[code]
OTScanIt2 logfile created on: 3/27/2009 12:37:00 PM - Run 3
OTScanIt2 by OldTimer - Version 1.0.9.1 Folder = C:\Users\Shannon\OTScanIt2
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.98 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 44.83% Memory free
4.00 Gb Paging File | 2.41 Gb Available in Paging File | 60.30% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.89 Gb Total Space | 304.57 Gb Free Space | 66.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 9.87 Gb Total Space | 0.01 Gb Free Space | 0.06% Space Free | Partition Type: NTFS
Drive I: | 195.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: MAIN-PC
Current User Name: Shannon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
a.exe -> %SystemDrive%\Users\Allan\AppData\Local\Temp\a.exe -> [2009/01/20 11:36:19 | 00,081,924 | ---- | M] ()
alertservice.exe -> %ProgramFiles%\Intel\IntelDH\CCU\AlertService.exe -> [2006/11/18 11:01:26 | 00,195,032 | ---- | M] (Intel(R) Corporation)
bcmwltry.exe -> %SystemRoot%\System32\bcmwltry.exe -> [2006/10/24 16:40:54 | 01,601,536 | ---- | M] (Broadcom Corporation)
bigfix.exe -> %ProgramFiles%\BigFix\bigfix.exe -> [2006/11/16 20:04:58 | 02,348,584 | ---- | M] (BigFix Inc.)
blsloader.exe -> %ProgramFiles%\ATT Internet Tools\blsloader.exe -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
blsloader.exe -> %ProgramFiles%\ATT Internet Tools\blsloader.exe -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
catchme.exe -> %UserProfile%\OTScanIt2\CatchMe.exe -> [2007/11/27 15:14:50 | 00,140,288 | ---- | M] ()
ccu_engine.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_Engine.exe -> [2006/11/18 11:01:32 | 00,272,856 | ---- | M] (Intel(R) Corporation)
ccu_engine.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_Engine.exe -> [2006/11/18 11:01:32 | 00,272,856 | ---- | M] (Intel(R) Corporation)
ccu_trayicon.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
ccu_trayicon.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
dqlwinservice.exe -> %CommonProgramFiles%\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -> [2006/10/29 13:03:30 | 00,208,896 | ---- | M] ()
dvzincmsgr.exe -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> [2009/01/20 21:49:53 | 00,028,672 | ---- | M] (DataViz, Inc.)
dvzincmsgr.exe -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> [2009/01/20 21:49:53 | 00,028,672 | ---- | M] (DataViz, Inc.)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
hotsync.exe -> %ProgramFiles%\palmOne\Hotsync.exe -> [2004/06/09 15:16:08 | 00,471,040 | ---- | M] (PalmSource, Inc)
hotsync.exe -> %ProgramFiles%\palmOne\Hotsync.exe -> [2004/06/09 15:16:08 | 00,471,040 | ---- | M] (PalmSource, Inc)
ieuser.exe -> %ProgramFiles%\Internet Explorer\ieuser.exe -> [2008/01/19 03:33:12 | 00,299,520 | ---- | M] (Microsoft Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/01/19 03:33:12 | 00,625,664 | ---- | M] (Microsoft Corporation)
intelhctagent.exe -> %CommonProgramFiles%\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe -> [2006/09/26 14:56:00 | 00,423,424 | ---- | M] (Intel Corporation)
issm.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -> [2006/11/18 10:59:38 | 00,081,880 | ---- | M] (Intel(R) Corporation)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvprcsrv.exe -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/07/26 12:25:36 | 00,150,040 | ---- | M] (Logitech Inc.)
mclserviceatl.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -> [2006/11/18 11:00:06 | 00,174,552 | ---- | M] (Intel(R) Corporation)
mediaserver.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -> [2006/11/18 10:59:02 | 00,032,216 | ---- | M] ()
mobsync.exe -> %SystemRoot%\System32\mobsync.exe -> [2008/01/19 03:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation)
mobsync.exe -> %SystemRoot%\System32\mobsync.exe -> [2008/01/19 03:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation)
nvvsvc.exe -> %SystemRoot%\system32\nvvsvc.exe -> [2008/09/18 03:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\OTScanIt2\OTScanIt2.exe -> [2009/03/27 10:59:42 | 00,492,544 | ---- | M] (OldTimer Tools)
pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
pcctlcom.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/03 23:38:58 | 01,922,576 | ---- | M] (Trend Micro Inc.)
pcscnsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/29 02:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
remote ui service.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -> [2006/11/18 11:00:48 | 00,550,872 | ---- | M] (Intel(R) Corporation)
sttray.exe -> %SystemRoot%\sttray.exe -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
sttray.exe -> %SystemRoot%\sttray.exe -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
tmntsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/12/29 02:53:14 | 00,480,784 | ---- | M] (Trend Micro Inc.)
tmpfw.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/29 02:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
tmproxy.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/29 02:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [2008/08/03 19:02:20 | 00,036,352 | ---- | M] ()
wltray.exe -> %SystemRoot%\System32\WLTRAY.EXE -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
wltray.exe -> %SystemRoot%\System32\WLTRAY.EXE -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
wltrysvc.exe -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/10/24 16:40:54 | 00,024,064 | ---- | M] ()
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/01/19 03:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation)
wudfhost.exe -> %SystemRoot%\system32\WUDFHost.exe -> [2008/01/19 03:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation)
xaudio.exe -> %SystemRoot%\system32\DRIVERS\xaudio.exe -> [2006/10/26 14:44:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.)
[Win32 Services - Safe List]
(AlertService) Intel(R) Alert Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\CCU\AlertService.exe -> [2006/11/18 11:01:26 | 00,195,032 | ---- | M] (Intel(R) Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/01/05 07:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation)
(DQLWinService) DQLWinService [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -> [2006/10/29 13:03:30 | 00,208,896 | ---- | M] ()
(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehRecvr.exe -> [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehsched.exe -> [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation)
(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> %SystemRoot%\ehome\ehstart.dll -> [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/01/05 07:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation)
(GoogleDesktopManager-061008-081103) Google Desktop Manager 5.7.806.10245 [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
(hpqcxs08) hpqcxs08 [Win32_Shared | On_Demand | Running] -> %ProgramFiles%\HP\Digital Imaging\bin\hpqcxs08.dll -> [2007/01/03 02:46:54 | 00,225,280 | ---- | M] (Hewlett-Packard Co.)
(hpqddsvc) HP CUE DeviceDiscovery Service [Win32_Shared | Auto | Running] -> %ProgramFiles%\HP\Digital Imaging\bin\hpqddsvc.dll -> [2006/12/11 03:29:24 | 00,131,072 | ---- | M] (Hewlett-Packard Co.)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/01/05 07:21:39 | 00,864,256 | ---- | M] (Microsoft Corporation)
(ISSM) Intel(R) Software Services Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -> [2006/11/18 10:59:38 | 00,081,880 | ---- | M] (Intel(R) Corporation)
(LVCOMSer) LVCOMSer [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
(LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/07/26 12:25:36 | 00,150,040 | ---- | M] (Logitech Inc.)
(M1 Server) Intel(R) Viiv(TM) Media Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -> [2006/11/18 10:59:02 | 00,032,216 | ---- | M] ()
(MCLServiceATL) Intel(R) Application Tracker [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -> [2006/11/18 11:00:06 | 00,174,552 | ---- | M] (Intel(R) Corporation)
(Net Driver HPZ12) Net Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZinw12.dll -> [2006/11/08 20:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/01/05 07:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation)
(nvsvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvvsvc.exe -> [2008/09/18 03:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 07:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 18:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/03 23:38:58 | 01,922,576 | ---- | M] (Trend Micro Inc.)
(PcScnSrv) Trend Micro Protection Against Spyware [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/29 02:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZipm12.dll -> [2006/11/08 20:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard)
(Remote UI Service) Intel(R) Remoting Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -> [2006/11/18 11:00:48 | 00,550,872 | ---- | M] (Intel(R) Corporation)
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/12/29 02:53:14 | 00,480,784 | ---- | M] (Trend Micro Inc.)
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/29 02:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/29 02:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
(WinDefend) Windows Defender [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\Windows Defender\mpsvc.dll -> [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation)
(wltrysvc) Broadcom Wireless LAN Tray Service [Win32_Own | Auto | Running] -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/10/24 16:40:54 | 00,024,064 | ---- | M] ()
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation)
(XAudioService) XAudioService [Win32_Own | Auto | Running] -> %SystemRoot%\system32\DRIVERS\xaudio.exe -> [2006/10/26 14:44:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.)
[Driver Services - Safe List]
(ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ac97intc.sys -> [2006/11/02 03:36:49 | 00,108,032 | ---- | M] (Intel Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adp94xx.sys -> [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpahci.sys -> [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu160m.sys -> [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu320.sys -> [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\djsvs.sys -> [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2006/11/02 05:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.)
(arc) arc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arc.sys -> [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arcsas.sys -> [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(AVMNgBasM780) AVerMedia M780 Base Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerBas.sys -> [2006/12/10 19:42:34 | 00,051,584 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(AVMNgCapM780) AVerMedia M780 Audio/Video Capture Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerCap.sys -> [2006/12/10 19:42:44 | 00,364,544 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(AVMNgTunM780) AVerMedia M780 TVTuner Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerTun.sys -> [2006/12/10 19:42:58 | 00,162,304 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bcmwl6.sys -> [2006/10/24 15:40:28 | 00,532,992 | ---- | M] (Broadcom Corporation)
(BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\bcmwl6.sys -> [2006/10/24 15:40:28 | 00,532,992 | ---- | M] (Broadcom Corporation)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bcm4sbxp.sys -> [2006/11/02 03:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltlo.sys -> [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltup.sys -> [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserid.sys -> [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserwdm.sys -> [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brusbmdm.sys -> [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brusbser.sys -> [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.)
(BVRPMPR5) BVRPMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BVRPMPR5.SYS -> [2007/05/23 17:26:34 | 00,049,904 | R--- | M] (Avanquest Software)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2006/11/02 05:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\e1e6032.sys -> [2006/11/16 14:10:44 | 00,214,912 | ---- | M] (Intel Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\E1G60I32.sys -> [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\elxstor.sys -> [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex)
(HECI) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HECI.sys -> [2006/10/30 20:53:32 | 00,044,416 | ---- | M] (Intel Corporation)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\hpcisss.sys -> [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_DPV.sys -> [2006/10/26 14:44:38 | 00,986,624 | ---- | M] (Conexant Systems, Inc.)
(HSXHWBS2) HSXHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSXHWBS2.sys -> [2006/10/26 14:44:36 | 00,258,048 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\ialmnt5.sys -> [2006/11/02 03:36:45 | 01,302,492 | ---- | M] (Intel Corporation)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iastorv.sys -> [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iirsp.sys -> [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(IntelDH) IntelDH Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\IntelDH.sys -> [2008/12/24 14:02:54 | 00,005,504 | ---- | M] (Intel Corporation)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteatapi.sys -> [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteraid.sys -> [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_fc.sys -> [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_sas.sys -> [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_scsi.sys -> [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic)
(LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LVPr2Mon.sys -> [2008/07/26 12:25:02 | 00,025,624 | ---- | M] ()
(LVRS) Logitech RightSound Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\lvrs.sys -> [2008/07/26 11:25:46 | 00,627,864 | ---- | M] (Logitech Inc.)
(LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\lvusbsta.sys -> [2008/07/26 11:26:20 | 00,041,752 | ---- | M] (Logitech Inc.)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> [2006/10/26 14:44:40 | 00,012,672 | ---- | M] (Conexant)
(megasas) megasas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\megasas.sys -> [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation)
(NETw2v32) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\NETw2v32.sys -> [2006/11/02 03:30:56 | 02,589,184 | ---- | M] (Intel® Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nfrd960.sys -> [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation)
(nmsgopro) GoProto Protocol Driver for NMS [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\nmsgopro.sys -> [2006/09/27 20:37:24 | 00,028,672 | --S- | M] (Gteko Ltd.)
(nmsunidr) UniDriver for NMS [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\nmsunidr.sys -> [2006/10/19 19:49:48 | 00,007,424 | --S- | M] (Gteko Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ntrigdigi.sys -> [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies)
(nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nvlddmkm.sys -> [2008/09/18 03:55:00 | 07,379,872 | ---- | M] (NVIDIA Corporation)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvraid.sys -> [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvstor.sys -> [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation)
(PalmUSBD) PalmUSBD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PalmUSBD.sys -> [2009/01/19 21:18:03 | 00,016,694 | ---- | M] (PalmSource, Inc.)
(pepifilter) Volume Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\lv302af.sys -> [2006/12/15 01:36:25 | 00,014,240 | ---- | M] (Logitech Inc.)
(PID_PEPI) Logitech QuickCam IM(PID_PEPI) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LV302V32.SYS -> [2008/07/26 11:22:32 | 02,570,520 | ---- | M] (Logitech Inc.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql2300.sys -> [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql40xx.sys -> [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation)
(secdrv) Security Driver [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\secdrv.sys -> [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid2.sys -> [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid4.sys -> [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\stwrt.sys -> [2006/11/22 18:56:52 | 00,647,680 | ---- | M] (SigmaTel, Inc.)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic)
(tmcfw) Trend Micro Common Firewall Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\TM_CFW.sys -> [2006/12/29 02:53:52 | 00,288,848 | ---- | M] (Trend Micro Inc.)
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmcomm.sys -> [2007/12/24 21:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.)
(tmmbd) Trend Micro MBD Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tm_mbd_c.sys -> [2006/12/29 02:53:52 | 00,111,888 | ---- | M] (Trend Micro Inc.)
(tmpreflt) tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmpreflt.sys -> [2008/11/26 21:42:40 | 00,036,368 | ---- | M] (Trend Micro Inc.)
(tmtdi) Trend Micro TDI Driver [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\tmtdi.sys -> [2006/12/29 02:53:52 | 00,075,088 | ---- | M] (Trend Micro Incorporated.)
(tmxpflt) tmxpflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmxpflt.sys -> [2008/11/26 21:42:42 | 00,205,328 | ---- | M] (Trend Micro Inc.)
(TSHWMDTCP) TSHWMDTCP [File_System | On_Demand | Stopped] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -> [2006/11/18 11:01:08 | 00,018,904 | ---- | M] ()
(uliahci) uliahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\uliahci.sys -> [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata.sys -> [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata2.sys -> [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/01/19 01:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\viaide.sys -> [2006/11/02 05:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.)
(vsapint) vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\vsapint.sys -> [2008/11/26 21:39:56 | 01,195,384 | ---- | M] (Trend Micro Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\vsmraid.sys -> [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(VSTHWBS2) VSTHWBS2 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\VSTBS23.SYS -> [2006/11/02 03:41:53 | 00,251,904 | ---- | M] (Conexant Systems, Inc.)
(VST_DPV) VST_DPV [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\VSTDPV3.SYS -> [2006/11/02 03:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_CNXT.sys -> [2006/10/26 14:44:38 | 00,659,968 | ---- | M] (Conexant Systems, Inc.)
(XAudio) XAudio [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\xaudio.sys -> [2006/10/26 14:44:40 | 00,008,192 | ---- | M] (Conexant Systems, Inc.)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" ->
http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" ->
http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" ->
http://www.gateway.com/g/sidepanel.html ... &M=GM5454E ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Main\\"Start Page" ->
http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: SearchURL\\"FindProvidersURL" ->
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> <local> ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\Hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/23 00:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated)
{15C9938F-CB96-496D-800A-B827F2E34EA1} [HKLM] -> %ProgramFiles%\ATT Internet Tools\blspc.dll [BlspcHlpr Class] -> [2009/03/17 10:04:12 | 01,437,696 | ---- | M] (AT&T Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> [2008/12/24 14:24:27 | 00,501,384 | ---- | M] (Sun Microsystems, Inc.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> %SystemDrive%\google\BAE.dll [CBrowserHelperObject Object] -> [2006/02/01 06:54:30 | 00,094,208 | ---- | M] (Gateway Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 02:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"BigFix" -> %ProgramFiles%\Bigfix\bigfix.exe [c:\program files\Bigfix\bigfix.exe /atstartup] -> [2006/11/16 20:04:58 | 02,348,584 | ---- | M] (BigFix Inc.)
"blspcloader" -> %ProgramFiles%\ATT Internet Tools\blsloader.exe [C:\Program Files\ATT Internet Tools\blsloader.exe] -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
"Broadcom Wireless Manager UI" -> %SystemRoot%\system32\WLTRAY.exe [C:\Windows\system32\WLTRAY.exe] -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
"CCUTRAYICON" -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe [C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe] -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
"Google Desktop Search" -> ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> File not found
"NMSSupport" -> ["C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup] -> File not found
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/09/18 03:55:00 | 13,580,832 | ---- | M] (NVIDIA Corporation)
"pccguide.exe" -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe ["C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"] -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
"RecoverFromReboot" -> %SystemRoot%\Temp\RecoverFromReboot.exe SECURITY 2007\PCCGUIDE.EXE [C:\Windows\Temp\RecoverFromReboot.exe SECURITY 2007\PCCGUIDE.EXE] -> File not found
"SigmatelSysTrayApp" -> %SystemRoot%\sttray.exe [sttray.exe] -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
"WinampAgent" -> %ProgramFiles%\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/08/03 19:02:20 | 00,036,352 | ---- | M] ()
"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ehTray.exe" -> %SystemRoot%\ehome\ehTray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> %SystemRoot%\system32\oobefldr.DLL [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/19 03:36:02 | 02,153,472 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"FlashPlayerUpdate" -> %SystemRoot%\system32\Macromed\Flash\FlashUtil10a.exe [C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe] -> [2008/10/04 23:16:26 | 00,235,936 | R--- | M] (Adobe Systems, Inc.)
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [2] -> File not found
\\"ConsentPromptBehaviorUser" -> [1] -> File not found
\\"EnableInstallerDetection" -> [1] -> File not found
\\"EnableLUA" -> [1] -> File not found
\\"EnableSecureUIAPaths" -> [1] -> File not found
\\"EnableVirtualization" -> [1] -> File not found
\\"PromptOnSecureDesktop" -> [1] -> File not found
\\"ValidateAdminCodeSignatures" -> [0] -> File not found
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"scforceoption" -> [0] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"FilterAdministratorToken" -> [0] -> File not found
\\"EnableUIADesktopToggle" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/10/18 22:30:22 | 17,931,616 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [Menu: Sun Java Console] -> [2008/12/24 14:24:27 | 00,501,384 | ---- | M] (Sun Microsystems, Inc.)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/12/13 06:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/12/13 06:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/27 00:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage ->
http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3 domain(s) found. ->
att.net .[http] -> Trusted sites ->
att.net .[https] -> Trusted sites ->
sbcglobal.net .[https] -> Trusted sites ->
clientapps_yahoo.com [http] -> Trusted sites ->
clientapps_yahoo.com [https] -> Trusted sites ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. ->
GD [:Range = 127.0.0.1] -> http = Local intranet | ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] ->
http://office.microsoft.com/templates/ieawsdc.cab [Microsoft Office Template and Media Control] ->
{0742B9EF-8C83-41CA-BFBA-830A59E23533} [HKLM] ->
https://support.microsoft.com/OAS/ActiveX/MSDcode.cab [Microsoft Data Collection Control] ->
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] ->
http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab [Reg Error: Key error.] ->
{48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] ->
http://lads.myspace.com/upload/MySpaceUploader1006.cab [MySpace Uploader Control] ->
{549F957E-2F89-11D6-8CFE-00C04F52B225} [HKLM] ->
http://couponmom.coupons.smartsource.co ... scmv5X.cab [CMV5 Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] ->
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] ->
http://fpdownload.macromedia.com/get/fl ... rashim.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [HKLM] ->
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] ->
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{4D86D2A2-ABE3-4855-828A-599B29196074} -> (Broadcom 802.11g Network Adapter) ->
{756DD2F0-8FD3-4A5E-AACB-0650CB30F878} -> (Intel(R) 82562V 10/100 Network Connection) ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> [2008/12/25 11:58:32 | 00,113,664 | ---- | M] (Google)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/19 01:49:51 | 00,067,072 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [2006/09/18 17:43:36 | 00,000,024 | ---- | M] ()
H:\Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> H:\Autorun.inf [ NTFS ] -> [2004/04/30 20:01:00 | 00,000,053 | -HS- | M] ()
I:\autorun.apm [-Ãï= | ] -> I:\autorun.apm [ CDFS ] -> [2002/12/05 03:20:45 | 00,039,556 | R--- | M] ()
I:\autorun.exe [MZ | ] -> I:\autorun.exe [ CDFS ] -> [2001/09/04 13:00:07 | 00,536,576 | R--- | M] (Indigo Rose Corporation)
I:\autorun.inf [[AutoRun] | OPEN=autorun.exe | ] -> I:\autorun.inf [ CDFS ] -> [2002/12/05 03:20:51 | 00,000,029 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\AutoRun\command
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\AutoRun\command\\"" -> I:\autorun.exe [I:\autorun.exe] -> [2001/09/04 13:00:07 | 00,536,576 | R--- | M] (Indigo Rose Corporation)
\{b637d14a-ebbf-11dd-a409-0019d1550b35}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b637d14a-ebbf-11dd-a409-0019d1550b35}\shell\AutoRun\command
\{b637d14a-ebbf-11dd-a409-0019d1550b35}\shell\AutoRun\command\\"" -> J:\Installer.exe [J:\Installer.exe] -> File not found