Hi Jimmy
Thanks again for your reply!
I have installed the Comodo firewall as recommended
.
I used the p2p program to download Open Office last week (although i havnt had time to install it yet), that is all it has been used for. Is it safe to keep it installed for further versions of the program? I am also considering installing linux on my PC, is it safe to download linux using a torrent?
Below are the 2 logs from OTViewIt. I will post the first log (OTViewIt.txt) in this post, and then the Extras.txt in another, as you recommended:
OTViewIt.txtOTViewIt logfile created on: 28/08/2008 18:58:11 - Run 1
OTViewIt by OldTimer - Version 1.0.0.15 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.94 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 74.60% Memory free
2.45 Gb Paging File | 2.05 Gb Available in Paging File | 83.65% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.63 Gb Total Space | 2.73 Gb Free Space | 3.92% Space Free | Partition Type: NTFS
Drive D: | 4.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 133.06 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 399.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 0.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: DANPC
Current User Name: Dan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
===== Processes - Non-Microsoft Only =====
[01/19/2005 12:01 PM | 00,065,536 | ---- | M] () - C:\WINDOWS\system32\wltrysvc.exe
[01/29/2005 03:09 AM | 00,876,649 | ---- | M] (BT Voyager Corporation) - C:\WINDOWS\system32\bcmwltry.exe
[07/19/2008 03:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[07/19/2008 03:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
[10/31/2007 03:09 PM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[04/06/2005 05:03 PM | 00,110,592 | ---- | M] () - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
[02/23/2006 07:09 PM | 00,266,338 | ---- | M] () - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
[08/28/2008 06:47 PM | 00,519,936 | ---- | M] () - C:\Program Files\COMODO\Firewall\cmdagent.exe
[02/23/2006 07:08 PM | 01,073,152 | ---- | M] (Cyberlink) - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
[10/20/2005 01:15 PM | 00,090,112 | ---- | M] () - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
[02/23/2006 07:09 PM | 00,114,784 | ---- | M] () - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
[07/19/2008 03:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[07/23/2008 03:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[10/04/2004 08:03 PM | 00,310,272 | ---- | M] () - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe
[09/15/2005 04:05 AM | 00,344,064 | ---- | M] (ATI Technologies, Inc.) - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[01/29/2005 03:09 AM | 00,696,422 | ---- | M] (BT Voyager Corporation) - C:\WINDOWS\system32\wltray.exe
[07/19/2008 03:38 PM | 00,078,008 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[08/28/2008 06:46 PM | 01,655,552 | ---- | M] () - C:\Program Files\COMODO\Firewall\cfp.exe
[08/29/2003 08:05 PM | 00,360,448 | ---- | M] () - C:\Program Files\SpywareGuard\sgmain.exe
[08/29/2003 12:14 PM | 00,233,472 | ---- | M] () - C:\Program Files\SpywareGuard\sgbhp.exe
===== Win32 Services - Non-Microsoft Only =====
(Adobe LM Service) Adobe LM Service [On_Demand | Stopped]
[01/22/2007 09:13 AM | 00,072,704 | ---- | M] (Adobe Systems) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
(Apple Mobile Device) Apple Mobile Device [Auto | Running]
[10/31/2007 03:09 PM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(aswUpdSv) avast! iAVS4 Control Service [Auto | Running]
[07/19/2008 03:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(ATI Smart) ATI Smart [Auto | Stopped]
[09/15/2005 04:05 AM | 00,516,096 | ---- | M] () - C:\WINDOWS\system32\ati2sgag.exe
(avast! Antivirus) avast! Antivirus [Auto | Running]
[07/19/2008 03:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running]
[07/19/2008 03:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running]
[07/23/2008 03:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(BlueSoleil Hid Service) BlueSoleil Hid Service [Auto | Running]
[04/06/2005 05:03 PM | 00,110,592 | ---- | M] () - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(CLCapSvc) CyberLink Background Capture Service (CBCS) [Auto | Running]
[02/23/2006 07:09 PM | 00,266,338 | ---- | M] () - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
(CLSched) CyberLink Task Scheduler (CTS) [Auto | Running]
[02/23/2006 07:09 PM | 00,114,784 | ---- | M] () - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
(cmdAgent) COMODO Firewall Pro Helper Service [Auto | Running]
[08/28/2008 06:47 PM | 00,519,936 | ---- | M] () - C:\Program Files\COMODO\Firewall\cmdagent.exe
(CyberLink Media Library Service) CyberLink Media Library Service [Auto | Running]
[02/23/2006 07:08 PM | 01,073,152 | ---- | M] (Cyberlink) - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
(USBDeviceService) USBDeviceService [Auto | Running]
[10/20/2005 01:15 PM | 00,090,112 | ---- | M] () - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
(wltrysvc) Broadcom Wireless LAN Tray Service [Auto | Running]
[01/19/2005 12:01 PM | 00,065,536 | ---- | M] () - C:\WINDOWS\system32\wltrysvc.exe
===== Driver Services - Non-Microsoft Only =====
(Aavmker4) avast! Asynchronous Virus Monitor [System | Running]
[07/19/2008 03:32 PM | 00,026,944 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aavmker4.sys
(ASCTRM) ASCTRM [Auto | Running]
[08/27/2006 09:28 PM | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) - C:\WINDOWS\System32\drivers\asctrm.sys
(aswFsBlk) aswFsBlk [Auto | Running]
[07/19/2008 03:37 PM | 00,020,560 | ---- | M] (ALWIL Software) - C:\WINDOWS\system32\drivers\aswFsBlk.sys
(aswMon2) avast! Standard Shield Support [Auto | Running]
[07/19/2008 03:37 PM | 00,094,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswmon2.sys
(aswRdr) aswRdr [On_Demand | Running]
[07/19/2008 03:33 PM | 00,023,152 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswRdr.sys
(aswSP) avast! Self Protection [System | Running]
[07/19/2008 03:35 PM | 00,078,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswSP.sys
(aswTdi) avast! Network Shield Support [System | Running]
[07/19/2008 03:32 PM | 00,042,912 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswTdi.sys
(atapi) Standard IDE/ESDI Hard Disk Controller [Boot | Running]
[02/28/2006 01:00 PM | 00,095,360 | ---- | M] () - C:\WINDOWS\system32\drivers\atapi.sys
(BCM43XX) BCM 802.11g Network Adapter Driver [On_Demand | Stopped]
[01/12/2003 01:25 PM | 00,163,712 | R--- | M] (Belkin Corporation) - C:\WINDOWS\system32\drivers\BCMWL5.SYS
(BlueletAudio) Bluetooth Audio Service [On_Demand | Running]
[05/31/2005 04:40 PM | 00,020,480 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\blueletaudio.sys
(BT) Bluetooth PAN Network Adapter [On_Demand | Stopped]
[04/30/2005 03:48 PM | 00,010,804 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\BtNetDrv.sys
(Btcsrusb) Bluetooth USB For Bluetooth Service [On_Demand | Stopped]
[05/31/2005 10:42 AM | 00,023,000 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\btcusb.sys
(BTHidEnum) Bluetooth HID Enumerator [On_Demand | Running]
[04/30/2005 03:50 PM | 00,011,860 | ---- | M] () - C:\WINDOWS\system32\drivers\vbtenum.sys
(BTHidMgr) Bluetooth HID Manager Service [Boot | Running]
[04/30/2005 03:50 PM | 00,028,271 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\BTHidMgr.sys
(catchme) catchme [On_Demand | Stopped]
File not found - C:\DOCUME~1\Dan\LOCALS~1\Temp\catchme.sys
(d346bus) d346bus [Boot | Running]
[03/12/2004 11:41 PM | 00,156,800 | ---- | M] ( ) - C:\WINDOWS\system32\drivers\d346bus.sys
(d346prt) d346prt [Boot | Running]
[03/12/2004 11:41 PM | 00,005,248 | ---- | M] ( ) - C:\WINDOWS\system32\drivers\d346prt.sys
(LHidUsbK) Logitech SetPoint USB Receiver device driver [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\Drivers\LHidUsbK.Sys
(libusb0) LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120 [On_Demand | Running]
[05/11/2007 12:12 AM | 00,029,184 | ---- | M] (
http://libusb-win32.sourceforge.net) - C:\WINDOWS\system32\drivers\libusb0.sys
(LMouKE) Logitech SetPoint Mouse Filter Driver [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\Drivers\LMouKE.sys
(MxlW2k) MxlW2k [On_Demand | Running]
[08/23/2007 05:26 PM | 00,028,352 | ---- | M] (MusicMatch, Inc.) - C:\WINDOWS\System32\drivers\MxlW2k.sys
(Pcouffin) Low level access layer for CD devices [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\Drivers\Pcouffin.sys
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [On_Demand | Running]
[02/27/2006 12:46 PM | 00,081,408 | ---- | M] (Realtek Semiconductor Corporation ) - C:\WINDOWS\system32\drivers\Rtnicxp.sys
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [On_Demand | Stopped]
[08/03/2004 11:31 PM | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) - C:\WINDOWS\system32\drivers\RTL8139.sys
(SE27bus) Sony Ericsson Device 039 Driver driver (WDM) [On_Demand | Stopped]
[09/18/2006 04:58 PM | 00,061,600 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\SE27bus.sys
(SE27mdfl) Sony Ericsson Device 039 USB WMC Modem Filter [On_Demand | Stopped]
[09/18/2006 04:58 PM | 00,009,360 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\SE27mdfl.sys
(SE27mdm) Sony Ericsson Device 039 USB WMC Modem Driver [On_Demand | Stopped]
[09/18/2006 04:58 PM | 00,097,184 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\SE27mdm.sys
(SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) [On_Demand | Stopped]
[09/18/2006 04:58 PM | 00,088,688 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\SE27mgmt.sys
(se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) [On_Demand | Stopped]
[09/18/2006 04:59 PM | 00,018,704 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\se27nd5.sys
(SE27obex) Sony Ericsson Device 039 USB WMC OBEX Interface [On_Demand | Stopped]
[09/18/2006 04:59 PM | 00,086,560 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\SE27obex.sys
(se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) [On_Demand | Stopped]
[09/18/2006 04:59 PM | 00,090,800 | R--- | M] (MCCI) - C:\WINDOWS\system32\drivers\se27unic.sys
(SNP325) USB PC Camera (SNPSTD325) [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\snp325.sys
(USBAAPL) Apple Mobile USB Driver [On_Demand | Stopped]
[10/31/2007 03:09 PM | 00,030,464 | ---- | M] (Apple, Inc.) - C:\WINDOWS\system32\drivers\usbaapl.sys
(VComm) Virtual Serial port driver [On_Demand | Running]
[10/19/2004 02:37 PM | 00,061,312 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\VComm.sys
(VcommMgr) Bluetooth VComm Manager Service [On_Demand | Running]
[03/25/2005 06:18 PM | 00,082,148 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\VcommMgr.sys
(VHidMinidrv) Bluetooth HID Device Service [On_Demand | Running]
[04/30/2005 03:50 PM | 00,011,736 | ---- | M] (IVT Corporation) - C:\WINDOWS\system32\drivers\VHIDMini.sys
(wanatw) WAN Miniport (ATW) [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\wanatw4.sys
===== Run Keys =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [09/15/2005 04:05 AM | 00,344,064 | ---- | M] (ATI Technologies, Inc.)
"avast!" = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [07/19/2008 03:38 PM | 00,078,008 | ---- | M] (ALWIL Software)
"bcmwltry" = bcmwltry.exe [01/29/2005 03:09 AM | 00,876,649 | ---- | M] (BT Voyager Corporation)
"COMODO Firewall Pro" = "C:\Program Files\COMODO\Firewall\cfp.exe" -h [08/28/2008 06:46 PM | 01,655,552 | ---- | M] ()
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [07/27/2004 11:50 PM | 00,221,184 | ---- | M] (InstallShield Software Corporation)
"ISUSScheduler" = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [07/27/2004 11:50 PM | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"PCMService" = "c:\APPS\Powercinema\PCMService.exe" [02/23/2006 07:08 PM | 00,147,456 | ---- | M] (CyberLink Corp.)
"QuickTime Task" = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)
"removecpl" = RemoveCpl.exe [01/15/2003 09:33 PM | 00,024,576 | ---- | M] ()
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"Vade Retro Outlook Express" = "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [10/04/2004 08:03 PM | 00,310,272 | ---- | M] ()
"wltray.exe" = C:\WINDOWS\system32\wltray.exe [01/29/2005 03:09 AM | 00,696,422 | ---- | M] (BT Voyager Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"µTorrent" = "C:\Program Files\uTorrent\utorrent.exe" [07/02/2006 05:29 PM | 00,174,163 | ---- | M] ()
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [01/15/2007 05:14 PM | 00,147,456 | ---- | M] (Nero AG)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.
===== Startup Folders =====
[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[Dan Startup Folder - C:\Documents and Settings\Dan\Start Menu\Programs\Startup]
[03/16/2005 08:16 PM | 00,113,664 | ---- | M] (Adobe Systems, Inc.) - C:\Documents and Settings\Dan\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[08/29/2003 08:05 PM | 00,360,448 | ---- | M] () - C:\Documents and Settings\Dan\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
===== BHO's =====
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (AcroIEHlprObj Class) - [12/14/2004 08:56 AM | 00,063,136 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
HKLM CLSID: (SpywareGuardDLBLOCK.CBrowserHelper) - [08/03/2003 12:24 AM | 00,192,512 | R--- | M] () C:\Program Files\SpywareGuard\dlprotect.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [02/22/2008 04:25 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
===== Toolbars =====
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{C4069E3A-68F1-403E-B40E-20066696354B}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - File not found Reg Error: Key does not exist or could not be opened.
===== Policies =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 0
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!
===== Desktop Components =====
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"
===== Shared Task Scheduler =====
===== AppInit_Dlls =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls]
" C:\WINDOWS\system32\guard32.dll" - [08/28/2008 06:47 PM | 00,143,104 | ---- | M] () C:\WINDOWS\system32\guard32.dll
===== Lsa Authentication Packages =====
===== Lsa Security Packages =====
===== Authorized Applications List =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [02/28/2006 01:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\network diagnostic\xpnetdiag.exe [10/10/2006 01:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe [01/19/2007 01:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe [01/04/2007 05:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [02/28/2006 01:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe File not found
"C:\APPS\Powercinema\PowerCinema.exe" = C:\APPS\Powercinema\PowerCinema.exe [02/23/2006 07:08 PM | 00,053,248 | ---- | M] (CyberLink Corp.)
"C:\APPS\Powercinema\PCMService.exe" = C:\APPS\Powercinema\PCMService.exe [02/23/2006 07:08 PM | 00,147,456 | ---- | M] (CyberLink Corp.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe File not found
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [06/06/2005 02:23 PM | 01,183,744 | ---- | M] (IVT Corporation)
"C:\Program Files\Yahoo!\Messenger\ypager.exe" = C:\Program Files\Yahoo!\Messenger\ypager.exe File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe [10/14/2004 12:24 AM | 01,694,208 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\network diagnostic\xpnetdiag.exe [10/10/2006 01:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe [07/02/2006 05:29 PM | 00,174,163 | ---- | M] ()
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe [01/19/2007 01:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe [01/04/2007 05:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe [07/02/2008 07:35 PM | 07,667,312 | ---- | M] (Mozilla Corporation)
"C:\Program Files\TVersity\Media Server\TVersity.exe" = C:\Program Files\TVersity\Media Server\TVersity.exe File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [10/27/2006 04:16 PM | 12,813,096 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [10/27/2006 04:37 PM | 00,338,216 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [10/27/2006 04:03 PM | 01,018,664 | ---- | M] (Microsoft Corporation)
"C:\Program Files\PSPHost\files\usbhostfs.exe" = C:\Program Files\PSPHost\files\usbhostfs.exe File not found
"C:\Documents and Settings\Dan\Desktop\usbhostfs_pc\usbhostfs_pc.exe" = C:\Documents and Settings\Dan\Desktop\usbhostfs_pc\usbhostfs_pc.exe File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe [02/28/2006 01:00 PM | 00,083,456 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe [02/28/2006 01:00 PM | 00,033,280 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe [07/24/2007 03:17 PM | 00,229,376 | ---- | M] (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe [06/02/2008 11:13 AM | 20,638,504 | ---- | M] (Apple Inc.)
===== HKLM Winlogon Settings =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [06/13/2007 11:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [02/28/2006 01:00 PM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [02/28/2006 01:00 PM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [02/28/2006 01:00 PM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
===== User's Winlogon Settings =====
===== Winlogon Notify Settings =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DllName" = C:\WINDOWS\system32\ati2evxx.dll [09/15/2005 05:53 PM | 00,046,080 | ---- | M] (ATI Technologies Inc.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
"DllName" = File not found
===== Safeboot Options =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe
===== Disabled MsConfig Items =====
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
"KService" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk File not found
"backup" = C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 11:44 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
"item" = Adobe Reader Speed Launch
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk File not found
"backup" = C:\WINDOWS\pss\AOL 9.0 T File not found
"location" = Common Startup
"command" = C:\PROGRA~1\AOL9~1.0\aoltray.exe File not found
"item" = AOL 9.0 Tray Icon
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk File not found
"backup" = C:\WINDOWS\pss\AOL Companion.lnk File not found
"location" = Common Startup
"command" = C:\PROGRA~1\AOLCOM~1\COMPAN~1.EXE File not found
"item" = AOL Companion
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk File not found
"backup" = C:\WINDOWS\pss\BlueSoleil.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [06/06/2005 02:23 PM | 01,183,744 | ---- | M] (IVT Corporation)
"item" = BlueSoleil
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk File not found
"backup" = C:\WINDOWS\pss\Logitech SetPoint.lnk File not found
"location" = Common Startup
"command" = C:\PROGRA~1\Logitech\SetPoint\KEM.exe File not found
"item" = Logitech SetPoint
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TV On-Demand Monitor.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TV On-Demand Monitor.lnk File not found
"backup" = C:\WINDOWS\pss\TV On-Demand Monitor.lnk File not found
"location" = Common Startup
"command" = C:\WINDOWS\Installer\{DF5F33C5-EC50-47A7-830C-1106DA120248}\_6F7BB4C7A76BE7E52EFDD6.exe File not found
"item" = TV On-Demand Monitor
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" =
"hkey" = HKLM
"command" =
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\4oD]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = KHost
"hkey" = HKLM
"command" = C:\Program Files\Kontiki\KHost.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AOL Spyware Protection]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = AOLSP Scheduler
"hkey" = HKLM
"command" = C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AOLDialer]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = AOLDial
"hkey" = HKLM
"command" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools-1033]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\daemon.dll [03/15/2004 08:28 PM | 00,069,120 | ---- | M] ()
"hkey" = HKLM
"command" = C:\Program Files\D-Tools\daemon.exe [03/12/2004 11:43 PM | 00,081,920 | ---- | M] (DAEMON'S HOME)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DetectorApp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DetectorApp
"hkey" = HKLM
"command" = C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [10/20/2005 01:15 PM | 00,102,400 | ---- | M] ()
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FixCamera]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\FixCamera.exe [02/12/2007 02:50 PM | 00,020,480 | ---- | M] ()
"hkey" = HKLM
"command" = C:\WINDOWS\FixCamera.exe [02/12/2007 02:50 PM | 00,020,480 | ---- | M] ()
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = GrooveMonitor
"hkey" = HKLM
"command" = C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [10/27/2006 01:47 AM | 00,031,016 | ---- | M] (Microsoft Corporation)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = iTunesHelper
"hkey" = HKLM
"command" = C:\Program Files\iTunes\iTunesHelper.exe [06/02/2008 11:13 AM | 00,267,048 | ---- | M] (Apple Inc.)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\kdx]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = KHost
"hkey" = HKCU
"command" = C:\Program Files\Kontiki\KHost.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lexmark 1200 Series]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = lxczbmgr
"hkey" = HKLM
"command" = C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Hardware Abstraction Layer]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = KHALMNPR
"hkey" = HKLM
"command" = KHALMNPR.EXE
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Muchobene]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = Muchobene
"hkey" = HKCU
"command" = C:\Program Files\Muchobene\Muchobene.exe [07/30/2008 01:52 AM | 00,651,264 | ---- | M] ()
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = NeroCheck
"hkey" = HKLM
"command" = C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [01/12/2006 04:40 PM | 00,155,648 | ---- | M] (Nero AG)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = QTTask
"hkey" = HKLM
"command" = C:\Program Files\QuickTime\QTTask.exe [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealTray]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = RealPlay
"hkey" = HKLM
"command" = C:\Program Files\Real\RealPlayer\realplay.exe [08/27/2006 09:28 PM | 00,026,112 | ---- | M] (RealNetworks, Inc.)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Recguard]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = RECGUARD
"hkey" = HKLM
"command" = C:\WINDOWS\SMINST\Recguard.exe [09/13/2002 09:42 PM | 00,212,992 | ---- | M] ()
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = Skype
"hkey" = HKCU
"command" = C:\Program Files\Skype\Phone\Skype.exe File not found
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony Ericsson PC Suite]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = Application Launcher
"hkey" = HKLM
"command" = C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [10/26/2005 06:17 PM | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\soundman.exe [03/01/2006 11:22 PM | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.)
"hkey" = HKLM
"command" = C:\WINDOWS\soundman.exe [03/01/2006 11:22 PM | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 2
"startup" = 2
===== DNS Name Servers =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{17A78830-D441-4939-8253-CEB4896A8F20}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{25EA5E44-24E3-41C2-BC05-E1CD43AF22CD}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{263C736D-A5CB-4479-8D8D-EDCF7040A4C0}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{2D4138DC-1B73-4C77-9E79-A210BD088ECB}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{38BC9C0D-4B88-496E-BA18-B5CFF022857F}]
Servers: | Description: Sony Ericsson Device 039 USB Ethernet Emulation (NDIS 5)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4703DF73-4DB2-42D2-A390-CB1BD41B658C}]
Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{62295252-E2A0-4571-8E78-64A127BA1FCE}]
Servers: | Description: BT Voyager 1055 Laptop Adapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{67161E81-F8DA-45D5-B1C3-4C448A206E24}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{8205D248-A8D8-4DBC-946B-2F127C9DFF09}]
Servers: | Description: Belkin 802.11g Network Adapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{AEA52C0D-7AD4-4CE7-9B60-786757B2378D}]
Servers: 192.168.1.1 | Description: BT Voyager 1055 Laptop Adapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{DAB66FCE-E171-426D-98E8-FE639283EBBE}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{FAD8D89F-A18E-4916-BD0D-90C02E5AEEC6}]
Servers: | Description:
===== CDRom AutoRun Settings =====
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
===== Autorun Files on Drives =====
AUTOEXEC.BAT []
[08/27/2006 08:32 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]
AUTORUN.INF [[autorun] | OPEN=SETUP.EXE /AUTORUN | ICON=SETUP.EXE,1 | | shell\configure=&Configure... | shell\configure\command=SETUP.EXE | | shell\install=&Install... | shell\install\command=SETUP.EXE | ]
[06/20/2003 01:00 PM | 00,000,184 | R--- | M] () E:\AUTORUN.INF [ CDFS ]
AUTORUN.INF [[autorun] | OPEN=SETUP.EXE /AUTORUN | ICON=SETUP.EXE,1 | | shell\configure=&Configure... | shell\configure\command=SETUP.EXE | | shell\install=&Install... | shell\install\command=SETUP.EXE | ]
[06/20/2003 01:00 PM | 00,000,184 | R--- | M] () J:\AUTORUN.INF [ CDFS ]
===== MountPoints2 =====
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c82-35ce-11db-ba55-0016ecbde158}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c82-35ce-11db-ba55-0016ecbde158}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c82-35ce-11db-ba55-0016ecbde158}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c83-35ce-11db-ba55-0016ecbde158}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c83-35ce-11db-ba55-0016ecbde158}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07d67c83-35ce-11db-ba55-0016ecbde158}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687c-c277-11db-8e8f-0011f5cd4812}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687c-c277-11db-8e8f-0011f5cd4812}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687c-c277-11db-8e8f-0011f5cd4812}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687d-c277-11db-8e8f-0011f5cd4812}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687d-c277-11db-8e8f-0011f5cd4812}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1945687d-c277-11db-8e8f-0011f5cd4812}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b07ef0c-2269-11dc-b79c-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b07ef0c-2269-11dc-b79c-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b07ef0c-2269-11dc-b79c-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25b5b3ae-192a-11dd-b98a-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25b5b3ae-192a-11dd-b98a-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25b5b3ae-192a-11dd-b98a-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c829ae4-a2e2-11db-8e45-0011f5cd4812}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c829ae4-a2e2-11db-8e45-0011f5cd4812}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c829ae4-a2e2-11db-8e45-0011f5cd4812}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ba76925-dae4-11db-b722-028037040300}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ba76925-dae4-11db-b722-028037040300}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ba76925-dae4-11db-b722-028037040300}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{829f80f8-e1b5-11dc-b90b-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{829f80f8-e1b5-11dc-b90b-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{829f80f8-e1b5-11dc-b90b-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b7cb176-944f-11db-8e11-000272b00026}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b7cb176-944f-11db-8e11-000272b00026}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b7cb176-944f-11db-8e11-000272b00026}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0a7b3bf-f119-11dc-b929-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0a7b3bf-f119-11dc-b929-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0a7b3bf-f119-11dc-b929-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa1c77ac-4334-11dc-b7d8-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa1c77ac-4334-11dc-b7d8-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa1c77ac-4334-11dc-b7d8-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df42de60-bbd2-11dc-b8b2-0016e3c5a9bb}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df42de60-bbd2-11dc-b8b2-0016e3c5a9bb}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df42de60-bbd2-11dc-b8b2-0016e3c5a9bb}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}
===== Hosts File =====
HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
[Files/Folders - Created Within 30 days]
[08/16/2008 03:02 PM | 00,000,232 | -H-- | C] () - C:\sqmdata12.sqm
[08/16/2008 03:02 PM | 00,000,244 | -H-- | C] () - C:\sqmnoopt12.sqm
[08/28/2008 06:47 PM | 00,143,104 | ---- | C] () - C:\WINDOWS\System32\guard32.dll
[08/26/2008 11:52 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34
[08/28/2008 06:47 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\comodo
[08/28/2008 06:47 PM | ---D | C] - C:\Documents and Settings\Dan\Application Data\Comodo
[08/16/2008 06:23 PM | 00,017,155 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\BA Resit.docx
[08/18/2008 01:18 PM | 00,010,288 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\eval model.xlsx
[08/18/2008 01:28 PM | ---D | C] - C:\Documents and Settings\Dan\My Documents\keyfinder.2.0.1
[08/18/2008 03:26 PM | 00,138,240 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\3.1-3.7.mpp
[08/18/2008 10:23 PM | 00,008,959 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\cashflow.xlsx
[08/18/2008 12:32 AM | ---D | C] - C:\Documents and Settings\Dan\My Documents\send to uni
[08/18/2008 12:53 PM | 00,064,512 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\Management_Decision_Support.doc
[08/19/2008 06:50 PM | 19,882,375 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\Milburn - Channel_M sessions rip.mp3
[08/19/2008 07:32 PM | 19,882,375 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\Copy of Milburn - Channel_M sessions rip.mp3
[08/19/2008 07:35 PM | 00,067,632 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\m sessions split.aup
[08/19/2008 07:35 PM | ---D | C] - C:\Documents and Settings\Dan\My Documents\m sessions split_data
[08/19/2008 07:39 PM | ---D | C] - C:\Documents and Settings\Dan\My Documents\m sessions
[08/19/2008 10:42 AM | 00,010,272 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\Book1.xlsx
[08/19/2008 12:54 AM | 14,324,776 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\Milburn - Rockworld_tv rip.mp3
[08/23/2008 02:12 PM | 00,018,173 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\LMT - NWHCE receipt.docx
[08/24/2008 01:27 AM | ---D | C] - C:\Documents and Settings\Dan\My Documents\Milburn
[08/24/2008 10:44 PM | 04,701,021 | ---- | C] () - C:\Documents and Settings\Dan\My Documents\ps3filer.zip
[08/26/2008 11:51 PM | 00,000,690 | ---- | C] () - C:\Documents and Settings\Dan\Desktop\SpywareBlaster.lnk
[Files/Folders - Modified Within 30 days]
[08/16/2008 03:02 PM | 00,000,232 | -H-- | M] () - C:\sqmdata12.sqm
[08/16/2008 03:02 PM | 00,000,244 | -H-- | M] () - C:\sqmnoopt12.sqm
[08/28/2008 06:47 PM | R--D | M] - C:\Program Files
[08/28/2008 06:50 PM | 20,797,72672 | -HS- | M] () - C:\hiberfil.sys
[08/28/2008 06:50 PM | ---D | M] - C:\WINDOWS
[5 C:\WINDOWS\System32\*.tmp files]
[08/01/2008 06:26 PM | 00,002,626 | ---- | M] () - C:\WINDOWS\System32\CONFIG.NT
[08/14/2008 06:41 PM | ---D | M] - C:\WINDOWS\System32\CatRoot
[08/17/2008 11:07 AM | 00,001,170 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
[08/18/2008 04:54 PM | RHSD | M] - C:\WINDOWS\System32\dllcache
[08/28/2008 06:47 PM | 00,143,104 | ---- | M] () - C:\WINDOWS\System32\guard32.dll
[08/28/2008 06:47 PM | ---D | M] - C:\WINDOWS\System32\drivers
[08/28/2008 09:18 AM | ---D | M] - C:\WINDOWS\System32\CatRoot2
[08/15/2008 10:55 AM | ---D | M] - C:\WINDOWS\ie7updates
[08/15/2008 10:58 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[08/15/2008 10:58 AM | -H-D | M] - C:\WINDOWS\$hf_mig$
[08/18/2008 01:42 PM | R-SD | M] - C:\WINDOWS\assembly
[08/18/2008 04:54 PM | ---D | M] - C:\WINDOWS\twain_32
[08/18/2008 04:54 PM | -H-D | M] - C:\WINDOWS\inf
[08/19/2008 08:08 AM | ---D | M] - C:\WINDOWS\system
[08/19/2008 08:10 AM | ---D | M] - C:\WINDOWS\SHELLNEW
[08/19/2008 08:11 AM | 00,000,748 | ---- | M] () - C:\WINDOWS\ODBC.INI
[08/19/2008 08:12 AM | -HSD | M] - C:\WINDOWS\Installer
[08/24/2008 01:31 AM | 00,007,168 | -HS- | M] () - C:\WINDOWS\Thumbs.db
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable
[08/24/2008 05:13 PM | 00,001,059 | ---- | M] () - C:\