[code] OTS logfile created on: 22/01/2010 15:56:36 - Run 1 OTS by OldTimer - Version 3.1.19.3 Folder = C:\Users\Grizzle\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18865) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 892.00 Mb Total Physical Memory | 152.00 Mb Available Physical Memory | 17.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 44.00% Paging File free Paging file location(s): c:\pagefile.sys 0 0s:\pagefile.sys 16 1300 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 104.95 Gb Total Space | 26.56 Gb Free Space | 25.30% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive S: | 1.46 Gb Total Space | 1.40 Gb Free Space | 95.54% Space Free | Partition Type: NTFS Computer Name: GRIZZLES-LAPTOP Current User Name: Grizzle Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Grizzle\Desktop\OTS.exe -> [2010/01/22 15:52:21 | 00,631,808 | ---- | M] (OldTimer Tools) avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2010/01/19 11:57:44 | 02,743,104 | ---- | M] (ALWIL Software) avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/01/19 11:57:41 | 00,040,384 | ---- | M] (ALWIL Software) ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/05/04 00:22:23 | 00,039,408 | ---- | M] (Google Inc.) explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) jusched.exe -> C:\Program Files\Java\jre6\bin\jusched.exe -> [2009/03/24 17:40:36 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2009/03/14 00:13:16 | 00,198,160 | ---- | M] (RealNetworks, Inc.) mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) sepcsuite.exe -> C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe -> [2008/07/02 15:16:20 | 00,393,216 | ---- | M] (Sony Ericsson Mobile Communications AB) osd.exe -> C:\Program Files\C&E\OSD\osd.exe -> [2008/02/22 14:57:42 | 00,671,801 | ---- | M] (C&E) wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2008/01/21 02:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) messagingapp.exe -> C:\Program Files\Spare Messaging\MessagingApp.exe -> [2007/11/28 15:43:08 | 00,042,824 | ---- | M] () rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2007/11/14 14:50:42 | 04,706,304 | ---- | M] (Realtek Semiconductor) sistray.exe -> C:\Program Files\SiS VGA Utilities\SiSTray.exe -> [2007/08/24 14:20:38 | 00,552,960 | ---- | M] (Silicon Integrated Systems Corporation) khost.exe -> C:\Program Files\Kontiki\KHost.exe -> [2007/04/23 10:23:14 | 01,032,640 | ---- | M] (Kontiki Inc.) kservice.exe -> C:\Program Files\Kontiki\KService.exe -> [2007/04/23 10:22:14 | 03,068,352 | ---- | M] (Kontiki Inc.) e_faticee.exe -> C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE -> [2007/04/12 06:00:00 | 00,182,272 | ---- | M] (SEIKO EPSON CORPORATION) wzqkpick.exe -> C:\Program Files\WinZip\WZQKPICK.EXE -> [2006/11/10 10:00:00 | 00,389,120 | ---- | M] (WinZip Computing LP) ulcdrsvr.exe -> C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -> [2006/09/28 09:20:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) stkasv2k.exe -> C:\Windows\System32\StkASv2K.exe -> [2006/05/24 06:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) [Modules - Safe List] ots.exe -> C:\Users\Grizzle\Desktop\OTS.exe -> [2010/01/22 15:52:21 | 00,631,808 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/11 06:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/01/19 11:57:41 | 00,040,384 | ---- | M] (ALWIL Software) (avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/01/19 11:57:41 | 00,040,384 | ---- | M] (ALWIL Software) (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/01/19 11:57:41 | 00,040,384 | ---- | M] (ALWIL Software) (gupdate1ca954ddf591607) Google Update Service (gupdate1ca954ddf591607) [Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2010/01/14 19:14:28 | 00,133,104 | ---- | M] (Google Inc.) (iPod Service) iPod Service [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) (FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/25 01:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) (gusvc) Google Software Updater [On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/05/04 00:22:20 | 00,182,768 | ---- | M] (Google) (Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/21 02:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) (OsdService) OsdService [Auto | Stopped] -> C:\Program Files\C&E\OSD\OsdService\OsdService.exe -> [2008/01/08 16:58:50 | 00,053,248 | ---- | M] () (WLSetupSvc) Windows Live Setup Service [On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) (KService) KService [Auto | Running] -> C:\Program Files\Kontiki\KService.exe -> [2007/04/23 10:22:14 | 03,068,352 | ---- | M] (Kontiki Inc.) (ehstart) Windows Media Center Service Launcher [Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 12:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) (Irmon) Infrared monitor service [Auto | Running] -> C:\Windows\System32\irmon.dll -> [2006/11/02 09:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (UleadBurningHelper) Ulead Burning Helper [Auto | Running] -> C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -> [2006/09/28 09:20:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) (StkASSrv) Syntek STK1150 Service [Auto | Running] -> C:\Windows\System32\StkASv2K.exe -> [2006/05/24 06:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [Driver Services - Safe List] (aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2010/01/19 13:13:58 | 00,162,640 | ---- | M] (ALWIL Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2010/01/19 11:46:52 | 00,046,544 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2010/01/19 11:43:40 | 00,023,248 | ---- | M] (ALWIL Software) (aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010/01/19 11:43:23 | 00,051,792 | ---- | M] (ALWIL Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010/01/19 11:42:57 | 00,019,024 | ---- | M] (ALWIL Software) (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -> [2009/10/13 16:42:22 | 00,025,704 | ---- | M] (Wondershare) (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -> [2009/10/13 16:42:22 | 00,025,704 | ---- | M] (Wondershare) (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -> [2009/10/13 16:42:22 | 00,025,704 | ---- | M] (Wondershare) (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -> [2009/10/13 16:42:22 | 00,025,704 | ---- | M] (Wondershare) (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -> [2009/10/13 16:42:22 | 00,025,704 | ---- | M] (Wondershare) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbaapl.sys -> [2009/08/28 19:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) (DCamUSBEMPIA) Grabster AV 350 service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\emDevice.sys -> [2009/06/25 11:32:58 | 00,175,576 | ---- | M] (eMPIA Technology, Inc.) (FiltUSBEMPIA) USB Device Lower Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\emFilter.sys -> [2009/06/25 11:32:58 | 00,009,688 | ---- | M] (eMPIA Technology, Inc.) (ScanUSBEMPIA) USB Still Image Capture Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\emScan.sys -> [2009/06/25 11:32:58 | 00,009,560 | ---- | M] (eMPIA Technology, Inc.) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\GEARAspiWDM.sys -> [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/11 04:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) (ggsemc) SEMC USB Flash Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ggsemc.sys -> [2008/11/23 23:05:52 | 00,021,672 | ---- | M] (Sony Ericsson Mobile Communications) (ggflt) SEMC USB Flash Driver Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ggflt.sys -> [2008/11/23 23:05:52 | 00,013,352 | ---- | M] (Sony Ericsson Mobile Communications) (sptd) sptd [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\sptd.sys -> [2008/10/09 12:46:21 | 00,717,296 | ---- | M] () (RTSTOR) Realtek USB 2.0 Card Reader [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTSTOR.sys -> [2008/03/11 20:02:32 | 00,061,440 | ---- | M] (Realtek Semiconductor Corp.) (MegaSR) MegaSR [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/21 02:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/21 02:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/21 02:23:27 | 00,031,288 | ---- | M] (LSI Corporation) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/21 02:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/21 02:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/21 02:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) (irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\irsir.sys -> [2008/01/21 02:23:26 | 00,020,992 | ---- | M] (Microsoft Corporation) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/21 02:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/21 02:23:25 | 00,089,656 | ---- | M] (LSI Logic) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/21 02:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2008/01/21 02:23:24 | 00,118,784 | ---- | M] (Intel Corporation) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2008/01/21 02:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/21 02:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/21 02:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2008/01/21 02:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/21 02:23:22 | 00,342,584 | ---- | M] (Emulex) (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/21 02:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) (nvraid) NVIDIA nForce RAID Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/21 02:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) (nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/21 02:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/21 02:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/21 02:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/21 02:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) (DriveSentryRegHookDriver) DriveSentryRegHookDriver [File_System | Auto | Running] -> C:\Windows\System32\drivers\DriveSentryRegHookDriver.sys -> [2008/01/11 11:45:19 | 00,009,984 | ---- | M] (DriveSentry Inc.) (DriveSentryKeeperDriver) DriveSentryKeeperDriver [File_System | Auto | Running] -> C:\Windows\System32\drivers\DriveSentryKeeperDriver.sys -> [2008/01/11 11:45:19 | 00,004,352 | ---- | M] () (DriveSentryCommsDriver) DriveSentryCommsDriver [File_System | Auto | Running] -> C:\Windows\System32\drivers\DriveSentryCommsDriver.sys -> [2008/01/11 11:45:17 | 00,016,896 | ---- | M] (DriveSentry Inc.) (DriveSentryFilterDriver2Lite) DriveSentryFilterDriver2Lite [File_System | Auto | Running] -> C:\Windows\System32\drivers\DriveSentryFilterDriver2Lite.sys -> [2008/01/11 11:45:16 | 00,012,800 | ---- | M] (DriveSentry Inc.) (hwdatacard) Huawei DataCard USB Modem and USB Serial [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ewusbmdm.sys -> [2007/12/11 13:47:44 | 00,101,504 | R--- | M] (Huawei Technologies Co., Ltd.) (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017unic.sys -> [2007/12/10 13:22:22 | 00,110,120 | ---- | M] (MCCI Corporation) (s3017obex) Sony Ericsson Device 3017 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017obex.sys -> [2007/12/10 13:22:22 | 00,100,648 | ---- | M] (MCCI Corporation) (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017mgmt.sys -> [2007/12/10 13:22:20 | 00,104,616 | ---- | M] (MCCI Corporation) (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017nd5.sys -> [2007/12/10 13:22:20 | 00,025,512 | ---- | M] (MCCI Corporation) (s3017mdm) Sony Ericsson Device 3017 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017mdm.sys -> [2007/12/10 13:22:18 | 00,110,632 | ---- | M] (MCCI Corporation) (s3017mdfl) Sony Ericsson Device 3017 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017mdfl.sys -> [2007/12/10 13:22:18 | 00,015,016 | ---- | M] (MCCI Corporation) (s3017bus) Sony Ericsson Device 3017 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s3017bus.sys -> [2007/12/10 13:22:14 | 00,083,880 | ---- | M] (MCCI Corporation) (SiSGbeLH) SiS191/SiS190 Ethernet Device NDIS 6.0 Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SiSGB6.sys -> [2007/11/15 20:09:04 | 00,048,128 | ---- | M] (Silicon Integrated Systems Corp.) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2007/11/14 16:13:00 | 02,016,920 | ---- | M] (Realtek Semiconductor Corp.) (CEBFilter) CEBFilter [Kernel | On_Demand | Running] -> C:\Program Files\C&E\OSD\OsdService\cebuffer.sys -> [2007/09/04 15:20:00 | 00,005,120 | ---- | M] (Windows (R) Codename Longhorn DDK provider) (CEIO) CEIO [Kernel | On_Demand | Running] -> C:\Program Files\C&E\OSD\OsdService\ceio.sys -> [2007/08/31 15:18:06 | 00,004,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) (cKBFilter) cKBFilter [Kernel | On_Demand | Running] -> C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys -> [2007/08/31 13:22:26 | 00,007,168 | ---- | M] (Windows (R) Codename Longhorn DDK provider) (SiS6350) SiS6350 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SISGRKMD.sys -> [2007/08/24 17:28:08 | 00,452,096 | ---- | M] (Silicon Integrated Systems Corporation) (RTL8187B) Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rtl8187B.sys -> [2007/08/07 21:39:00 | 00,283,136 | ---- | M] (Realtek Semiconductor Corporation ) (SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\SISAGPX.sys -> [2007/01/24 16:08:06 | 00,056,184 | ---- | M] (Silicon Integrated Systems Corporation) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 09:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 09:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 09:50:19 | 00,045,160 | ---- | M] (IBM Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 09:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 09:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 09:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 09:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 09:50:05 | 00,035,944 | ---- | M] (LSI Logic) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 09:50:03 | 00,034,920 | ---- | M] (LSI Logic) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 09:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 09:49:56 | 00,031,848 | ---- | M] (LSI Logic) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 08:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 08:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 08:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 08:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 08:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 08:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 07:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) (ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2006/10/19 02:10:57 | 01,380,864 | ---- | M] (Intel Corporation) (StkAMini) Syntek STK1150 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\StkAMini.sys -> [2006/09/27 03:01:36 | 00,241,628 | ---- | M] (Syntek America Inc.) (StkScan) Syntek STK1150 Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\StkScan.sys -> [2006/08/02 06:44:04 | 00,004,772 | ---- | M] (Syntek America Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\: Main\\"Search Page" -> http://www.google.com -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\: Main\\"Start Page" -> http://www.daemon-search.com/startpage -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Grizzle\AppData\Roaming\Mozilla\FireFox\Profiles\4z935m6i.default\prefs.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/01/19 23:02:27 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/01/19 23:02:23 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Grizzle\AppData\Roaming\Mozilla\Extensions -> [2010/01/19 23:03:01 | 00,000,000 | ---D | M] -> C:\Users\Grizzle\AppData\Roaming\Mozilla\Firefox\Profiles\4z935m6i.default\extensions -> [2010/01/19 23:05:10 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/01/19 23:02:24 | 00,000,000 | ---D | M] < HOSTS File > (304259 bytes and 10525 lines) -> C:\Windows\System32\drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1001namen.com 127.0.0.1 1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 22:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> File not found {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2009/06/11 19:45:42 | 00,259,696 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/29 00:20:58 | 00,764,912 | ---- | M] (Google Inc.) {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar Helper] -> [2007/10/19 10:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [Google Dictionary Compression sdch] -> [2009/05/03 22:15:11 | 00,470,512 | ---- | M] (Google Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/03/24 17:40:36 | 00,035,840 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009/06/11 19:45:42 | 00,259,696 | ---- | M] (Google Inc.) "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 10:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009/06/11 19:45:42 | 00,259,696 | ---- | M] (Google Inc.) WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 10:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "4oD" -> C:\Program Files\Kontiki\KHost.exe ["C:\Program Files\Kontiki\KHost.exe" -all] -> [2007/04/23 10:23:14 | 01,032,640 | ---- | M] (Kontiki Inc.) "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/01/11 21:16:38 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "avast5" -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe [C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui] -> [2010/01/19 11:57:44 | 02,743,104 | ---- | M] (ALWIL Software) "DriveSentry" -> C:\Program Files\DriveSentry\DriveSentry.exe [C:\Program Files\DriveSentry\DriveSentry.exe] -> [2008/01/11 11:45:08 | 01,043,456 | ---- | M] (DriveSentry Inc.) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) "OSD" -> C:\Program Files\C&E\OSD\osd.exe [C:\Program Files\C&E\OSD\osd.exe] -> [2008/02/22 14:57:42 | 00,671,801 | ---- | M] (C&E) "QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) "RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2007/11/14 14:50:42 | 04,706,304 | ---- | M] (Realtek Semiconductor) "SiSTray" -> C:\Program Files\SiS VGA Utilities\SiSTray.exe [%ProgramFiles%\SiS VGA Utilities\SiSTray.exe] -> [2007/08/24 14:20:38 | 00,552,960 | ---- | M] (Silicon Integrated Systems Corporation) "Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2007/10/11 10:04:04 | 01,826,816 | ---- | M] (Realtek Semiconductor Corp.) "SpareMessaging" -> C:\Program Files\Spare Messaging\MessagingApp.exe ["C:\Program Files\Spare Messaging\MessagingApp.exe"] -> [2007/11/28 15:43:08 | 00,042,824 | ---- | M] () "SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/03/24 17:40:36 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2009/03/14 00:13:16 | 00,198,160 | ---- | M] (RealNetworks, Inc.) "UpdateP2GShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"] -> [2008/01/04 10:02:26 | 00,222,504 | ---- | M] (CyberLink Corp.) "UVS10 Preload" -> C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe] -> [2006/08/09 13:27:48 | 00,036,864 | ---- | M] (Ulead Systems, Inc.) < Run [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "EPSON Stylus DX8400 Series" -> C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_S49B9.tmp" /EF "HKCU"] -> [2007/04/12 06:00:00 | 00,182,272 | ---- | M] (SEIKO EPSON CORPORATION) "kdx" -> C:\Program Files\Kontiki\KHost.exe [C:\Program Files\Kontiki\KHost.exe -all] -> [2007/04/23 10:23:14 | 01,032,640 | ---- | M] (Kontiki Inc.) "Reminder_MUI" -> C:\Applications\OEM\Reminder\Reminder_MUI.exe [C:\Applications\oem\Reminder\Reminder_MUI.exe] -> [2008/04/16 11:12:44 | 01,081,344 | ---- | M] (The TechGuys) "Skype" -> C:\Program Files\Skype\Phone\Skype.exe ["C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) "Sony Ericsson PC Suite" -> C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe ["C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon] -> [2008/07/02 15:16:20 | 00,393,216 | ---- | M] (Sony Ericsson Mobile Communications AB) "swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/05/04 00:22:23 | 00,039,408 | ---- | M] (Google Inc.) "WMPNSCFG" -> C:\Program Files\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/01/21 02:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) < Software Policy Settings [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000] -> [2009/10/08 17:45:34 | 09,361,216 | R--- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000] -> [2009/10/08 17:45:34 | 09,361,216 | R--- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> C:\Program Files\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 10:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000] -> [2009/08/17 22:48:08 | 18,341,216 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2007/10/26 17:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2007/10/26 17:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.) {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/08/04 15:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5466 domain(s) found. -> 48 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5466 domain(s) found. -> 48 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5466 domain(s) found. -> 48 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5457 domain(s) found. -> 48 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\] > -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2919209743-3810618005-1679405863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-gb.cab [MSN Photo Upload Tool] -> {5C051655-FCD5-4969-9182-770EA5AA5565} [HKLM] -> http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab [Solitaire Showdown Class] -> {8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab [Java Plug-in 1.6.0_12] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] -> {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab [Java Plug-in 1.6.0_12] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab [Java Plug-in 1.6.0_12] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [HKLM] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab [Minesweeper Flags Class] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.0.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {5CC8A12E-0595-46FA-A8D6-C9B508FC1557}\\DhcpNameServer -> 192.168.0.1 () -> {CA71C4D1-05BE-42C3-B612-7DEC0507F700}\\DhcpNameServer -> 192.168.0.1 (Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\BitTorrent\bittorrent.exe" -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2008/10/23 22:23:32 | 00,634,672 | ---- | M] (BitTorrent, Inc.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{0f64a572-688d-11de-be0e-001644d88bec} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a572-688d-11de-be0e-001644d88bec}\shell \{0f64a572-688d-11de-be0e-001644d88bec}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a572-688d-11de-be0e-001644d88bec}\shell\AutoRun\command \{0f64a572-688d-11de-be0e-001644d88bec}\shell\AutoRun\command\\"" -> D:\AutoRun.exe [D:\AutoRun.exe] -> File not found \{0f64a573-688d-11de-be0e-001644d88bec} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a573-688d-11de-be0e-001644d88bec}\shell \{0f64a573-688d-11de-be0e-001644d88bec}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a573-688d-11de-be0e-001644d88bec}\shell\AutoRun\command \{0f64a573-688d-11de-be0e-001644d88bec}\shell\AutoRun\command\\"" -> D:\AutoRun.exe [D:\AutoRun.exe] -> File not found \{0f64a58b-688d-11de-be0e-001644d88bec} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a58b-688d-11de-be0e-001644d88bec}\shell \{0f64a58b-688d-11de-be0e-001644d88bec}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f64a58b-688d-11de-be0e-001644d88bec}\shell\AutoRun\command \{0f64a58b-688d-11de-be0e-001644d88bec}\shell\AutoRun\command\\"" -> D:\AutoRun.exe [D:\AutoRun.exe] -> File not found \{78de747c-721d-11de-9360-00030d99e1ef} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78de747c-721d-11de-9360-00030d99e1ef}\shell \{78de747c-721d-11de-9360-00030d99e1ef}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78de747c-721d-11de-9360-00030d99e1ef}\shell\AutoRun\command \{78de747c-721d-11de-9360-00030d99e1ef}\shell\AutoRun\command\\"" -> D:\AutoRun.exe [D:\AutoRun.exe] -> File not found \{78de747e-721d-11de-9360-00030d99e1ef} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78de747e-721d-11de-9360-00030d99e1ef}\shell \{78de747e-721d-11de-9360-00030d99e1ef}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78de747e-721d-11de-9360-00030d99e1ef}\shell\AutoRun\command \{78de747e-721d-11de-9360-00030d99e1ef}\shell\AutoRun\command\\"" -> D:\AutoRun.exe [D:\AutoRun.exe] -> File not found \{b6619e05-9600-11dd-a57f-00030d99e1ef} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6619e05-9600-11dd-a57f-00030d99e1ef}\shell \{b6619e05-9600-11dd-a57f-00030d99e1ef}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6619e05-9600-11dd-a57f-00030d99e1ef}\shell\AutoRun\command \{b6619e05-9600-11dd-a57f-00030d99e1ef}\shell\AutoRun\command\\"" -> D:\autorun.exe [D:\autorun.exe] -> File not found \{d1116928-c912-11dd-9908-00030d99e1ef} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1116928-c912-11dd-9908-00030d99e1ef}\shell\AutoRun\command \{d1116928-c912-11dd-9908-00030d99e1ef}\shell\AutoRun\command\\"" -> F:\WD_Windows_Tools\Setup.exe [F:\WD_Windows_Tools\Setup.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> helpfile [open] -> Reg Error: Key error. hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2006/11/02 09:45:57 | 00,009,216 | ---- | M] (Microsoft Corporation) htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 -> [2001/02/12 23:59:26 | 00,066,976 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 -> [2001/02/12 23:59:26 | 00,066,976 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/01/21 02:23:50 | 00,368,640 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [AddToPlaylistVLC] -> C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" -> [2008/12/06 14:57:20 | 00,114,840 | ---- | M] () Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/21 02:23:50 | 00,318,976 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Directory [OneNote.Open] -> C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" -> [2008/05/21 04:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" -> [2008/12/06 14:57:20 | 00,114,840 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 06:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/11/21 06:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Users\Grizzle\Desktop\OTS.exe -> [2010/01/22 15:51:55 | 00,631,808 | ---- | C] (OldTimer Tools) aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010/01/20 17:52:42 | 00,019,024 | ---- | C] (ALWIL Software) aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2010/01/20 17:52:41 | 00,162,640 | ---- | C] (ALWIL Software) aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2010/01/20 17:52:39 | 00,023,248 | ---- | C] (ALWIL Software) aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2010/01/20 17:52:36 | 00,046,544 | ---- | C] (ALWIL Software) aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010/01/20 17:52:28 | 00,051,792 | ---- | C] (ALWIL Software) aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2010/01/20 17:50:24 | 00,152,672 | ---- | C] (ALWIL Software) avastSS.scr -> C:\Windows\System32\avastSS.scr -> [2010/01/20 17:50:24 | 00,038,848 | ---- | C] (ALWIL Software) Alwil Software -> C:\ProgramData\Alwil Software -> [2010/01/20 17:49:39 | 00,000,000 | ---D | C] Alwil Software -> C:\Program Files\Alwil Software -> [2010/01/20 17:49:39 | 00,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2010/01/20 12:46:13 | 00,000,000 | ---D | C] Mozilla -> C:\Users\Grizzle\AppData\Roaming\Mozilla -> [2010/01/19 23:02:39 | 00,000,000 | ---D | C] Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2010/01/19 23:02:20 | 00,000,000 | ---D | C] Windows Live -> C:\Program Files\Common Files\Windows Live -> [2010/01/15 16:48:50 | 00,000,000 | ---D | C] Downloads -> C:\Users\Grizzle\Documents\Downloads -> [2010/01/14 19:20:46 | 00,000,000 | ---D | C] skypePM -> C:\Users\Grizzle\AppData\Roaming\skypePM -> [2010/01/14 19:19:51 | 00,000,000 | ---D | C] Skype -> C:\Users\Grizzle\AppData\Roaming\Skype -> [2010/01/14 19:14:34 | 00,000,000 | ---D | C] Skype -> C:\Program Files\Common Files\Skype -> [2010/01/14 19:12:57 | 00,000,000 | ---D | C] Skype -> C:\Program Files\Skype -> [2010/01/14 19:12:55 | 00,000,000 | R--D | C] Skype -> C:\ProgramData\Skype -> [2010/01/14 19:12:44 | 00,000,000 | ---D | C] t2embed.dll -> C:\Windows\System32\t2embed.dll -> [2010/01/13 19:10:10 | 00,156,672 | ---- | C] (Microsoft Corporation) fontsub.dll -> C:\Windows\System32\fontsub.dll -> [2010/01/13 19:10:10 | 00,072,704 | ---- | C] (Microsoft Corporation) Ulead VideoStudio SE -> C:\Users\Grizzle\Documents\Ulead VideoStudio SE -> [2010/01/03 13:00:55 | 00,000,000 | ---D | C] Ulead Systems -> C:\Users\Grizzle\AppData\Roaming\Ulead Systems -> [2010/01/01 19:07:05 | 00,000,000 | ---D | C] StkAPipe.sys -> C:\Windows\System32\drivers\StkAPipe.sys -> [2010/01/01 18:45:55 | 10,479,603 | ---- | C] (Syntek America Inc.) StkAPin.sys -> C:\Windows\System32\drivers\StkAPin.sys -> [2010/01/01 18:45:55 | 00,653,988 | ---- | C] (Syntek America Inc.) StkACamd.sys -> C:\Windows\System32\drivers\StkACamd.sys -> [2010/01/01 18:45:55 | 00,242,728 | ---- | C] (Syntek America Inc.) StkAMini.sys -> C:\Windows\System32\drivers\StkAMini.sys -> [2010/01/01 18:45:55 | 00,241,628 | ---- | C] (Syntek America Inc.) Stk1150.exe -> C:\Windows\Stk1150.exe -> [2010/01/01 18:45:55 | 00,106,496 | ---- | C] (Syntek America Inc.) StkATVAp.exe -> C:\Windows\StkATVAp.exe -> [2010/01/01 18:45:55 | 00,061,440 | ---- | C] (Syntek America Inc.) StkAWIA.dll -> C:\Windows\System32\StkAWIA.dll -> [2010/01/01 18:45:55 | 00,053,248 | ---- | C] (Syntek America Inc.) StkAProp.ax -> C:\Windows\System32\StkAProp.ax -> [2010/01/01 18:45:55 | 00,053,248 | ---- | C] (Syntek America Inc.) StkAVFW.dll -> C:\Windows\System32\StkAVFW.dll -> [2010/01/01 18:45:55 | 00,045,056 | ---- | C] (Syntek America Inc.) StkASv2K.exe -> C:\Windows\System32\StkASv2K.exe -> [2010/01/01 18:45:55 | 00,024,576 | ---- | C] (Syntek America Inc.) StkASSrv.dll -> C:\Windows\System32\StkASSrv.dll -> [2010/01/01 18:45:55 | 00,024,576 | ---- | C] (Syntek America Inc.) StkASam.sys -> C:\Windows\System32\drivers\StkASam.sys -> [2010/01/01 18:45:55 | 00,018,754 | ---- | C] (Syntek America Inc.) StkScan.sys -> C:\Windows\System32\drivers\StkScan.sys -> [2010/01/01 18:45:55 | 00,004,772 | ---- | C] (Syntek America Inc.) InstallShield -> C:\ProgramData\InstallShield -> [2010/01/01 18:38:34 | 00,000,000 | ---D | C] Windows Media Components -> C:\Program Files\Windows Media Components -> [2010/01/01 18:38:18 | 00,000,000 | ---D | C] Ulead Systems -> C:\Program Files\Common Files\Ulead Systems -> [2010/01/01 18:36:35 | 00,000,000 | ---D | C] Ulead Systems -> C:\ProgramData\Ulead Systems -> [2010/01/01 18:36:34 | 00,000,000 | ---D | C] Ulead Systems -> C:\Program Files\Ulead Systems -> [2010/01/01 18:36:34 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] NTUSER.DAT -> C:\Users\Grizzle\NTUSER.DAT -> [2010/01/22 16:07:12 | 06,029,312 | -HS- | M] () OTS.exe -> C:\Users\Grizzle\Desktop\OTS.exe -> [2010/01/22 15:52:21 | 00,631,808 | ---- | M] (OldTimer Tools) Check Updates for Windows Live Toolbar.job -> C:\Windows\tasks\Check Updates for Windows Live Toolbar.job -> [2010/01/22 15:35:57 | 00,000,270 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/01/22 15:35:22 | 00,003,216 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/01/22 15:35:22 | 00,003,216 | -H-- | M] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/01/22 15:35:09 | 00,000,880 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/01/22 15:34:55 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/01/22 15:34:09 | 00,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/01/22 15:34:05 | 93,655,8592 | -HS- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Grizzle\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2010/01/22 01:56:47 | 00,524,288 | -HS- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> C:\Users\Grizzle\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2010/01/22 01:56:47 | 00,065,536 | -HS- | M] () IconCache.db -> C:\Users\Grizzle\AppData\Local\IconCache.db -> [2010/01/22 01:56:23 | 02,745,723 | -H-- | M] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/01/22 01:30:00 | 00,000,884 | ---- | M] () MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2010/01/21 19:30:01 | 14,537,4401 | ---- | M] () Amcap.exe -> C:\Users\Grizzle\Desktop\Amcap.exe -> [2010/01/21 19:28:47 | 00,032,528 | ---- | M] () gmer.zip -> C:\Users\Grizzle\Desktop\gmer.zip -> [2010/01/21 00:01:59 | 00,284,915 | ---- | M] () Launch Internet Explorer Browser.lnk -> C:\Users\Grizzle\Desktop\Launch Internet Explorer Browser.lnk -> [2010/01/20 18:28:08 | 00,000,948 | ---- | M] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010/01/20 17:52:43 | 00,001,845 | ---- | M] () config.nt -> C:\Windows\System32\config.nt -> [2010/01/20 17:52:28 | 00,002,577 | ---- | M] () mbam-log-2010-01-20 (17-30-20) Griizzle -> C:\Users\Grizzle\Documents\mbam-log-2010-01-20 (17-30-20) Griizzle -> [2010/01/20 17:30:34 | 00,000,944 | ---- | M] () NTREGOPT.lnk -> C:\Users\Grizzle\Desktop\NTREGOPT.lnk -> [2010/01/20 12:46:25 | 00,000,738 | ---- | M] () ERUNT.lnk -> C:\Users\Grizzle\Desktop\ERUNT.lnk -> [2010/01/20 12:46:22 | 00,000,719 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/01/19 23:02:28 | 00,001,729 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Grizzle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/01/19 15:18:33 | 00,030,208 | ---- | M] () aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2010/01/19 13:13:58 | 00,162,640 | ---- | M] (ALWIL Software) avastSS.scr -> C:\Windows\System32\avastSS.scr -> [2010/01/19 11:57:59 | 00,038,848 | ---- | M] (ALWIL Software) aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2010/01/19 11:57:39 | 00,152,672 | ---- | M] (ALWIL Software) aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2010/01/19 11:46:52 | 00,046,544 | ---- | M] (ALWIL Software) aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2010/01/19 11:43:40 | 00,023,248 | ---- | M] (ALWIL Software) aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010/01/19 11:43:23 | 00,051,792 | ---- | M] (ALWIL Software) aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010/01/19 11:42:57 | 00,019,024 | ---- | M] (ALWIL Software) PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010/01/15 16:42:26 | 00,690,960 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010/01/15 16:42:26 | 00,600,378 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010/01/15 16:42:26 | 00,105,852 | ---- | M] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/01/14 19:19:55 | 00,000,048 | -H-- | M] () Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/01/14 19:18:34 | 00,001,976 | ---- | M] () Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2010/01/14 19:12:58 | 00,001,878 | ---- | M] () MpSigStub.exe -> C:\Windows\System32\MpSigStub.exe -> [2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) GDIPFONTCACHEV1.DAT -> C:\Users\Grizzle\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/01/01 19:06:33 | 00,083,096 | ---- | M] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010/01/01 19:03:09 | 00,321,120 | ---- | M] () Ulead VideoStudio SE DVD.lnk -> C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk -> [2010/01/01 18:38:13 | 00,002,000 | ---- | M] () 18 C:\Users\Grizzle\AppData\Local\Temp\*.tmp files -> C:\Users\Grizzle\AppData\Local\Temp\*.tmp -> 18 C:\Users\Grizzle\AppData\Local\Temp\*.tmp files -> C:\Users\Grizzle\AppData\Local\Temp\*.tmp -> 18 C:\Users\Grizzle\AppData\Local\Temp\*.tmp files -> C:\Users\Grizzle\AppData\Local\Temp\*.tmp -> 18 C:\Users\Grizzle\AppData\Local\Temp\*.tmp files -> C:\Users\Grizzle\AppData\Local\Temp\*.tmp -> [Files - No Company Name] Amcap.exe -> C:\Users\Grizzle\Desktop\Amcap.exe -> [2010/01/21 19:28:39 | 00,032,528 | ---- | C] () gmer.zip -> C:\Users\Grizzle\Desktop\gmer.zip -> [2010/01/21 00:01:39 | 00,284,915 | ---- | C] () Launch Internet Explorer Browser.lnk -> C:\Users\Grizzle\Desktop\Launch Internet Explorer Browser.lnk -> [2010/01/20 18:28:08 | 00,000,948 | ---- | C] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010/01/20 17:52:43 | 00,001,845 | ---- | C] () mbam-log-2010-01-20 (17-30-20) Griizzle -> C:\Users\Grizzle\Documents\mbam-log-2010-01-20 (17-30-20) Griizzle -> [2010/01/20 17:30:34 | 00,000,944 | ---- | C] () NTREGOPT.lnk -> C:\Users\Grizzle\Desktop\NTREGOPT.lnk -> [2010/01/20 12:46:25 | 00,000,738 | ---- | C] () ERUNT.lnk -> C:\Users\Grizzle\Desktop\ERUNT.lnk -> [2010/01/20 12:46:22 | 00,000,719 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/01/19 23:02:28 | 00,001,729 | ---- | C] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/01/14 19:25:45 | 00,000,884 | ---- | C] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/01/14 19:25:43 | 00,000,880 | ---- | C] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/01/14 19:19:55 | 00,000,048 | -H-- | C] () Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/01/14 19:18:34 | 00,001,976 | ---- | C] () Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2010/01/14 19:12:58 | 00,001,878 | ---- | C] () Ulead VideoStudio SE DVD.lnk -> C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk -> [2010/01/01 18:38:13 | 00,002,000 | ---- | C] () xlive.dll.cat -> C:\Windows\System32\xlive.dll.cat -> [2009/11/06 10:58:04 | 00,178,975 | ---- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/09/24 11:47:35 | 00,117,248 | ---- | C] () CmdLineExt03.dll -> C:\Windows\System32\CmdLineExt03.dll -> [2008/11/24 17:03:48 | 00,043,520 | ---- | C] () CDE DX8400DEFGIPS.ini -> C:\Windows\CDE DX8400DEFGIPS.ini -> [2008/11/23 20:15:41 | 00,000,025 | ---- | C] () sptd.sys -> C:\Windows\System32\drivers\sptd.sys -> [2008/10/09 12:46:20 | 00,717,296 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2008/10/01 13:20:27 | 00,000,376 | ---- | C] () Winlogonevents.dll -> C:\Windows\System32\Winlogonevents.dll -> [2008/05/26 12:41:50 | 00,053,248 | ---- | C] () DriveSentryKeeperDriver.sys -> C:\Windows\System32\drivers\DriveSentryKeeperDriver.sys -> [2008/05/26 12:41:50 | 00,004,352 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 12:37:35 | 00,037,665 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 12:37:35 | 00,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 12:37:35 | 00,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 12:37:35 | 00,026,040 | ---- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 12:35:32 | 00,005,632 | ---- | C] () igfxTMM.dll -> C:\Windows\System32\igfxTMM.dll -> [2006/11/02 10:25:21 | 00,061,440 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 07:40:29 | 00,013,750 | ---- | C] () [File - Lop Check] DAEMON Tools -> C:\Users\Grizzle\AppData\Roaming\DAEMON Tools -> [2008/10/09 12:46:00 | 00,000,000 | ---D | M] LimeWire -> C:\Users\Grizzle\AppData\Roaming\LimeWire -> [2009/03/09 20:44:58 | 00,000,000 | ---D | M] Sony -> C:\Users\Grizzle\AppData\Roaming\Sony -> [2008/11/23 21:54:02 | 00,000,000 | ---D | M] Ulead Systems -> C:\Users\Grizzle\AppData\Roaming\Ulead Systems -> [2010/01/03 15:21:40 | 00,000,000 | ---D | M] uTorrent -> C:\Users\Grizzle\AppData\Roaming\uTorrent -> [2010/01/19 11:29:56 | 00,000,000 | ---D | M] Windows Live Writer -> C:\Users\Grizzle\AppData\Roaming\Windows Live Writer -> [2009/06/07 12:02:15 | 00,000,000 | ---D | M] Check Updates for Windows Live Toolbar.job -> C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job -> [2010/01/22 15:35:57 | 00,000,270 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/01/22 01:57:08 | 00,032,576 | ---- | M] () [File - Purity Scan] [Custom Scans] < netsvcs > < %SYSTEMDRIVE%\*.exe > pv.exe -> C:\pv.exe -> [2006/03/02 23:42:40 | 00,073,728 | ---- | M] () < MD5 Scans Start> < %systemdrive%\AGP440.SYS /md5 /s > AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\drivers\AGP440.sys -> [2008/01/21 02:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys -> [2008/01/21 02:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys -> [2008/01/21 02:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys -> [2008/01/21 02:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys -> [2008/01/21 02:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys -> [2006/11/02 09:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) < %systemdrive%\ATAPI.SYS /md5 /s > atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\drivers\atapi.sys -> [2009/04/11 06:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys -> [2009/04/11 06:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys -> [2009/04/11 06:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys -> [2008/01/21 02:23:00 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys -> [2008/01/21 02:23:00 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys -> [2006/11/02 09:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) < %systemdrive%\CNGAUDIT.DLL /md5 /s > cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\System32\cngaudit.dll -> [2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll -> [2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) < %systemdrive%\IASTORV.SYS /md5 /s > iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\System32\drivers\iaStorV.sys -> [2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys -> [2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys -> [2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=C957BF4B5D80B46C5017BF0101E6C906 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys -> [2006/11/02 09:51:25 | 00,232,040 | ---- | M] (Intel Corporation) < %systemdrive%\NETLOGON.DLL /md5 /s > netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\System32\netlogon.dll -> [2009/04/11 06:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll -> [2009/04/11 06:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll -> [2008/01/21 02:24:05 | 00,592,384 | ---- | M] (Microsoft Corporation) < %systemdrive%\NVSTOR.SYS /md5 /s > nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys -> [2006/11/02 09:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\System32\drivers\nvstor.sys -> [2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys -> [2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys -> [2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) < %systemdrive%\SCECLI.DLL /md5 /s > scecli.dll : MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll -> [2008/01/21 02:24:50 | 00,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\System32\scecli.dll -> [2009/04/11 06:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll -> [2009/04/11 06:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) < MD5 Scans End> < %systemroot%\*. /mp /s > < c:\$recycle.bin\*.* /s > desktop.ini -> c:\$recycle.bin\S-1-5-20\desktop.ini -> [2009/09/17 02:06:38 | 00,000,129 | -HS- | M] () $IL076RF.exe -> c:\$recycle.bin\S-1-5-21-2919209743-3810618005-1679405863-1000\$IL076RF.exe -> [2010/01/20 18:17:34 | 00,000,544 | ---- | M] () $RL076RF.exe -> c:\$recycle.bin\S-1-5-21-2919209743-3810618005-1679405863-1000\$RL076RF.exe -> [2009/04/06 13:01:23 | 06,237,728 | ---- | M] () desktop.ini -> c:\$recycle.bin\S-1-5-21-2919209743-3810618005-1679405863-1000\desktop.ini -> [2008/09/28 17:19:54 | 00,000,129 | -HS- | M] () OTS cannot create restorepoints on Vista OSs! [Alternate Data Streams] @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > [/code]