E-A2E6-43C1AB36B907} -> Safari {5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skype™ 3.8 {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {767CC44C-9BBC-438D-BAD3-FD4595DD148B} -> VC80CRTRedist - 8.0.50727.762 {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder {8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player {8EDBA74D-0686-4C99-BFDD-F894678E5B39} -> Adobe Common File Installer {90110409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 {9580813D-94B1-4C28-9426-A441E2BB29A5} -> Counter-Strike: Source {99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} -> iTunes {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2 {A66F6B27-BA4B-4CCD-8746-E8FF64F3DDC8}_is1 -> MCE RSS Reader 1.0.1 {A96E97134CA649888820BCDE5E300BBD} -> H.264 Decoder {AAC389499AEF40428987B3D30CFC76C9} -> MKV Splitter {AC76BA86-7AD7-1033-7B44-A81000000003} -> Adobe Reader 8.1.1 {AEF9DC35ADDF4825B049ACBFD1C6EB37} -> AAC Decoder {B13A7C41581B411290FBC0395694E2A9} -> DivX Converter {B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player {B74D4E10-1033-0000-0000-000000000001} -> Adobe Bridge 1.0 {BAD8CA9C-77C0-4663-B00B-A8D3B13C341B} -> Motorola Phone Tools {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2 {C151CE54-E7EA-4804-854B-F515368B0798} -> AMD Processor Driver {C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3} -> Apple Mobile Device Support {C506A18C-1469-4678-B094-F4EC9DAE6DB7} -> Scan {C78EAC6F-7A73-452E-8134-DBB2165C5A68} -> QuickTime {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {DDBB28C8-B2AA-45A1-8DCE-059A798509FB} -> MobileMe Control Panel {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} -> Windows Media Encoder 9 Series {E3E71D07-CD27-46CB-8448-16D4FB29AA13} -> Microsoft WSE 3.0 Runtime {EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10} -> BlackBerry Desktop Software 5.0 {FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D} -> Adobe Photoshop CS2 Allok RM RMVB to AVI MPEG DVD Converter_is1 -> Allok RM RMVB to AVI MPEG DVD Converter 1.3.2 Audacity_is1 -> Audacity 1.2.6 AVG9Uninstall -> AVG Free 9.0 AVGantiRootkit -> AVG Anti-Rootkit Free Azureus -> Azureus BlackBerry_{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10} -> BlackBerry Desktop Software 5.0 CANONBJ_Deinstall_CNMCP2v.DLL -> Canon S600 Combined Community Codec Pack_is1 -> Combined Community Codec Pack 2007-07-22 CopyPod Suite -> CopyPod Suite (remove only) DivX Plus DirectShow Filters -> DivX Plus DirectShow Filters Driver Cleaner Pro -> DH Driver Cleaner Professional Edition DVD Decrypter -> DVD Decrypter (Remove Only) Easy CD-DA Extractor 10 -> Easy CD-DA Extractor 10 ffdshow_is1 -> ffdshow [rev 1723] [2007-12-24] GetDiz 3.0 -> GetDiz 3.0 GetRight -> GetRight GoogleVideoPlayer -> Google Video Player Guitar Pro 5_is1 -> Guitar Pro 5.0 HiDownload_is1 -> HiDownload IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ie7 -> Windows Internet Explorer 7 ie8 -> Windows Internet Explorer 8 ImgBurn -> ImgBurn Learn Typing Quick & Easy -> Learn Typing Quick & Easy Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 mIRC -> mIRC Mozilla Firefox (3.5.5) -> Mozilla Firefox (3.5.5) MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP Nero - Burning Rom!UninstallKey -> Nero OEM NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs NVIDIA Drivers -> NVIDIA Drivers NVIDIA nView Desktop Manager -> NVIDIA nView Desktop Manager RealPlayer 6.0 -> RealPlayer SystemRequirementsLab -> System Requirements Lab TVersity Codec Pack -> TVersity Codec Pack 1.2 TVersity Media Server -> TVersity Media Server 0.9.10.8a beta TVersity Media Server -> TVersity Media Server 1.0.0.8 RC5 VLC media player -> VLC media player 0.9.8a Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 WIC -> Windows Imaging Component Windows Media Encoder 9 -> Windows Media Encoder 9 Series Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 WinRAR archiver -> WinRAR archiver winscp3_is1 -> WinSCP 4.1.6 WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 10/26/2009 3:41:33 AM Computer Name = USER-89C8E3C63E | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgssie.dll, version 9.0.0.663, fault address 0x000d7bb0. Application [ Error ] 10/26/2009 3:42:20 AM Computer Name = USER-89C8E3C63E | Source = MsiInstaller | ID = 11706 -> Description = Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM. Application [ Error ] 11/19/2009 5:47:19 AM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application iTunes.exe, version 8.2.1.6, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 11/19/2009 5:17:57 PM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application iTunes.exe, version 8.2.1.6, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 11/25/2009 10:09:43 PM Computer Name = USER-89C8E3C63E | Source = Application Error | ID = 1000 -> Description = Faulting application itunes.exe, version 8.2.1.6, faulting module quicktime.qts, version 7.62.14.0, fault address 0x001528b4. Application [ Error ] 12/4/2009 2:55:36 PM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 12/6/2009 11:48:23 PM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application RootRepeal[1].exe, version 1.3.5.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 12/6/2009 11:48:23 PM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application RootRepeal[1].exe, version 1.3.5.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 12/7/2009 12:28:09 AM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application RootRepeal[2].exe, version 1.3.5.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 12/7/2009 12:39:16 AM Computer Name = USER-89C8E3C63E | Source = Application Hang | ID = 1002 -> Description = Hanging application RootRepeal[2].exe, version 1.3.5.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System [ Error ] 12/7/2009 10:03:59 PM Computer Name = USER-89C8E3C63E | Source = nvgts | ID = 262149 -> Description = A parity error was detected on \Device\Scsi\nvgts2. System [ Error ] 12/7/2009 10:07:30 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The ebvf service failed to start due to the following error: %%2 System [ Error ] 12/7/2009 10:07:30 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The Upload Manager service failed to start due to the following error: %%1079 System [ Error ] 12/7/2009 10:07:30 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: Beep System [ Error ] 12/7/2009 10:16:18 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The ebvf service failed to start due to the following error: %%2 System [ Error ] 12/7/2009 10:16:18 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The Upload Manager service failed to start due to the following error: %%1079 System [ Error ] 12/7/2009 10:16:18 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: Beep System [ Error ] 12/7/2009 10:33:10 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The ebvf service failed to start due to the following error: %%2 System [ Error ] 12/7/2009 10:33:10 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7000 -> Description = The Upload Manager service failed to start due to the following error: %%1079 System [ Error ] 12/7/2009 10:33:10 PM Computer Name = USER-89C8E3C63E | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: Beep [Files/Folders - Created Within 30 Days] ie8 -> C:\WINDOWS\ie8 -> [2009/12/07 18:20:46 | 00,000,000 | -H-D | C] Downloads -> C:\Documents and Settings\User\My Documents\Downloads -> [2009/12/07 18:12:58 | 00,000,000 | ---D | C] RootRepeal.exe -> C:\Documents and Settings\User\Desktop\RootRepeal.exe -> [2009/12/07 17:11:21 | 00,472,064 | ---- | C] ( ) OTS.exe -> C:\Documents and Settings\User\Desktop\OTS.exe -> [2009/12/07 03:04:17 | 00,532,992 | ---- | C] (OldTimer Tools) AvgArCln.sys -> C:\WINDOWS\System32\drivers\AvgArCln.sys -> [2009/12/07 02:50:17 | 00,003,968 | ---- | C] (GRISOFT, s.r.o.) GRISOFT -> C:\Program Files\GRISOFT -> [2009/12/07 02:50:17 | 00,000,000 | ---D | C] Mozilla -> C:\Documents and Settings\User\Local Settings\Application Data\Mozilla -> [2009/12/07 02:31:44 | 00,000,000 | ---D | C] Mozilla -> C:\Documents and Settings\User\Application Data\Mozilla -> [2009/12/07 02:31:44 | 00,000,000 | ---D | C] Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2009/12/07 02:31:25 | 00,000,000 | ---D | C] 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] NvApps.xml -> C:\WINDOWS\System32\NvApps.xml -> [2009/12/07 18:34:24 | 00,253,748 | ---- | M] () tversity.cookies -> C:\WINDOWS\System32\tversity.cookies -> [2009/12/07 18:32:16 | 00,000,797 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/12/07 18:31:52 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/12/07 18:31:45 | 00,002,048 | --S- | M] () ntuser.dat -> C:\Documents and Settings\User\ntuser.dat -> [2009/12/07 18:30:42 | 08,388,608 | ---- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/12/07 18:21:43 | 00,001,374 | ---- | M] () ntuser.ini -> C:\Documents and Settings\User\ntuser.ini -> [2009/12/07 18:13:40 | 00,000,178 | -HS- | M] () incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2009/12/07 18:01:27 | 46,334,996 | ---- | M] () microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2009/12/07 17:56:53 | 00,116,698 | ---- | M] () OTS.exe -> C:\Documents and Settings\User\Desktop\OTS.exe -> [2009/12/07 03:04:17 | 00,532,992 | ---- | M] (OldTimer Tools) AVG Anti-Rootkit Free.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Anti-Rootkit Free.lnk -> [2009/12/07 02:50:18 | 00,000,828 | ---- | M] () SysProt.zip -> C:\Documents and Settings\User\Desktop\SysProt.zip -> [2009/12/07 02:48:38 | 00,354,396 | ---- | M] () nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2009/12/07 02:31:50 | 00,000,000 | ---- | M] () Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2009/12/07 02:31:30 | 00,001,602 | ---- | M] () to5fp16z.exe -> C:\Documents and Settings\User\Desktop\to5fp16z.exe -> [2009/12/06 20:38:35 | 00,292,352 | ---- | M] () RootRepeal.exe -> C:\Documents and Settings\User\Desktop\RootRepeal.exe -> [2009/12/06 20:23:15 | 00,472,064 | ---- | M] ( ) settings.dat -> C:\Documents and Settings\User\Desktop\settings.dat -> [2009/12/06 19:45:30 | 00,000,000 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/12/06 19:28:24 | 00,012,598 | ---- | M] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/12/04 17:47:26 | 00,000,116 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/12/04 15:01:03 | 00,125,440 | ---- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2009/11/25 22:32:00 | 00,000,284 | ---- | M] () FW_WRT54Gv5v6_1.02.7.011_EN_20090727.bin -> C:\Documents and Settings\User\Desktop\FW_WRT54Gv5v6_1.02.7.011_EN_20090727.bin -> [2009/11/11 23:27:52 | 01,768,996 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/11/11 03:23:37 | 00,263,824 | ---- | M] () avgtdix.sys -> C:\WINDOWS\System32\drivers\avgtdix.sys -> [2009/11/09 08:32:26 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 439 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 439 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 439 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 1553 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> 1553 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> 1553 C:\Documents and Settings\User\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\E76PEP2X\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\E76PEP2X\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\CP6PIBON\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\CP6PIBON\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-PROST.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-PROST.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-NDM6B.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-NDM6B.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-LFGR2.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-LFGR2.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-FSM2H.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-FSM2H.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-B33RQ.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-B33RQ.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-61QNH.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-61QNH.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-5LH0K.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-5LH0K.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-53BMO.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-53BMO.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-0J6RF.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-0J6RF.tmp\_isetup\*.tmp -> 1 C:\Documents and Settings\User\Local Settings\Temp\is-077FT.tmp\_isetup\*.tmp files -> C:\Documents and Settings\User\Local Settings\Temp\is-077FT.tmp\_isetup\*.tmp -> [Files - No Company Name] AVG Anti-Rootkit Free.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Anti-Rootkit Free.lnk -> [2009/12/07 02:50:18 | 00,000,828 | ---- | C] () SysProt.zip -> C:\Documents and Settings\User\Desktop\SysProt.zip -> [2009/12/07 02:48:38 | 00,354,396 | ---- | C] () nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2009/12/07 02:31:50 | 00,000,000 | ---- | C] () Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2009/12/07 02:31:30 | 00,001,602 | ---- | C] () to5fp16z.exe -> C:\Documents and Settings\User\Desktop\to5fp16z.exe -> [2009/12/06 20:39:01 | 00,292,352 | ---- | C] () settings.dat -> C:\Documents and Settings\User\Desktop\settings.dat -> [2009/12/06 19:45:30 | 00,000,000 | ---- | C] () FW_WRT54Gv5v6_1.02.7.011_EN_20090727.bin -> C:\Documents and Settings\User\Desktop\FW_WRT54Gv5v6_1.02.7.011_EN_20090727.bin -> [2009/11/11 23:28:01 | 01,768,996 | ---- | C] () WAVEMIX.INI -> C:\WINDOWS\WAVEMIX.INI -> [2008/06/05 11:23:53 | 00,002,573 | ---- | C] () QNETP7.INI -> C:\WINDOWS\QNETP7.INI -> [2008/06/05 11:23:53 | 00,000,154 | ---- | C] () game.ini -> C:\WINDOWS\game.ini -> [2008/01/10 23:52:36 | 00,000,319 | ---- | C] () ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2007/11/25 21:59:39 | 00,007,680 | ---- | C] () ff_vfw.dll.manifest -> C:\WINDOWS\System32\ff_vfw.dll.manifest -> [2007/11/25 21:59:39 | 00,000,547 | ---- | C] () winitn.dll -> C:\WINDOWS\System32\winitn.dll -> [2007/10/04 18:10:15 | 00,000,077 | ---- | C] () lame_enc.dll -> C:\WINDOWS\System32\lame_enc.dll -> [2007/10/04 18:10:12 | 00,237,568 | ---- | C] () Iedit_.INI -> C:\WINDOWS\Iedit_.INI -> [2007/03/29 11:34:53 | 00,000,030 | ---- | C] () AviSplitter.INI -> C:\WINDOWS\AviSplitter.INI -> [2007/02/05 20:11:48 | 00,000,038 | ---- | C] () NMDll.dll -> C:\WINDOWS\System32\NMDll.dll -> [2007/01/04 02:11:12 | 00,468,480 | ---- | C] () HDBHO.dll -> C:\WINDOWS\System32\HDBHO.dll -> [2007/01/04 02:11:12 | 00,208,896 | ---- | C] () yhl.dll -> C:\WINDOWS\yhl.dll -> [2007/01/04 02:11:12 | 00,020,480 | ---- | C] () lq.dll -> C:\WINDOWS\lq.dll -> [2007/01/04 02:11:12 | 00,007,168 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2006/12/11 21:28:14 | 00,000,376 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2006/12/11 21:20:38 | 00,639,224 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2006/11/23 21:22:27 | 00,000,050 | ---- | C] () CNMVS2v.DLL -> C:\WINDOWS\System32\CNMVS2v.DLL -> [2006/11/20 16:45:50 | 00,005,632 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2006/11/17 01:34:59 | 00,000,116 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/11/14 11:33:30 | 00,000,061 | ---- | C] () PciBus.sys -> C:\WINDOWS\System32\drivers\PciBus.sys -> [2006/09/11 11:09:38 | 00,003,972 | ---- | C] () Ascd_tmp.ini -> C:\WINDOWS\Ascd_tmp.ini -> [2006/09/11 10:58:49 | 00,020,256 | ---- | C] () ASACPI.sys -> C:\WINDOWS\System32\drivers\ASACPI.sys -> [2006/09/11 10:58:47 | 00,005,810 | R--- | C] () ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2006/09/11 10:58:38 | 00,005,824 | ---- | C] () RtlCPAPI.dll -> C:\WINDOWS\System32\RtlCPAPI.dll -> [2006/09/11 10:42:04 | 00,147,456 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 13:58:52 | 00,030,808 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 13:53:56 | 00,026,489 | ---- | C] () GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 14:39:28 | 00,029,779 | ---- | C] () GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 14:39:28 | 00,026,040 | ---- | C] () [File - Lop Check] avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/11/04 14:55:23 | 00,000,000 | ---D | M] BVRP Software -> C:\Documents and Settings\All Users\Application Data\BVRP Software -> [2009/07/24 21:14:30 | 00,000,000 | ---D | M] CopyPod -> C:\Documents and Settings\All Users\Application Data\CopyPod -> [2006/11/29 20:25:04 | 00,000,000 | ---D | M] Ulead Systems -> C:\Documents and Settings\All Users\Application Data\Ulead Systems -> [2007/03/29 12:06:19 | 00,000,000 | ---D | M] {8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> [2009/08/12 02:05:44 | 00,000,000 | ---D | M] GetRight -> C:\Documents and Settings\Dad\Application Data\GetRight -> [2009/06/03 14:30:12 | 00,000,000 | ---D | M] ImgBurn -> C:\Documents and Settings\Dad\Application Data\ImgBurn -> [2009/10/03 23:56:08 | 00,000,000 | ---D | M] Research In Motion -> C:\Documents and Settings\Dad\Application Data\Research In Motion -> [2009/08/05 10:39:48 | 00,000,000 | ---D | M] alot -> C:\Documents and Settings\Mom\Application Data\alot -> [2008/01/13 09:40:22 | 00,000,000 | ---D | M] cmw -> C:\Documents and Settings\Mom\Application Data\cmw -> [2008/11/03 10:50:37 | 00,000,000 | ---D | M] GetRight -> C:\Documents and Settings\Mom\Application Data\GetRight -> [2009/06/03 16:18:02 | 00,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Mom\Application Data\Leadertech -> [2007/10/03 23:46:55 | 00,000,000 | ---D | M] Research In Motion -> C:\Documents and Settings\Mom\Application Data\Research In Motion -> [2009/08/02 12:18:44 | 00,000,000 | ---D | M] Smilebox -> C:\Documents and Settings\Mom\Application Data\Smilebox -> [2009/09/10 07:50:24 | 00,000,000 | ---D | M] Azureus -> C:\Documents and Settings\User\Application Data\Azureus -> [2009/12/07 18:01:51 | 00,000,000 | ---D | M] Blackberry Desktop -> C:\Documents and Settings\User\Application Data\Blackberry Desktop -> [2009/05/09 12:10:46 | 00,000,000 | ---D | M] cmw -> C:\Documents and Settings\User\Application Data\cmw -> [2008/09/09 23:47:35 | 00,000,000 | ---D | M] Datel -> C:\Documents and Settings\User\Application Data\Datel -> [2008/04/07 22:21:51 | 00,000,000 | ---D | M] GetRightToGo -> C:\Documents and Settings\User\Application Data\GetRightToGo -> [2007/01/04 02:14:21 | 00,000,000 | ---D | M] ImgBurn -> C:\Documents and Settings\User\Application Data\ImgBurn -> [2009/07/25 02:26:54 | 00,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\User\Application Data\Leadertech -> [2009/06/04 01:44:59 | 00,000,000 | ---D | M] Research In Motion -> C:\Documents and Settings\User\Application Data\Research In Motion -> [2009/05/09 12:09:13 | 00,000,000 | ---D | M] [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\eventlog.dll /s /md5 > eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll -> [2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\eventlog.dll -> [2004/08/19 09:38:33 | 00,055,808 | ---- | M] (Microsoft Corporation) 1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\dllcache\eventlog.dll -> [2004/08/19 09:38:33 | 00,055,808 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\scecli.dll /s /md5 > scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll -> [2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\scecli.dll -> [2004/08/19 09:44:39 | 00,180,224 | ---- | M] (Microsoft Corporation) 1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\dllcache\scecli.dll -> [2004/08/19 09:44:39 | 00,180,224 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\netlogon.dll /s /md5 > netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll -> [2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll -> [2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll -> [2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\netlogon.dll -> [2004/08/19 09:43:07 | 00,407,040 | ---- | M] (Microsoft Corporation) 1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\dllcache\netlogon.dll -> [2004/08/19 09:43:07 | 00,407,040 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys -> [2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2004/08/19 09:35:45 | 00,095,360 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\si3112.sys /s /md5 > < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys -> [2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < End of report > [/code]