Cannot Remove Alureon.ct Trojan [Solved]
Started by
speedcuber101
, Nov 24 2009 07:27 PM
This topic is locked
#46
Posted 09 December 2009 - 09:49 PM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
#47
Posted 10 December 2009 - 03:44 PM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Almost, doing the scan.
#48
Posted 10 December 2009 - 09:13 PM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Here is the Kaspersky log.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, December 10, 2009
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, December 10, 2009 20:36:53
Records in database: 3354140
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
Scan statistics:
Objects scanned: 235252
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 05:08:33
No threats found. Scanned area is clean.
Selected area has been scanned.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, December 10, 2009
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, December 10, 2009 20:36:53
Records in database: 3354140
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
Scan statistics:
Objects scanned: 235252
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 05:08:33
No threats found. Scanned area is clean.
Selected area has been scanned.
#49
Posted 11 December 2009 - 07:29 AM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
Hi,
Congratulations, your computer appears clean
Let's remove the tools we've been using.
Please follow these steps.
-- Step 1 --
Follow these steps to uninstall Combofix and tools used in the removal of malware
Here are some measures you can take to ensure that your computer remains clean.
1. Updates
Windows Updates
It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.
As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.
You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.
Other Updates
Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc
2. Security Programs
Here is a list of security programs that I would recommend.
Firewall
A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.
Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.
Antivirus
An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.
AVG
Avira Free
Avast
Anti-Malware
Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.
Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.
Prevention
SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.
Cleaner
ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.
Browser
Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
Congratulations, your computer appears clean
Let's remove the tools we've been using.
Please follow these steps.
-- Step 1 --
Follow these steps to uninstall Combofix and tools used in the removal of malware
- Click START then RUN
- Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
- Download OTC to your desktop and run it
- Click Yes to beginning the Cleanup process and remove these components, including this application.
- You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Here are some measures you can take to ensure that your computer remains clean.
1. Updates
Windows Updates
It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.
- Click Start
- Select Control Panel
- Click on Automatic (recommended)
- Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
- Click Apply then OK.
As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.
- Click Start
- Select Control Panel
- Select Add or Remove Programs
- Remove all Java updates except the latest one you have just installed.
You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.
Other Updates
Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc
2. Security Programs
Here is a list of security programs that I would recommend.
Firewall
A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.
Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.
Antivirus
An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.
AVG
Avira Free
Avast
Anti-Malware
Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.
Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.
Prevention
SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.
Cleaner
ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.
Browser
Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
#50
Posted 11 December 2009 - 05:55 PM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Thanks for the help, but my desktop background seems to have disappeared after running OTC and rebooting. Also, the wallpaper icons on the selection page are not there. My internet connection also seems slower for some reason after running OTC.
Edited by speedcuber101, 11 December 2009 - 08:48 PM.
#51
Posted 12 December 2009 - 12:12 AM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
Hi,
Please follow these steps.
-- Step 1 --
Please follow these steps.
-- Step 1 --
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Under the Custom Scan box paste this in
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
nvstor32.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
- Please download mbr.exe and save in your root folder C:\
- Click on start then Run...
- In the Open: window, type cmd and OK
- In the command window, enter the following
cd C:\ (followed by Enter)
mbr -t > %userprofile%\Desktop\mbr_log.txt (followed by Enter) - This will produce a log file mbr_log.txt on your desktop. Please copy/paste the contents of that file in your reply
#52
Posted 12 December 2009 - 10:25 AM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Here is the OTL.txt
OTL logfile created on: 12/12/2009 9:17:44 AM - Run 1
OTL by OldTimer - Version 3.1.16.0 Folder = C:\Users\ALAN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 87.75% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4603 4603 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.88 Gb Total Space | 252.29 Gb Free Space | 55.22% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 0.85 Gb Free Space | 9.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALAN-PC
Current User Name: ALAN
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\ALAN\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\ALAN\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oahlp.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oacat.exe (Tall Emu)
PRC - C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcg_hcmd2_maxdo_6.14_windows_intelx86 ()
PRC - C:\Windows\System32\PnkBstrB.exe ()
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcg_faah_autodock_6.07_windows_intelx86 (The Scripps Research Institute and IBM Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Windows\ehome\mcupdate.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
PRC - C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
PRC - C:\Program Files\BOINC\boinc.exe (World Community Grid)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe (D-Link)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard)
========== Modules (SafeList) ==========
MOD - C:\Users\ALAN\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\Program Files\Tall Emu\Online Armor\oawatch.dll (Tall Emu)
MOD - C:\Windows\AppPatch\AcLayers.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()
MOD - C:\Windows\System32\shimeng.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcp71.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (getPlus® Helper) getPlus® -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SvcOnlineArmor) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
SRV - (OAcat) -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe (Tall Emu)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrB) -- C:\Windows\System32\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (GoogleDesktopManager-092308-165331) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (LightScribeService) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (HP Health Check Service) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (OAmon) -- C:\Windows\System32\drivers\OAmon.sys (Tall Emu)
DRV - (OADevice) -- C:\Windows\System32\drivers\OADriver.sys (Tall Emu)
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)
DRV - (A5AGU) -- C:\Windows\System32\drivers\AGUx86.sys (D-Link Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\Windows\System32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (VST_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (rt2500usb) DWL-G122(rev.B) -- C:\Windows\System32\drivers\rt2500usb.sys (Ralink Technology Inc.)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\KBFILTER.SYS (WayTech Development, Inc.)
DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\Windows\System32\drivers\usbio.sys (Thesycon GmbH, Germany)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.dragonfable.com/"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.97
FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/01 19:15:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/01 19:15:08 | 00,000,000 | ---D | M]
[2009/01/31 14:22:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Extensions
[2009/12/07 17:15:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\26ebotgq.default\extensions
[2009/10/25 17:02:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\26ebotgq.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
[2009/12/07 17:15:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: (347178 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11905 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Freecause Toolbar BHO) - {745A6D3B-4DB0-4246-B596-9189787D4ED5} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AdventureQuest Worlds Toolbar) - {3385E2D6-567B-4FC6-8F0F-D7A8C6E6118C} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AdventureQuest Worlds Toolbar) - {3385E2D6-567B-4FC6-8F0F-D7A8C6E6118C} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [D-Link RangeBooster G WUA-2340] C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe (D-Link)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoResize = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlcm.cab (Symantec Configuration Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/25 06:45:20 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/03/18 19:43:04 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MediaKey.lnk - C:\PROGRA~1\MediaKey\Versato.exe - File not found
MsConfig - StartUpFolder: C:^Users^ALAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ares - hkey= - key= - C:\Program Files\Ares\Ares.exe File not found
MsConfig - StartUpReg: ccApp - hkey= - key= - c:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
MsConfig - StartUpReg: ClockGen - hkey= - key= - C:\Users\ALAN\Documents\Downloads\ClockGen.exe File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\ALAN\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HP Health Check Scheduler - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: hpsysdrv - hkey= - key= - c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: KBD - hkey= - key= - C:\hp\KBD\KbdStub.exe ()
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: OsdMaestro - hkey= - key= - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Samsung PanelMgr - hkey= - key= - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MsConfig - StartUpReg: SunJavaUpdateReg - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe File not found
MsConfig - StartUpReg: Switcher - hkey= - key= - C:\Program Files\Switcher\Switcher.exe File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - StartUpReg: YSearchProtection - hkey= - key= - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Reg Error: Value error.
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: MsMpSvc - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CD05D92E-BE2C-8B28-70AA-CEAEDF95E7D1} - Adobe Shockwave Director 11.0.3
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F07DA1BD-E2D6-F016-D298-AE32EB0505D4} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 30 Days ==========
[2009/12/12 09:15:27 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Users\ALAN\Desktop\OTL.exe
[2009/12/11 16:41:49 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\ProgramData\HighAndes
[2009/12/10 15:38:32 | 00,000,000 | ---D | C] -- C:\Program Files\HighAndes
[2009/12/09 15:41:58 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\attachments_12_09_2009
[2009/12/08 20:52:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/08 20:52:44 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/08 20:22:42 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/08 20:22:42 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/08 20:22:42 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/08 20:22:41 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/08 20:22:41 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/08 20:22:41 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/08 20:22:41 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/08 20:22:41 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/08 20:22:41 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/08 20:22:40 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/08 20:22:40 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/08 20:22:40 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/08 20:22:40 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/08 20:22:40 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/08 20:21:08 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/12/06 10:39:19 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2009/12/06 10:39:16 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/12/06 10:39:16 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\temp
[2009/12/05 22:52:15 | 00,000,000 | ---D | C] -- C:\Swsetup
[2009/12/05 22:23:43 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\New Project
[2009/12/05 22:18:30 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\FlashDevelop
[2009/12/05 22:11:36 | 00,000,000 | ---D | C] -- C:\Program Files\FlashDevelop
[2009/12/05 22:05:12 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Synfig
[2009/12/01 19:15:02 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/01 19:14:57 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/01 19:14:57 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/01 19:14:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/12/01 19:14:42 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/01 16:10:09 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/12/01 16:10:09 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/12/01 16:10:08 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/12/01 16:10:08 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/12/01 16:10:08 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/12/01 16:09:55 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/12/01 16:09:55 | 00,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/29 16:55:33 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/11/29 16:54:45 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\SUPERAntiSpyware.com
[2009/11/29 16:54:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/29 16:41:40 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\r2 Studios
[2009/11/29 16:41:40 | 00,000,000 | ---D | C] -- C:\ProgramData\r2 Studios
[2009/11/29 16:41:28 | 00,000,000 | ---D | C] -- C:\Program Files\r2 Studios
[2009/11/29 15:38:11 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\OnlineArmor
[2009/11/29 15:38:11 | 00,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor
[2009/11/29 15:37:20 | 00,219,728 | ---- | C] (Tall Emu) -- C:\Windows\System32\drivers\OADriver.sys
[2009/11/29 15:37:20 | 00,024,656 | ---- | C] (Tall Emu) -- C:\Windows\System32\drivers\OAmon.sys
[2009/11/29 15:37:18 | 00,000,000 | ---D | C] -- C:\Program Files\Tall Emu
[2009/11/27 17:35:41 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Desktop\JavaRa
[2009/11/25 17:43:18 | 00,000,000 | ---D | C] -- C:\Program Files\PermissionResearch
[2009/11/24 17:06:32 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/24 17:04:15 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/23 18:13:18 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos
[2009/11/23 18:13:12 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/11/23 18:07:15 | 12,964,352 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2009/11/23 18:07:15 | 02,899,456 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2009/11/23 18:07:15 | 00,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2009/11/23 18:07:14 | 05,079,040 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2009/11/23 18:07:14 | 03,547,136 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2009/11/23 18:07:14 | 03,034,624 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2009/11/23 18:07:14 | 00,479,232 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2009/11/23 18:07:14 | 00,360,448 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2009/11/23 18:07:14 | 00,172,032 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2009/11/23 18:07:14 | 00,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2009/11/23 18:07:14 | 00,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2009/11/23 18:07:14 | 00,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2009/11/23 18:07:14 | 00,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2009/11/23 18:07:14 | 00,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2009/11/23 18:07:13 | 00,208,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2009/11/23 18:07:13 | 00,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2009/11/23 18:07:13 | 00,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2009/11/23 18:06:35 | 00,000,000 | ---D | C] -- C:\Program Files\HeavenWard
[2009/11/23 17:29:02 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/11/23 16:50:12 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/11/23 16:13:53 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009/11/22 17:43:30 | 00,000,000 | ---D | C] -- C:\Program Files\THQ
[2009/11/22 14:37:51 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Bioshock
[2009/11/21 12:43:04 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/11/21 12:32:58 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Malwarebytes
[2009/11/21 12:32:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/21 12:32:52 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/21 12:32:50 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/21 12:32:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 12:31:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/11/20 19:03:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/11/16 17:36:14 | 00,000,000 | ---D | C] -- C:\Program Files\Opera 10 Preview
[2009/11/16 15:48:13 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\AeroSnapApp
[2009/11/15 20:55:39 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\SeriousBit
[2009/11/15 20:53:15 | 00,000,000 | ---D | C] -- C:\Program Files\EnhanceMyVistaFree
[2009/11/15 20:46:09 | 00,000,000 | ---D | C] -- C:\Users\ALAN\en-US
[2009/11/15 20:44:19 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009/11/15 20:38:18 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Winsplit Revolution
[2009/11/15 09:41:33 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\Overlord
[2009/11/13 19:50:31 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2009/11/13 19:50:31 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2009/11/13 19:50:26 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2009/11/13 19:50:25 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2009/11/13 19:50:25 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2009/11/13 19:50:24 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2009/11/13 19:50:23 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2009/11/13 19:50:23 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2009/11/13 19:50:20 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2009/11/13 19:50:10 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2009/11/13 19:50:10 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2009/11/13 19:50:10 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2009/11/13 19:50:06 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2009/11/13 19:50:06 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2009/11/13 19:50:05 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2009/11/13 19:50:05 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2009/11/13 19:50:04 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2009/11/13 19:50:04 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2009/11/13 19:50:03 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2009/11/13 19:50:03 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2009/11/13 19:50:02 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2009/11/13 19:50:02 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2009/11/13 19:50:01 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2009/11/13 19:50:01 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2009/11/13 19:50:01 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2009/11/13 19:50:01 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2009/11/13 19:50:01 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2009/11/13 19:50:00 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2009/11/13 19:50:00 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2009/11/13 19:49:59 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2009/11/13 19:49:59 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2009/11/13 19:49:59 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2009/11/13 19:49:58 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2009/11/13 19:49:58 | 00,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2009/11/13 19:49:58 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2009/11/13 19:49:58 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2009/11/13 19:49:57 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2009/11/13 19:49:57 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2009/11/13 19:49:57 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2009/11/13 19:49:56 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2009/11/13 19:49:56 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2009/11/13 19:49:56 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2009/11/13 19:49:55 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
========== Files - Modified Within 30 Days ==========
[2009/12/12 09:21:07 | 10,485,760 | ---- | M] () -- C:\Users\ALAN\ntuser.dat
[2009/12/12 09:16:59 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{22FB3D9F-A9CE-44B2-B28D-D2EFE9653E1F}.job
[2009/12/12 09:15:36 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALAN\Desktop\OTL.exe
[2009/12/12 09:07:24 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/12 09:07:18 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/12 09:07:18 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/12 09:07:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/11 21:55:10 | 00,524,288 | -HS- | M] () -- C:\Users\ALAN\ntuser.dat{34e66a6e-c1ad-11de-a7c9-001bfcdfbf35}.TMContainer00000000000000000001.regtrans-ms
[2009/12/11 21:55:10 | 00,065,536 | -HS- | M] () -- C:\Users\ALAN\ntuser.dat{34e66a6e-c1ad-11de-a7c9-001bfcdfbf35}.TM.blf
[2009/12/11 21:06:01 | 00,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2004633336-3642356049-309549034-1000UA.job
[2009/12/11 17:47:54 | 00,721,238 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/11 17:47:54 | 00,620,676 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/11 17:47:54 | 00,113,976 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/11 17:41:59 | 02,219,868 | -H-- | M] () -- C:\Users\ALAN\AppData\Local\IconCache.db
[2009/12/11 16:45:32 | 00,086,096 | ---- | M] () -- C:\Users\ALAN\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/11 16:44:40 | 00,331,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/11 16:31:32 | 00,002,039 | ---- | M] () -- C:\Users\ALAN\Desktop\Google Chrome.lnk
[2009/12/10 15:41:47 | 00,076,288 | ---- | M] () -- C:\Users\ALAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/10 15:41:25 | 00,002,475 | ---- | M] () -- C:\Users\ALAN\Desktop\trakAxPC.lnk
[2009/12/09 17:40:05 | 00,028,160 | ---- | M] () -- C:\Users\ALAN\Documents\Math Project Equations.doc
[2009/12/09 15:41:43 | 00,033,596 | ---- | M] () -- C:\Users\ALAN\Documents\attachments_12_09_2009.zip
[2009/12/08 18:39:34 | 00,044,032 | ---- | M] () -- C:\Users\ALAN\Desktop\wgvids.db
[2009/12/07 17:20:47 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/12/06 11:06:02 | 00,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2004633336-3642356049-309549034-1000Core.job
[2009/12/06 10:35:40 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/12/06 10:17:28 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/12/05 22:56:38 | 00,001,760 | ---- | M] () -- C:\Users\ALAN\Desktop\Runes of Magic.lnk
[2009/12/05 22:18:32 | 00,000,092 | ---- | M] () -- C:\Users\ALAN\mm.cfg
[2009/12/05 22:11:50 | 00,001,724 | ---- | M] () -- C:\Users\ALAN\Desktop\FlashDevelop.lnk
[2009/12/05 22:04:37 | 00,000,051 | ---- | M] () -- C:\Users\ALAN\.gtkrc-2.0
[2009/12/05 09:46:29 | 00,077,312 | ---- | M] () -- C:\mbr.exe
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/01 19:16:21 | 00,000,024 | ---- | M] () -- C:\Windows\cdplayer.ini
[2009/12/01 19:15:02 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/01 19:14:57 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/01 19:14:57 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/01 19:14:42 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/01 16:39:38 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/01 16:10:09 | 00,001,817 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/11/29 16:54:54 | 00,000,880 | ---- | M] () -- C:\Users\ALAN\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/29 15:38:13 | 00,094,564 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.idx
[2009/11/27 16:29:49 | 00,000,639 | ---- | M] () -- C:\Windows\M3JPEG.INI
[2009/11/24 18:22:16 | 00,000,015 | ---- | M] () -- C:\Users\ALAN\Desktop\settings.dat
[2009/11/24 16:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/11/24 16:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/11/24 16:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/11/24 16:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/24 16:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/11/24 16:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/11/24 16:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/11/22 17:46:56 | 00,005,077 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2009/11/22 14:37:49 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2009/11/20 23:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/20 23:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/20 23:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/20 23:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/20 23:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/20 23:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/20 23:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/20 23:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/20 23:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/20 23:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/20 21:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/20 21:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/20 21:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/20 21:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/11/16 18:51:20 | 00,000,705 | ---- | M] () -- C:\Windows\System32\AeroShake.ini
[2009/11/15 19:28:14 | 00,147,724 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2009/11/15 04:43:00 | 00,000,446 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\Windows\PEV.exe
[2009/11/13 18:07:37 | 00,025,600 | ---- | M] () -- C:\Users\ALAN\Documents\Potato Entry#1.doc
[2009/11/13 17:57:49 | 00,027,648 | ---- | M] () -- C:\Users\ALAN\Documents\lab Report.doc
========== Files Created - No Company Name ==========
[2009/12/10 15:38:35 | 00,002,475 | ---- | C] () -- C:\Users\ALAN\Desktop\trakAxPC.lnk
[2009/12/09 16:36:11 | 00,028,160 | ---- | C] () -- C:\Users\ALAN\Documents\Math Project Equations.doc
[2009/12/09 15:41:43 | 00,033,596 | ---- | C] () -- C:\Users\ALAN\Documents\attachments_12_09_2009.zip
[2009/12/07 17:20:47 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/05 22:18:32 | 00,000,092 | ---- | C] () -- C:\Users\ALAN\mm.cfg
[2009/12/05 22:11:50 | 00,001,724 | ---- | C] () -- C:\Users\ALAN\Desktop\FlashDevelop.lnk
[2009/12/05 22:04:37 | 00,000,051 | ---- | C] () -- C:\Users\ALAN\.gtkrc-2.0
[2009/12/05 21:27:02 | 00,260,608 | ---- | C] () -- C:\Windows\PEV.exe
[2009/12/05 21:27:02 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2009/12/05 09:46:27 | 00,077,312 | ---- | C] () -- C:\mbr.exe
[2009/12/01 19:16:21 | 00,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/12/01 16:10:09 | 00,001,817 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/01 16:09:55 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/11/29 16:54:54 | 00,000,880 | ---- | C] () -- C:\Users\ALAN\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/23 18:07:15 | 00,391,520 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2009/11/23 18:07:15 | 00,018,618 | ---- | C] () -- C:\Windows\atiogl.xml
[2009/11/23 18:07:14 | 00,195,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/11/23 17:39:48 | 00,000,015 | ---- | C] () -- C:\Users\ALAN\Desktop\settings.dat
[2009/11/16 17:40:16 | 00,000,705 | ---- | C] () -- C:\Windows\System32\AeroShake.ini
[2009/11/15 19:28:14 | 00,147,724 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/11/13 15:58:34 | 00,027,648 | ---- | C] () -- C:\Users\ALAN\Documents\lab Report.doc
[2009/11/12 17:50:56 | 00,025,600 | ---- | C] () -- C:\Users\ALAN\Documents\Potato Entry#1.doc
[2009/11/10 20:49:30 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/10 20:49:29 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/11/10 20:49:28 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/10 20:49:28 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/10 20:49:27 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/10 20:49:27 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/11/05 19:14:42 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/09/16 17:31:26 | 00,000,639 | ---- | C] () -- C:\Windows\M3JPEG.INI
[2009/09/13 13:24:17 | 00,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/09/06 10:25:16 | 00,000,000 | ---- | C] () -- C:\Windows\galaxy.ini
[2009/08/31 10:55:20 | 00,262,144 | ---- | C] () -- C:\Windows\System32\wlanapp.dll
[2009/08/31 10:55:20 | 00,049,152 | ---- | C] () -- C:\Windows\System32\JJAKEn.dll
[2009/07/15 11:43:13 | 00,139,152 | ---- | C] () -- C:\Users\ALAN\AppData\Roaming\PnkBstrK.sys
[2009/05/31 14:51:38 | 00,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/05/31 09:51:02 | 00,000,141 | ---- | C] () -- C:\Windows\System32\dxwnd.ini
[2009/05/27 16:22:00 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/07 18:44:02 | 00,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/07 18:28:08 | 00,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/04/04 14:47:40 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/09 18:53:33 | 00,000,876 | ---- | C] () -- C:\Windows\Njstar.INI
[2009/02/03 19:05:16 | 00,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/02/03 19:05:16 | 00,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2009/01/03 15:08:15 | 00,001,356 | ---- | C] () -- C:\Users\ALAN\AppData\Local\d3d9caps.dat
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/25 17:22:46 | 00,000,360 | ---- | C] () -- C:\Windows\WININIT.INI
[2008/09/25 17:22:42 | 00,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2008/08/30 17:46:48 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/08/26 09:12:49 | 00,000,082 | ---- | C] () -- C:\Users\ALAN\AppData\Local\X-Plane Installer.prf
[2008/08/26 09:08:01 | 00,000,039 | ---- | C] () -- C:\Users\ALAN\AppData\Local\x-plane_install.txt
[2008/07/08 15:33:30 | 00,000,000 | ---- | C] () -- C:\Users\ALAN\AppData\Roaming\wklnhst.dat
[2008/06/05 08:58:26 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/04/26 16:38:35 | 00,000,089 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2008/03/08 18:57:28 | 00,076,288 | ---- | C] () -- C:\Users\ALAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/02 17:39:19 | 00,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2008/03/01 19:55:52 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/10/25 06:20:50 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/10/25 06:20:50 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2006/11/02 05:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009/11/17 17:07:54 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Adobe
[2009/11/16 15:48:13 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\AeroSnapApp
[2009/09/17 19:37:52 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Any Video Converter
[2009/11/01 09:46:23 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Apple Computer
[2009/04/08 14:39:31 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ArcSoft
[2009/06/29 14:07:47 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ATI
[2009/06/14 20:05:22 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Bao_Nguyen
[2009/11/22 14:37:59 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Bioshock
[2009/10/02 19:59:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Canneverbe_Limited
[2009/10/18 20:29:28 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ChromePlus
[2009/03/14 21:20:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/04 15:15:53 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\CyberLink
[2009/05/23 11:20:38 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Download Manager
[2009/10/16 17:24:05 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\fofix
[2009/10/03 19:49:58 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\GetRightToGo
[2008/04/12 14:49:13 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Google
[2009/05/26 15:54:35 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\GrabPro
[2009/01/03 21:32:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Hamachi
[2008/03/01 18:41:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Hewlett-Packard
[2009/12/10 15:41:26 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\HighAndes
[2008/03/01 18:40:17 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Identities
[2008/06/22 08:21:10 | 00,000,000 | -H-D | M] -- C:\Users\ALAN\AppData\Roaming\ijjigame
[2008/11/01 12:46:46 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\InstallShield
[2009/09/27 17:38:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\IObit
[2009/10/18 20:08:03 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Launchy
[2009/01/16 20:59:42 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Macromedia
[2009/11/21 12:32:58 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Malwarebytes
[2006/11/02 05:37:34 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Media Center Programs
[2009/12/07 17:23:18 | 00,000,000 | --SD | M] -- C:\Users\ALAN\AppData\Roaming\Microsoft
[2009/04/15 16:33:08 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Motive
[2009/01/31 14:22:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla
[2009/02/09 18:54:01 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\NJStar
[2009/11/29 15:38:19 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\OnlineArmor
[2008/12/27 10:26:23 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Opera
[2009/05/27 15:48:00 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Orbit
[2008/04/03 17:48:57 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\PlayFirst
[2009/10/18 18:10:51 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Publish Providers
[2009/11/29 16:41:40 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\r2 Studios
[2009/12/03 17:23:27 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Real
[2009/04/05 16:07:12 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Samsung
[2009/09/19 10:13:20 | 00,000,000 | RH-D | M] -- C:\Users\ALAN\AppData\Roaming\SecuROM
[2009/11/15 20:55:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SeriousBit
[2009/02/03 19:05:32 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SMART Technologies Inc
[2008/03/16 17:22:10 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Snapfish
[2009/09/15 19:58:54 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Sony
[2009/11/29 16:54:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/26 18:16:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SystemRequirementsLab
[2009/05/25 15:35:53 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\TELUS
[2009/12/05 22:05:09 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\TeraCopy
[2009/10/22 17:11:10 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Ubisoft
[2009/09/08 20:27:41 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Warsow 0.5
[2009/10/17 12:26:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WildTangent
[2008/03/08 19:01:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WinBatch
[2008/07/07 18:26:24 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WinRAR
[2009/11/15 20:50:38 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Winsplit Revolution
[2009/11/29 19:21:36 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Xfire
[2009/10/03 19:50:43 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Xilisoft Corporation
[2009/11/13 18:36:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2009/10/11 06:49:12 | 00,536,576 | ---- | M] (The Chromium Authors) -- C:\Users\ALAN\AppData\Roaming\ChromePlus\chrome.exe
[2009/10/18 20:29:05 | 00,054,036 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\ChromePlus_uninstall.exe
[2009/10/11 08:33:02 | 00,110,592 | ---- | M] ( ) -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\IEHost.exe
[2009/09/28 09:42:26 | 00,067,072 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\wow_helper.exe
[2009/09/09 00:45:04 | 00,106,496 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\Installer\ChromePlusUpgrade.exe
[2008/06/18 17:55:12 | 00,480,688 | ---- | M] (NHN USA Corp.) -- C:\Users\ALAN\AppData\Roaming\ijjigame\ijjistarter2.exe
[2008/07/03 16:56:56 | 00,480,688 | ---- | M] (NHN USA Corp.) -- C:\Users\ALAN\AppData\Roaming\ijjigame\ijjistarter2FxB.exe
[2008/04/26 16:23:27 | 21,092,7632 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ijjigame\U_GUNZ_Setup.exe
[2009/12/05 22:58:40 | 00,038,208 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009/06/29 16:42:04 | 00,009,158 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2009/11/23 18:07:43 | 00,010,134 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{A548C254-03BB-22F8-1064-899487B3CF85}\ARPPRODUCTICON.exe
[2009/12/10 15:38:36 | 00,007,886 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_21F3885A18D238E15AAE81.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_644DB78AE1AB52B2CDA4B9.exe
[2009/12/10 15:38:36 | 00,007,886 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_6FEFF9B68218417F98F549.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_D707CE1C009F1381803C2C.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_F794E6573924251877968F.exe
[2008/03/09 17:11:01 | 00,010,134 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
[2009/11/29 16:55:02 | 00,018,944 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
[2009/11/29 16:55:02 | 00,065,024 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
[2009/11/29 16:55:02 | 00,005,120 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
[2009/10/08 15:41:17 | 00,003,262 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{E7394983-3869-46F4-A117-EB148F104D79}\ARPPRODUCTICON.exe
[2009/10/08 15:41:17 | 00,003,262 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{E7394983-3869-46F4-A117-EB148F104D79}\BOINCManagerShortcut_F8D63239C34C43E18FC7841149A9E4C1.exe
< %SYSTEMDRIVE%\*.exe >
[2009/12/05 09:46:29 | 00,077,312 | ---- | M] () -- C:\mbr.exe
< MD5 for: AGP440.SYS >
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 02:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/01 18:55:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/03/01 18:55:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/03/01 18:55:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006/11/02 02:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 00:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=2A0CC26D67B38460CC7563BC8313C1D6 -- C:\NVIDIA\nForceWinVista\15.23\IS\IDE\WinVista\sataraid\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=615D79A1D2C98817FF2FDEB1B167D808 -- C:\NVIDIA\nForceWinVista\15.01\IDE\WinVista\sata_ide\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=615D79A1D2C98817FF2FDEB1B167D808 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_a195c2b5\nvstor32.sys
[2007/10/26 19:51:24 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=7EBA6C9A0A295B1559EFB9062E701218 -- C:\Windows\System32\drivers\nvstor32.sys
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\NVIDIA\nForceWinVista\15.23\IS\IDE\WinVista\sata_ide\nvstor32.sys
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_d87a3a1f\nvstor32.sys
[2007/07/02 10:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\hp\DRIVERS\NVIDIA_Serial_ATA\nvstor32.sys
[2007/07/02 10:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_6b03e392\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=E1C2036823B9E75535051499C61350F6 -- C:\NVIDIA\nForceWinVista\15.01\IDE\WinVista\sataraid\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2008/01/19 00:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 02:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D0F3EA78
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:6DFF1A8A
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:C31F31E6
< End of report >
OTL logfile created on: 12/12/2009 9:17:44 AM - Run 1
OTL by OldTimer - Version 3.1.16.0 Folder = C:\Users\ALAN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 87.75% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4603 4603 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.88 Gb Total Space | 252.29 Gb Free Space | 55.22% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 0.85 Gb Free Space | 9.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALAN-PC
Current User Name: ALAN
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\ALAN\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\ALAN\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oahlp.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oacat.exe (Tall Emu)
PRC - C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcg_hcmd2_maxdo_6.14_windows_intelx86 ()
PRC - C:\Windows\System32\PnkBstrB.exe ()
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcg_faah_autodock_6.07_windows_intelx86 (The Scripps Research Institute and IBM Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Windows\ehome\mcupdate.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
PRC - C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
PRC - C:\Program Files\BOINC\boinc.exe (World Community Grid)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe (D-Link)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard)
========== Modules (SafeList) ==========
MOD - C:\Users\ALAN\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\Program Files\Tall Emu\Online Armor\oawatch.dll (Tall Emu)
MOD - C:\Windows\AppPatch\AcLayers.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()
MOD - C:\Windows\System32\shimeng.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcp71.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (getPlus® Helper) getPlus® -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SvcOnlineArmor) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
SRV - (OAcat) -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe (Tall Emu)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrB) -- C:\Windows\System32\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (GoogleDesktopManager-092308-165331) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (LightScribeService) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (HP Health Check Service) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (OAmon) -- C:\Windows\System32\drivers\OAmon.sys (Tall Emu)
DRV - (OADevice) -- C:\Windows\System32\drivers\OADriver.sys (Tall Emu)
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)
DRV - (A5AGU) -- C:\Windows\System32\drivers\AGUx86.sys (D-Link Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\Windows\System32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (VST_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (rt2500usb) DWL-G122(rev.B) -- C:\Windows\System32\drivers\rt2500usb.sys (Ralink Technology Inc.)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\KBFILTER.SYS (WayTech Development, Inc.)
DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\Windows\System32\drivers\usbio.sys (Thesycon GmbH, Germany)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.dragonfable.com/"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.97
FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/01 19:15:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/01 19:15:08 | 00,000,000 | ---D | M]
[2009/01/31 14:22:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Extensions
[2009/12/07 17:15:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\26ebotgq.default\extensions
[2009/10/25 17:02:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\26ebotgq.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
[2009/12/07 17:15:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: (347178 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11905 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Freecause Toolbar BHO) - {745A6D3B-4DB0-4246-B596-9189787D4ED5} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AdventureQuest Worlds Toolbar) - {3385E2D6-567B-4FC6-8F0F-D7A8C6E6118C} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AdventureQuest Worlds Toolbar) - {3385E2D6-567B-4FC6-8F0F-D7A8C6E6118C} - C:\Program Files\AdventureQuest Worlds Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [D-Link RangeBooster G WUA-2340] C:\Program Files\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe (D-Link)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\AdvancedOptions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoResize = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlcm.cab (Symantec Configuration Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/25 06:45:20 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/03/18 19:43:04 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MediaKey.lnk - C:\PROGRA~1\MediaKey\Versato.exe - File not found
MsConfig - StartUpFolder: C:^Users^ALAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ares - hkey= - key= - C:\Program Files\Ares\Ares.exe File not found
MsConfig - StartUpReg: ccApp - hkey= - key= - c:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
MsConfig - StartUpReg: ClockGen - hkey= - key= - C:\Users\ALAN\Documents\Downloads\ClockGen.exe File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\ALAN\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HP Health Check Scheduler - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: hpsysdrv - hkey= - key= - c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: KBD - hkey= - key= - C:\hp\KBD\KbdStub.exe ()
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: OsdMaestro - hkey= - key= - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Samsung PanelMgr - hkey= - key= - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MsConfig - StartUpReg: SunJavaUpdateReg - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe File not found
MsConfig - StartUpReg: Switcher - hkey= - key= - C:\Program Files\Switcher\Switcher.exe File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - StartUpReg: YSearchProtection - hkey= - key= - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Reg Error: Value error.
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: MsMpSvc - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CD05D92E-BE2C-8B28-70AA-CEAEDF95E7D1} - Adobe Shockwave Director 11.0.3
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F07DA1BD-E2D6-F016-D298-AE32EB0505D4} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 30 Days ==========
[2009/12/12 09:15:27 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Users\ALAN\Desktop\OTL.exe
[2009/12/11 16:41:49 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\HighAndes
[2009/12/10 15:41:26 | 00,000,000 | ---D | C] -- C:\ProgramData\HighAndes
[2009/12/10 15:38:32 | 00,000,000 | ---D | C] -- C:\Program Files\HighAndes
[2009/12/09 15:41:58 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\attachments_12_09_2009
[2009/12/08 20:52:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/08 20:52:44 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/08 20:22:42 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/08 20:22:42 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/08 20:22:42 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/08 20:22:41 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/08 20:22:41 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/08 20:22:41 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/08 20:22:41 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/08 20:22:41 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/08 20:22:41 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/08 20:22:40 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/08 20:22:40 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/08 20:22:40 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/08 20:22:40 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/08 20:22:40 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/08 20:21:08 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/12/06 10:39:19 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2009/12/06 10:39:16 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/12/06 10:39:16 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\temp
[2009/12/05 22:52:15 | 00,000,000 | ---D | C] -- C:\Swsetup
[2009/12/05 22:23:43 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\New Project
[2009/12/05 22:18:30 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Local\FlashDevelop
[2009/12/05 22:11:36 | 00,000,000 | ---D | C] -- C:\Program Files\FlashDevelop
[2009/12/05 22:05:12 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Synfig
[2009/12/01 19:15:02 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/01 19:14:57 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/01 19:14:57 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/01 19:14:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/12/01 19:14:42 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/01 16:10:09 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/12/01 16:10:09 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/12/01 16:10:08 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/12/01 16:10:08 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/12/01 16:10:08 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/12/01 16:09:55 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/12/01 16:09:55 | 00,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/29 16:55:33 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/11/29 16:54:45 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\SUPERAntiSpyware.com
[2009/11/29 16:54:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/29 16:41:40 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\r2 Studios
[2009/11/29 16:41:40 | 00,000,000 | ---D | C] -- C:\ProgramData\r2 Studios
[2009/11/29 16:41:28 | 00,000,000 | ---D | C] -- C:\Program Files\r2 Studios
[2009/11/29 15:38:11 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\OnlineArmor
[2009/11/29 15:38:11 | 00,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor
[2009/11/29 15:37:20 | 00,219,728 | ---- | C] (Tall Emu) -- C:\Windows\System32\drivers\OADriver.sys
[2009/11/29 15:37:20 | 00,024,656 | ---- | C] (Tall Emu) -- C:\Windows\System32\drivers\OAmon.sys
[2009/11/29 15:37:18 | 00,000,000 | ---D | C] -- C:\Program Files\Tall Emu
[2009/11/27 17:35:41 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Desktop\JavaRa
[2009/11/25 17:43:18 | 00,000,000 | ---D | C] -- C:\Program Files\PermissionResearch
[2009/11/24 17:06:32 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/24 17:04:15 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/23 18:13:18 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos
[2009/11/23 18:13:12 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/11/23 18:07:15 | 12,964,352 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2009/11/23 18:07:15 | 02,899,456 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2009/11/23 18:07:15 | 00,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2009/11/23 18:07:14 | 05,079,040 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2009/11/23 18:07:14 | 03,547,136 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2009/11/23 18:07:14 | 03,034,624 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2009/11/23 18:07:14 | 00,479,232 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2009/11/23 18:07:14 | 00,360,448 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2009/11/23 18:07:14 | 00,172,032 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2009/11/23 18:07:14 | 00,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2009/11/23 18:07:14 | 00,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2009/11/23 18:07:14 | 00,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2009/11/23 18:07:14 | 00,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2009/11/23 18:07:14 | 00,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2009/11/23 18:07:13 | 00,208,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2009/11/23 18:07:13 | 00,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2009/11/23 18:07:13 | 00,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2009/11/23 18:06:35 | 00,000,000 | ---D | C] -- C:\Program Files\HeavenWard
[2009/11/23 17:29:02 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/11/23 16:50:12 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/11/23 16:13:53 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009/11/22 17:43:30 | 00,000,000 | ---D | C] -- C:\Program Files\THQ
[2009/11/22 14:37:51 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Bioshock
[2009/11/21 12:43:04 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/11/21 12:32:58 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Malwarebytes
[2009/11/21 12:32:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/21 12:32:52 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/21 12:32:50 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/21 12:32:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 12:31:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/11/20 19:03:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/11/16 17:36:14 | 00,000,000 | ---D | C] -- C:\Program Files\Opera 10 Preview
[2009/11/16 15:48:13 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\AeroSnapApp
[2009/11/15 20:55:39 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\SeriousBit
[2009/11/15 20:53:15 | 00,000,000 | ---D | C] -- C:\Program Files\EnhanceMyVistaFree
[2009/11/15 20:46:09 | 00,000,000 | ---D | C] -- C:\Users\ALAN\en-US
[2009/11/15 20:44:19 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009/11/15 20:38:18 | 00,000,000 | ---D | C] -- C:\Users\ALAN\AppData\Roaming\Winsplit Revolution
[2009/11/15 09:41:33 | 00,000,000 | ---D | C] -- C:\Users\ALAN\Documents\Overlord
[2009/11/13 19:50:31 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2009/11/13 19:50:31 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2009/11/13 19:50:26 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2009/11/13 19:50:25 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2009/11/13 19:50:25 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2009/11/13 19:50:24 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2009/11/13 19:50:23 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2009/11/13 19:50:23 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2009/11/13 19:50:20 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2009/11/13 19:50:10 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2009/11/13 19:50:10 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2009/11/13 19:50:10 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2009/11/13 19:50:06 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2009/11/13 19:50:06 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2009/11/13 19:50:05 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2009/11/13 19:50:05 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2009/11/13 19:50:04 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2009/11/13 19:50:04 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2009/11/13 19:50:03 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2009/11/13 19:50:03 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2009/11/13 19:50:02 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2009/11/13 19:50:02 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2009/11/13 19:50:01 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2009/11/13 19:50:01 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2009/11/13 19:50:01 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2009/11/13 19:50:01 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2009/11/13 19:50:01 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2009/11/13 19:50:00 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2009/11/13 19:50:00 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2009/11/13 19:49:59 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2009/11/13 19:49:59 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2009/11/13 19:49:59 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2009/11/13 19:49:58 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2009/11/13 19:49:58 | 00,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2009/11/13 19:49:58 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2009/11/13 19:49:58 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2009/11/13 19:49:57 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2009/11/13 19:49:57 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2009/11/13 19:49:57 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2009/11/13 19:49:56 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2009/11/13 19:49:56 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2009/11/13 19:49:56 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2009/11/13 19:49:55 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
========== Files - Modified Within 30 Days ==========
[2009/12/12 09:21:07 | 10,485,760 | ---- | M] () -- C:\Users\ALAN\ntuser.dat
[2009/12/12 09:16:59 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{22FB3D9F-A9CE-44B2-B28D-D2EFE9653E1F}.job
[2009/12/12 09:15:36 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALAN\Desktop\OTL.exe
[2009/12/12 09:07:24 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/12 09:07:18 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/12 09:07:18 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/12 09:07:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/11 21:55:10 | 00,524,288 | -HS- | M] () -- C:\Users\ALAN\ntuser.dat{34e66a6e-c1ad-11de-a7c9-001bfcdfbf35}.TMContainer00000000000000000001.regtrans-ms
[2009/12/11 21:55:10 | 00,065,536 | -HS- | M] () -- C:\Users\ALAN\ntuser.dat{34e66a6e-c1ad-11de-a7c9-001bfcdfbf35}.TM.blf
[2009/12/11 21:06:01 | 00,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2004633336-3642356049-309549034-1000UA.job
[2009/12/11 17:47:54 | 00,721,238 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/11 17:47:54 | 00,620,676 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/11 17:47:54 | 00,113,976 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/11 17:41:59 | 02,219,868 | -H-- | M] () -- C:\Users\ALAN\AppData\Local\IconCache.db
[2009/12/11 16:45:32 | 00,086,096 | ---- | M] () -- C:\Users\ALAN\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/11 16:44:40 | 00,331,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/11 16:31:32 | 00,002,039 | ---- | M] () -- C:\Users\ALAN\Desktop\Google Chrome.lnk
[2009/12/10 15:41:47 | 00,076,288 | ---- | M] () -- C:\Users\ALAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/10 15:41:25 | 00,002,475 | ---- | M] () -- C:\Users\ALAN\Desktop\trakAxPC.lnk
[2009/12/09 17:40:05 | 00,028,160 | ---- | M] () -- C:\Users\ALAN\Documents\Math Project Equations.doc
[2009/12/09 15:41:43 | 00,033,596 | ---- | M] () -- C:\Users\ALAN\Documents\attachments_12_09_2009.zip
[2009/12/08 18:39:34 | 00,044,032 | ---- | M] () -- C:\Users\ALAN\Desktop\wgvids.db
[2009/12/07 17:20:47 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/12/06 11:06:02 | 00,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2004633336-3642356049-309549034-1000Core.job
[2009/12/06 10:35:40 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/12/06 10:17:28 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/12/05 22:56:38 | 00,001,760 | ---- | M] () -- C:\Users\ALAN\Desktop\Runes of Magic.lnk
[2009/12/05 22:18:32 | 00,000,092 | ---- | M] () -- C:\Users\ALAN\mm.cfg
[2009/12/05 22:11:50 | 00,001,724 | ---- | M] () -- C:\Users\ALAN\Desktop\FlashDevelop.lnk
[2009/12/05 22:04:37 | 00,000,051 | ---- | M] () -- C:\Users\ALAN\.gtkrc-2.0
[2009/12/05 09:46:29 | 00,077,312 | ---- | M] () -- C:\mbr.exe
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/01 19:16:21 | 00,000,024 | ---- | M] () -- C:\Windows\cdplayer.ini
[2009/12/01 19:15:02 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/01 19:14:57 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/01 19:14:57 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/01 19:14:42 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/01 16:39:38 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/01 16:10:09 | 00,001,817 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/11/29 16:54:54 | 00,000,880 | ---- | M] () -- C:\Users\ALAN\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/29 15:38:13 | 00,094,564 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.idx
[2009/11/27 16:29:49 | 00,000,639 | ---- | M] () -- C:\Windows\M3JPEG.INI
[2009/11/24 18:22:16 | 00,000,015 | ---- | M] () -- C:\Users\ALAN\Desktop\settings.dat
[2009/11/24 16:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/11/24 16:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/11/24 16:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/11/24 16:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/24 16:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/11/24 16:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/11/24 16:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/11/22 17:46:56 | 00,005,077 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2009/11/22 14:37:49 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2009/11/20 23:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/20 23:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/20 23:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/20 23:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/20 23:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/20 23:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/20 23:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/20 23:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/20 23:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/20 23:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/20 21:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/20 21:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/20 21:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/20 21:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/11/16 18:51:20 | 00,000,705 | ---- | M] () -- C:\Windows\System32\AeroShake.ini
[2009/11/15 19:28:14 | 00,147,724 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2009/11/15 04:43:00 | 00,000,446 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\Windows\PEV.exe
[2009/11/13 18:07:37 | 00,025,600 | ---- | M] () -- C:\Users\ALAN\Documents\Potato Entry#1.doc
[2009/11/13 17:57:49 | 00,027,648 | ---- | M] () -- C:\Users\ALAN\Documents\lab Report.doc
========== Files Created - No Company Name ==========
[2009/12/10 15:38:35 | 00,002,475 | ---- | C] () -- C:\Users\ALAN\Desktop\trakAxPC.lnk
[2009/12/09 16:36:11 | 00,028,160 | ---- | C] () -- C:\Users\ALAN\Documents\Math Project Equations.doc
[2009/12/09 15:41:43 | 00,033,596 | ---- | C] () -- C:\Users\ALAN\Documents\attachments_12_09_2009.zip
[2009/12/07 17:20:47 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/05 22:18:32 | 00,000,092 | ---- | C] () -- C:\Users\ALAN\mm.cfg
[2009/12/05 22:11:50 | 00,001,724 | ---- | C] () -- C:\Users\ALAN\Desktop\FlashDevelop.lnk
[2009/12/05 22:04:37 | 00,000,051 | ---- | C] () -- C:\Users\ALAN\.gtkrc-2.0
[2009/12/05 21:27:02 | 00,260,608 | ---- | C] () -- C:\Windows\PEV.exe
[2009/12/05 21:27:02 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2009/12/05 09:46:27 | 00,077,312 | ---- | C] () -- C:\mbr.exe
[2009/12/01 19:16:21 | 00,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/12/01 16:10:09 | 00,001,817 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/01 16:09:55 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/11/29 16:54:54 | 00,000,880 | ---- | C] () -- C:\Users\ALAN\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/23 18:07:15 | 00,391,520 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2009/11/23 18:07:15 | 00,018,618 | ---- | C] () -- C:\Windows\atiogl.xml
[2009/11/23 18:07:14 | 00,195,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/11/23 17:39:48 | 00,000,015 | ---- | C] () -- C:\Users\ALAN\Desktop\settings.dat
[2009/11/16 17:40:16 | 00,000,705 | ---- | C] () -- C:\Windows\System32\AeroShake.ini
[2009/11/15 19:28:14 | 00,147,724 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/11/13 15:58:34 | 00,027,648 | ---- | C] () -- C:\Users\ALAN\Documents\lab Report.doc
[2009/11/12 17:50:56 | 00,025,600 | ---- | C] () -- C:\Users\ALAN\Documents\Potato Entry#1.doc
[2009/11/10 20:49:30 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/10 20:49:29 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/11/10 20:49:28 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/10 20:49:28 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/10 20:49:27 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/10 20:49:27 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/11/05 19:14:42 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/09/16 17:31:26 | 00,000,639 | ---- | C] () -- C:\Windows\M3JPEG.INI
[2009/09/13 13:24:17 | 00,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/09/06 10:25:16 | 00,000,000 | ---- | C] () -- C:\Windows\galaxy.ini
[2009/08/31 10:55:20 | 00,262,144 | ---- | C] () -- C:\Windows\System32\wlanapp.dll
[2009/08/31 10:55:20 | 00,049,152 | ---- | C] () -- C:\Windows\System32\JJAKEn.dll
[2009/07/15 11:43:13 | 00,139,152 | ---- | C] () -- C:\Users\ALAN\AppData\Roaming\PnkBstrK.sys
[2009/05/31 14:51:38 | 00,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/05/31 09:51:02 | 00,000,141 | ---- | C] () -- C:\Windows\System32\dxwnd.ini
[2009/05/27 16:22:00 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/07 18:44:02 | 00,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/07 18:28:08 | 00,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/04/04 14:47:40 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/09 18:53:33 | 00,000,876 | ---- | C] () -- C:\Windows\Njstar.INI
[2009/02/03 19:05:16 | 00,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/02/03 19:05:16 | 00,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2009/01/03 15:08:15 | 00,001,356 | ---- | C] () -- C:\Users\ALAN\AppData\Local\d3d9caps.dat
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/25 17:22:46 | 00,000,360 | ---- | C] () -- C:\Windows\WININIT.INI
[2008/09/25 17:22:42 | 00,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2008/08/30 17:46:48 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/08/26 09:12:49 | 00,000,082 | ---- | C] () -- C:\Users\ALAN\AppData\Local\X-Plane Installer.prf
[2008/08/26 09:08:01 | 00,000,039 | ---- | C] () -- C:\Users\ALAN\AppData\Local\x-plane_install.txt
[2008/07/08 15:33:30 | 00,000,000 | ---- | C] () -- C:\Users\ALAN\AppData\Roaming\wklnhst.dat
[2008/06/05 08:58:26 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/04/26 16:38:35 | 00,000,089 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2008/03/08 18:57:28 | 00,076,288 | ---- | C] () -- C:\Users\ALAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/02 17:39:19 | 00,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2008/03/01 19:55:52 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/10/25 06:20:50 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/10/25 06:20:50 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2006/11/02 05:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009/11/17 17:07:54 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Adobe
[2009/11/16 15:48:13 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\AeroSnapApp
[2009/09/17 19:37:52 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Any Video Converter
[2009/11/01 09:46:23 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Apple Computer
[2009/04/08 14:39:31 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ArcSoft
[2009/06/29 14:07:47 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ATI
[2009/06/14 20:05:22 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Bao_Nguyen
[2009/11/22 14:37:59 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Bioshock
[2009/10/02 19:59:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Canneverbe_Limited
[2009/10/18 20:29:28 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\ChromePlus
[2009/03/14 21:20:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/04 15:15:53 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\CyberLink
[2009/05/23 11:20:38 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Download Manager
[2009/10/16 17:24:05 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\fofix
[2009/10/03 19:49:58 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\GetRightToGo
[2008/04/12 14:49:13 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Google
[2009/05/26 15:54:35 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\GrabPro
[2009/01/03 21:32:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Hamachi
[2008/03/01 18:41:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Hewlett-Packard
[2009/12/10 15:41:26 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\HighAndes
[2008/03/01 18:40:17 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Identities
[2008/06/22 08:21:10 | 00,000,000 | -H-D | M] -- C:\Users\ALAN\AppData\Roaming\ijjigame
[2008/11/01 12:46:46 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\InstallShield
[2009/09/27 17:38:14 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\IObit
[2009/10/18 20:08:03 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Launchy
[2009/01/16 20:59:42 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Macromedia
[2009/11/21 12:32:58 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Malwarebytes
[2006/11/02 05:37:34 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Media Center Programs
[2009/12/07 17:23:18 | 00,000,000 | --SD | M] -- C:\Users\ALAN\AppData\Roaming\Microsoft
[2009/04/15 16:33:08 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Motive
[2009/01/31 14:22:20 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Mozilla
[2009/02/09 18:54:01 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\NJStar
[2009/11/29 15:38:19 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\OnlineArmor
[2008/12/27 10:26:23 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Opera
[2009/05/27 15:48:00 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Orbit
[2008/04/03 17:48:57 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\PlayFirst
[2009/10/18 18:10:51 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Publish Providers
[2009/11/29 16:41:40 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\r2 Studios
[2009/12/03 17:23:27 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Real
[2009/04/05 16:07:12 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Samsung
[2009/09/19 10:13:20 | 00,000,000 | RH-D | M] -- C:\Users\ALAN\AppData\Roaming\SecuROM
[2009/11/15 20:55:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SeriousBit
[2009/02/03 19:05:32 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SMART Technologies Inc
[2008/03/16 17:22:10 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Snapfish
[2009/09/15 19:58:54 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Sony
[2009/11/29 16:54:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/26 18:16:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\SystemRequirementsLab
[2009/05/25 15:35:53 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\TELUS
[2009/12/05 22:05:09 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\TeraCopy
[2009/10/22 17:11:10 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Ubisoft
[2009/09/08 20:27:41 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Warsow 0.5
[2009/10/17 12:26:33 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WildTangent
[2008/03/08 19:01:45 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WinBatch
[2008/07/07 18:26:24 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\WinRAR
[2009/11/15 20:50:38 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Winsplit Revolution
[2009/11/29 19:21:36 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Xfire
[2009/10/03 19:50:43 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Xilisoft Corporation
[2009/11/13 18:36:39 | 00,000,000 | ---D | M] -- C:\Users\ALAN\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2009/10/11 06:49:12 | 00,536,576 | ---- | M] (The Chromium Authors) -- C:\Users\ALAN\AppData\Roaming\ChromePlus\chrome.exe
[2009/10/18 20:29:05 | 00,054,036 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\ChromePlus_uninstall.exe
[2009/10/11 08:33:02 | 00,110,592 | ---- | M] ( ) -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\IEHost.exe
[2009/09/28 09:42:26 | 00,067,072 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\wow_helper.exe
[2009/09/09 00:45:04 | 00,106,496 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ChromePlus\1.2.6.0\Installer\ChromePlusUpgrade.exe
[2008/06/18 17:55:12 | 00,480,688 | ---- | M] (NHN USA Corp.) -- C:\Users\ALAN\AppData\Roaming\ijjigame\ijjistarter2.exe
[2008/07/03 16:56:56 | 00,480,688 | ---- | M] (NHN USA Corp.) -- C:\Users\ALAN\AppData\Roaming\ijjigame\ijjistarter2FxB.exe
[2008/04/26 16:23:27 | 21,092,7632 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\ijjigame\U_GUNZ_Setup.exe
[2009/12/05 22:58:40 | 00,038,208 | ---- | M] () -- C:\Users\ALAN\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009/06/29 16:42:04 | 00,009,158 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2009/11/23 18:07:43 | 00,010,134 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{A548C254-03BB-22F8-1064-899487B3CF85}\ARPPRODUCTICON.exe
[2009/12/10 15:38:36 | 00,007,886 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_21F3885A18D238E15AAE81.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_644DB78AE1AB52B2CDA4B9.exe
[2009/12/10 15:38:36 | 00,007,886 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_6FEFF9B68218417F98F549.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_D707CE1C009F1381803C2C.exe
[2009/12/10 15:38:36 | 00,034,494 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{ABBA0799-F982-414C-9A8B-17EB03D39677}\_F794E6573924251877968F.exe
[2008/03/09 17:11:01 | 00,010,134 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
[2009/11/29 16:55:02 | 00,018,944 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
[2009/11/29 16:55:02 | 00,065,024 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
[2009/11/29 16:55:02 | 00,005,120 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
[2009/10/08 15:41:17 | 00,003,262 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{E7394983-3869-46F4-A117-EB148F104D79}\ARPPRODUCTICON.exe
[2009/10/08 15:41:17 | 00,003,262 | R--- | M] () -- C:\Users\ALAN\AppData\Roaming\Microsoft\Installer\{E7394983-3869-46F4-A117-EB148F104D79}\BOINCManagerShortcut_F8D63239C34C43E18FC7841149A9E4C1.exe
< %SYSTEMDRIVE%\*.exe >
[2009/12/05 09:46:29 | 00,077,312 | ---- | M] () -- C:\mbr.exe
< MD5 for: AGP440.SYS >
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 02:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/01 18:55:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/03/01 18:55:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/03/01 18:55:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006/11/02 02:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 00:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=2A0CC26D67B38460CC7563BC8313C1D6 -- C:\NVIDIA\nForceWinVista\15.23\IS\IDE\WinVista\sataraid\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=615D79A1D2C98817FF2FDEB1B167D808 -- C:\NVIDIA\nForceWinVista\15.01\IDE\WinVista\sata_ide\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=615D79A1D2C98817FF2FDEB1B167D808 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_a195c2b5\nvstor32.sys
[2007/10/26 19:51:24 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=7EBA6C9A0A295B1559EFB9062E701218 -- C:\Windows\System32\drivers\nvstor32.sys
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\NVIDIA\nForceWinVista\15.23\IS\IDE\WinVista\sata_ide\nvstor32.sys
[2008/08/18 18:58:00 | 00,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_d87a3a1f\nvstor32.sys
[2007/07/02 10:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\hp\DRIVERS\NVIDIA_Serial_ATA\nvstor32.sys
[2007/07/02 10:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_6b03e392\nvstor32.sys
[2007/04/19 12:12:58 | 00,102,696 | ---- | M] (NVIDIA Corporation) MD5=E1C2036823B9E75535051499C61350F6 -- C:\NVIDIA\nForceWinVista\15.01\IDE\WinVista\sataraid\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2008/01/19 00:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 02:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D0F3EA78
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:6DFF1A8A
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:C31F31E6
< End of report >
#53
Posted 12 December 2009 - 10:26 AM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
The Extras.txt
OTL Extras logfile created on: 12/12/2009 9:17:44 AM - Run 1
OTL by OldTimer - Version 3.1.16.0 Folder = C:\Users\ALAN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 87.75% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4603 4603 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.88 Gb Total Space | 252.29 Gb Free Space | 55.22% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 0.85 Gb Free Space | 9.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALAN-PC
Current User Name: ALAN
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B8701C-6563-49B3-8289-27AE58B8CB4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A827F24-5160-48B7-BDA0-90BDE4CB3D1B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{29B4D67A-8763-4804-A651-BCEF7FA29517}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3B24CDE2-E58F-43CB-8FC1-6B6BC6DED87B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4091CFDF-8122-4F2A-968B-29515E25B741}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4A52C92F-9747-452F-BC2A-0466D00EBA07}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5F7FA8E6-1676-468A-B6A6-2D4E4BABD04B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6A2AA1D9-2F85-4DC6-8F8C-76B61777E054}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{7143666D-5D89-4821-9A17-54020CE4B0A8}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{89B822F0-99E5-48BB-B360-F99552496050}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8F37B744-3028-4D52-952F-48D23C19B528}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{932A46FE-036C-4B43-9880-02610D869D98}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A7BE765B-B6CD-4FFB-B15E-059584F2C8E4}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{AE835F36-EBFB-49C5-A158-F2FC440D875B}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{B4D77E2A-E734-4D13-A034-F0F8CB4FDF3C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B6712AEE-1C90-430B-80A2-77EC0B4135A5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CFC61EC8-D34E-4751-A0C1-E8B96134E4F8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8893BC2-A534-4DA6-9E7F-91D8FC1AF9C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CD8922-D00E-4EA0-97AC-37C64987742E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{088F448E-80D7-43A4-908F-349D5F5019DF}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{095CE21D-C7B9-423D-A297-32CF9E91965D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{0A03646B-BEFA-4BDA-BDE2-B4D62A3DB631}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0EAA7589-64CD-4463-BCF5-9AD09533CED3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{17AE8706-0CE7-41F6-AF78-64318A996A9F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1CAABF84-2356-4BFB-AF59-B1E4C13D1846}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1E76BF2E-2B13-41FD-81A2-9A2496AA950F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{1F5BBEA2-C65E-435C-86E8-815F865AF041}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{25C2F239-F07B-4C7D-97AE-9A5800CE79BE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sam and max episode 4\sammax104_drm.exe |
"{264FF486-BCB4-423D-BA65-F3362D59BFE0}" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\temp\7zsbc2d.tmp\symnrt.exe |
"{2672AD7C-DB7B-4BB3-9152-0C74C3EFDCD2}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{2994E6B0-6050-4294-A7CF-80088D9D60D4}" = protocol=17 | dir=in | app=c:\program files\adventurequest worlds toolbar\troubleshooter.exe |
"{2FEC0472-B118-47A9-907E-2D939F0AD308}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{309B252A-B678-4D91-8057-533AE50C89E5}" = protocol=6 | dir=in | app=c:\program files\adventurequest worlds toolbar\toolbarupdate.exe |
"{3210BF69-67B2-49C2-A63B-992722BC4F80}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{3A33BD40-E626-4960-A0D0-A51A20F83BB3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{3DA92A3F-FF7F-42DB-B87C-F9CB307D1754}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{4470E9A5-A643-44FD-ACCA-A4AFD2EFE756}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{45C53DE0-5A6D-4510-AF4C-09A89678E0E9}" = protocol=17 | dir=in | app=c:\program files\adventurequest worlds toolbar\toolbarupdate.exe |
"{4633A3E7-4115-4F97-8E8D-36312D1FC192}" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher.exe |
"{544CEBA3-7083-48C4-B616-CAC4ED4ED76F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{57FB0340-89F3-4A14-A62C-CFBA07BBFD2E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{58707C40-EC43-4581-8847-C7584F9F8979}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{58743D3F-0051-4FFD-87C1-A2ABD94A57B3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{58C63E15-5206-412B-908D-D6537F66D7AB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{626FFA1D-8610-41AE-A8B9-E74BD3F0D1BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{657B082E-38A4-4616-8ECB-6C5938ADC592}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mightier\mightier.exe |
"{67E590FD-01D5-4D81-816F-9169EFFF136A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{6C685E55-80E1-40AF-B285-0FD547CE1B0D}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{73C1830E-01F7-4558-AB78-4E14BCA8258E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{75993878-64A3-4B1F-9264-091DBF94E052}" = protocol=6 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{7AC643AE-440D-47A3-BF6C-3AE039966028}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8354507F-79CE-42A2-9BD0-3D9D7E5E4078}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{91F1F045-7B91-43C8-AD28-F78410BF77C0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{97665B0A-F8FD-4754-BE73-3C19F382CA76}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{97678543-4CB0-486C-8215-0A04256AB72A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{9A05D179-6D25-45C9-AE61-04E4A09EA7DA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{9B7EDC8A-AA02-4135-BA35-2CA4291B253D}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9C46D263-3485-415D-AB9D-EE4511B1DF2A}" = protocol=6 | dir=in | app=c:\windows\temp\~osc295.tmp\opnsqr.exe |
"{9F7622AE-FF62-4F5B-88DF-360E6D8CA097}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{A0FB307A-7248-48D0-BC1A-445950A66A49}" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher (1).exe |
"{A38F33F9-B8C0-4F22-909E-A90F49BDCBAD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sam and max episode 4\sammax104_drm.exe |
"{AB179F42-AB3F-45B2-9F22-3D80788A1131}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{ABE255F2-CCBB-446B-B4C2-D8499D9636AE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{AE1B6BD2-FEA4-46F6-8695-925632BBE2E4}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B0D0E571-2E18-43C2-BC83-A377ABAC522D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{B8840938-6FCC-4227-82B8-24D686230A9C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{BCCF1E45-AE32-4947-80E4-1EC8ADD1F5FD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mightier\mightier.exe |
"{BF02D6C9-4B2C-417B-BADD-1A22EFFAFF4A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{BFDC18B5-4614-4C3B-86CA-763A7AC020DC}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{C1C12F80-B57A-4ED7-90D0-69B8DA8DF627}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D0C48DC3-4F58-4A5C-A661-B2622B53B886}" = protocol=17 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{D5E47A79-51DE-4A4F-B34E-1D8A0F9F8E60}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{D813DF86-6841-4067-9692-5D778DA13C65}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{DCF45273-6C58-45AC-8726-D735B4C72C61}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E06A4B80-89D6-4F36-AC3C-959DCB65A9AC}" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher.exe |
"{E804AA7B-A4C9-4AD7-B153-7F828F21C729}" = protocol=6 | dir=in | app=c:\program files\adventurequest worlds toolbar\troubleshooter.exe |
"{ECF76C95-3844-41F4-A49E-67906646FCB3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EDBE3FC2-D566-4032-8A16-E9C152BEF8A9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{EE31D3C4-1258-4E66-967B-E6A163807B24}" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\temp\7zsbc2d.tmp\symnrt.exe |
"{F5B610E2-9254-4736-AC8F-2FDDAB63F2D6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FB669716-62E0-4507-A0C3-6D069335DB45}" = protocol=6 | dir=in | app=c:\windows\temp\~osf299.tmp\prmrsr.exe |
"{FC77A00B-EA08-481D-8082-6DDC23FB3A01}" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher (1).exe |
"TCP Query User{0B719555-0D8E-4971-AAE2-2200E08DE83F}C:\ac web ultimate repack\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\server\mysql\bin\mysqld.exe |
"TCP Query User{0DC27F79-D900-46EE-8F76-CA66EA0C1C14}C:\ac web ultimate repack\server\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\server\apache\bin\apache.exe |
"TCP Query User{0FE53ED3-AE63-4978-AF35-B2C5ED5248D9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{113F0565-77E7-4E5A-B184-67D680A1F8C6}C:\ac web ultimate repack\ascent\ascent-logonserver.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-logonserver.exe |
"TCP Query User{16043591-C1CE-468F-BC44-35D34CCA52C7}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{1863AE9B-A3BA-4C2F-8C5F-A512FF615D2F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{1E302F0B-AC11-4AF6-A5A7-B46F6762BCC4}C:\trinity entertainment\trinity gunz\gunz.exe" = protocol=6 | dir=in | app=c:\trinity entertainment\trinity gunz\gunz.exe |
"TCP Query User{22707934-89D5-44ED-9594-C1249AEEE9D6}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"TCP Query User{2C7D0BBD-4765-452B-AD09-F4D66F9BEAEC}C:\users\alan\downloads\wowclient-downloader.exe" = protocol=6 | dir=in | app=c:\users\alan\downloads\wowclient-downloader.exe |
"TCP Query User{3ADE619E-6E05-4EDC-9C4D-CD6CB9AD2080}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe |
"TCP Query User{4819ED2D-8954-4CEA-92EC-0CB041486018}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{4CD94965-12CF-4AE6-983A-80E9BA2B4226}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe |
"TCP Query User{55F2F05E-EE36-4ABA-B785-55C4059353B7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5B690B84-5C0B-433C-843D-86FC6E04CEAD}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"TCP Query User{5D0D1272-B852-46E8-A108-5FD4941D1FCB}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{5D4FDF23-D815-4265-857B-40013FF1BB08}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"TCP Query User{5DDD0263-DD0F-489C-85FF-E086B0E12195}C:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe |
"TCP Query User{68E169F7-10BA-44E4-9037-98DA4B86D6CA}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"TCP Query User{70AC20B5-78DA-491D-8DCC-9A4CF379B382}C:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe |
"TCP Query User{77E285E5-18D5-4713-B7EC-9304A79A296A}C:\alien arena 2009\crx.exe" = protocol=6 | dir=in | app=c:\alien arena 2009\crx.exe |
"TCP Query User{7BD464A8-1264-47CD-ACEB-A770E092466C}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{86429B82-F3F3-4F9E-9794-0AD902072F64}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{92A60A4A-FEC5-4370-A789-98BDC4EC6E5C}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe |
"TCP Query User{9670A8EB-DD77-46C7-AFE6-D68F35246F44}C:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\world of warcraft\repair.exe |
"TCP Query User{B4E4CC3D-6603-402F-94DA-CEF8F009A90C}C:\ijji\english\u_gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_gunz.exe |
"TCP Query User{C489DDD5-09B8-42B6-99A8-97F1D025B14B}C:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{D3096553-D449-4957-B28B-FE65665A21BF}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{D787ECD8-8AEE-4077-9F8D-67252E857A49}C:\ac web ultimate repack\ascent\ascent-world.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-world.exe |
"TCP Query User{DC5187C9-B0EC-4274-A152-3F3DC7FDD411}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{EBFBDF28-9DB2-45E1-BFF2-1AC3D033F23F}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{F685BDE2-A614-42F3-81EA-D1785226C280}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{F77CC665-ECBF-41E3-A5F8-DCA94B7F0ED3}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{FAD368A8-8181-4289-8B4C-89479C311BE9}C:\program files\maiet\new folder\drgunz.exe" = protocol=6 | dir=in | app=c:\program files\maiet\new folder\drgunz.exe |
"UDP Query User{0BFBC220-66BC-4745-817D-CFE7E05A7C89}C:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe |
"UDP Query User{1341F8C8-54E5-4806-B2D5-432502C1B914}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{22FB9D38-EE3E-4E24-9B3D-8D2E5599377D}C:\trinity entertainment\trinity gunz\gunz.exe" = protocol=17 | dir=in | app=c:\trinity entertainment\trinity gunz\gunz.exe |
"UDP Query User{29BF80EF-E4EC-4BBB-87AD-FD1684420557}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{2CB6ECE9-2D66-4544-A5F7-60D2954E62A1}C:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\world of warcraft\repair.exe |
"UDP Query User{31AD7311-0404-4169-8687-DF49B451F271}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{3ED2EEEC-D6A7-4B99-8B36-465BD227E289}C:\ac web ultimate repack\ascent\ascent-world.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-world.exe |
"UDP Query User{4469CB1F-36B3-4731-915C-735C64924122}C:\ijji\english\u_gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_gunz.exe |
"UDP Query User{458937C2-925B-4494-B4F5-9017F8D5EE1B}C:\users\alan\downloads\wowclient-downloader.exe" = protocol=17 | dir=in | app=c:\users\alan\downloads\wowclient-downloader.exe |
"UDP Query User{46B17A83-979B-457C-8996-D92812C96F97}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{55DA7C2E-F4FE-416F-83AB-CCBF1BBB220B}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{6119EA24-200C-45CF-894F-FB4FEAF7E6E8}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"UDP Query User{6187C658-7F8D-4A1F-A223-0B9455C6A5E4}C:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe |
"UDP Query User{64A84C4B-DF85-455D-AB00-A2173AA9B574}C:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"UDP Query User{6A9D0430-33D9-4FD1-97A6-2D30DE74F96B}C:\alien arena 2009\crx.exe" = protocol=17 | dir=in | app=c:\alien arena 2009\crx.exe |
"UDP Query User{74C36F72-761E-4544-B43D-2EE216A72D52}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"UDP Query User{76FAB6D1-F000-4260-94C2-15275409FF7B}C:\program files\maiet\new folder\drgunz.exe" = protocol=17 | dir=in | app=c:\program files\maiet\new folder\drgunz.exe |
"UDP Query User{7BA3FCBC-BED6-4733-A900-3E3F656C919F}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{7E7289C4-186D-472D-B625-2A463346EFF1}C:\ac web ultimate repack\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\server\mysql\bin\mysqld.exe |
"UDP Query User{839F1AEC-CC38-49CE-9218-F8127AC85023}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"UDP Query User{846CD644-7049-4EC2-99F9-FE7D184E44B3}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"UDP Query User{B0F11D92-E588-47FD-B195-A6B1B7429877}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C0621E0B-DE29-4D72-A7BA-F43DAE9591BE}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{C96533FD-73D7-4537-B7B8-A93EA7F4ECF6}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{CF687041-5147-4301-9D3E-9D2C7A213B14}C:\ac web ultimate repack\server\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\server\apache\bin\apache.exe |
"UDP Query User{D0B04741-22C3-412B-BD54-962782BD90D9}C:\ac web ultimate repack\ascent\ascent-logonserver.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-logonserver.exe |
"UDP Query User{D186D19E-AF19-436D-9B2F-9B7C3369C62C}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe |
"UDP Query User{D3C3CB80-8480-4F14-A1D3-8A3B64572C95}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{D7C1FC99-789D-43FB-A0E0-B83FB0FFCEC4}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{D9D108BE-BD28-4149-BB84-A3DE07ED6B28}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{E8FFBFE1-90AD-4F7F-A7B8-B8D5D8D808CA}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E909B0C8-271E-499A-B310-B47F40A3035F}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe |
"UDP Query User{E93CA7D9-4A2D-4948-AA36-9BA91224D16F}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07B739FD-DD3E-5060-6DF2-1D0A6448C192}" = Catalyst Control Center Graphics Full Existing
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0DB87EAC-F695-4D59-9609-C93119AE6B35}" = SAMSUNG Dr. Printer
"{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}" = HP Total Care Advisor
"{101C938A-B723-97FB-A065-EDFD782E5978}" = Catalyst Control Center Graphics Light
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{188CEE76-0503-4910-A845-E1DC45685DA0}" = RangeBooster G WUA-2340
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{36787A11-7848-3C1C-17E3-667A9FFB0E9C}" = Catalyst Control Center Core Implementation
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4DFAEE3E-3489-5236-9028-1A5B9B359CD0}" = Catalyst Control Center Graphics Full New
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5BFB956C-3AB9-492A-9E91-5D8C87DCC598}" = Paint.NET v3.5.1
"{5D8CC168-A12E-422D-A3DF-53AD64E4F1ED}" = RPS CRT
"{5FE82A80-8985-082F-9B61-7EEDB1FCB461}" = ccc-core-static
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78610B4D-3157-9EA6-905E-64F144EC1E30}" = Catalyst Control Center Graphics Previews Common
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9600B88C-BE14-4BEA-A529-F5F312900BA3}" = Samsung PC Studio 3
"{96FF1134-84D4-8E51-0C1D-1798C6EED45E}" = Catalyst Control Center Graphics Previews Vista
"{99D3379A-4741-FC40-5E63-E47DD31560D2}" = CCC Help English
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0F66FCA-8206-9034-9B67-D1F50DA2DDAC}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A548C254-03BB-22F8-1064-899487B3CF85}" = Catalyst Control Center InstallProxy
"{AB06254A-9A28-F8AD-236E-FB5C3108FE85}" = ATI Catalyst Install Manager
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus®
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E55250B8-D012-47A3-97E2-99FFBD0D3AD3}" = Just Flight - FS Insider C152
"{E7394983-3869-46F4-A117-EB148F104D79}" = World Community Grid - BOINC for Windows
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F27BAAE4-7559-1836-67D7-70E27486C9E2}" = HydraVision
"{F6124436-F906-7B89-7009-50BB8CD7CA93}" = ccc-utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Public Beta 1.1.6
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdventureQuest Worlds Toolbar" = AdventureQuest Worlds Toolbar
"avast!" = avast! Antivirus
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"FlashDevelop" = FlashDevelop 3.0.6
"Google Desktop" = Google Desktop
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Full)
"Launch of the Screaming Narwhal" = Tales of Monkey Island - Launch of the Screaming Narwhal
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Moo0 RightClicker" = Moo0 RightClicker 1.36
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MyDefrag v4.2.1_is1" = MyDefrag v4.2.1
"OnlineArmor_is1" = Online Armor 4.0
"OpenAL" = OpenAL
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PicNic" = PicNic
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Samsung CLP-300 Series" = Samsung CLP-300 Series
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Startup Delayer" = Startup Delayer v2.5 (build 138)
"SystemRequirementsLab" = System Requirements Lab
"TeraCopy_is1" = TeraCopy 2.01
"TreeX_is1" = TreeX V2
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (ALAN)
"AI RoboForm" = AI RoboForm
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 23/11/2009 8:53:37 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 5.
Error - 23/11/2009 9:04:08 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 5.
Error - 29/11/2009 12:15:09 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\System32\WerFault.exe failed, 00000005.
Error - 29/11/2009 7:46:14 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ProgramData\Symantec\Common Client\settings.dat failed, 00000005.
[ Application Events ]
Error - 06/09/2009 12:19:09 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06/09/2009 3:29:29 PM | Computer Name = ALAN-PC | Source = VSS | ID = 8194
Description =
Error - 06/09/2009 3:34:55 PM | Computer Name = ALAN-PC | Source = VSS | ID = 8194
Description =
Error - 06/09/2009 10:07:15 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06/09/2009 10:17:45 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07/09/2009 11:23:58 AM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07/09/2009 3:03:27 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 6:27:40 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 6:53:29 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 8:35:53 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 15/04/2008 8:12:37 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 27/10/2008 7:53:05 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 25/01/2009 7:49:14 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 08/03/2009 5:37:13 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 21/03/2009 11:47:42 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide
Error - 04/04/2009 10:56:26 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 05/04/2009 11:49:35 AM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 23/05/2009 11:03:36 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 09/06/2009 7:17:40 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 11/06/2009 8:43:34 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 11/12/2009 7:44:15 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:44:25 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:51:59 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:52:07 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 8:42:42 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 8:42:52 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 10:28:14 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 10:28:25 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/12/2009 12:06:58 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/12/2009 12:07:07 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
< End of report >
OTL Extras logfile created on: 12/12/2009 9:17:44 AM - Run 1
OTL by OldTimer - Version 3.1.16.0 Folder = C:\Users\ALAN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 87.75% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4603 4603 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.88 Gb Total Space | 252.29 Gb Free Space | 55.22% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 0.85 Gb Free Space | 9.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALAN-PC
Current User Name: ALAN
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B8701C-6563-49B3-8289-27AE58B8CB4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A827F24-5160-48B7-BDA0-90BDE4CB3D1B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{29B4D67A-8763-4804-A651-BCEF7FA29517}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3B24CDE2-E58F-43CB-8FC1-6B6BC6DED87B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4091CFDF-8122-4F2A-968B-29515E25B741}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4A52C92F-9747-452F-BC2A-0466D00EBA07}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5F7FA8E6-1676-468A-B6A6-2D4E4BABD04B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6A2AA1D9-2F85-4DC6-8F8C-76B61777E054}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{7143666D-5D89-4821-9A17-54020CE4B0A8}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{89B822F0-99E5-48BB-B360-F99552496050}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8F37B744-3028-4D52-952F-48D23C19B528}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{932A46FE-036C-4B43-9880-02610D869D98}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A7BE765B-B6CD-4FFB-B15E-059584F2C8E4}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{AE835F36-EBFB-49C5-A158-F2FC440D875B}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{B4D77E2A-E734-4D13-A034-F0F8CB4FDF3C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B6712AEE-1C90-430B-80A2-77EC0B4135A5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CFC61EC8-D34E-4751-A0C1-E8B96134E4F8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8893BC2-A534-4DA6-9E7F-91D8FC1AF9C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CD8922-D00E-4EA0-97AC-37C64987742E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{088F448E-80D7-43A4-908F-349D5F5019DF}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{095CE21D-C7B9-423D-A297-32CF9E91965D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{0A03646B-BEFA-4BDA-BDE2-B4D62A3DB631}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0EAA7589-64CD-4463-BCF5-9AD09533CED3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{17AE8706-0CE7-41F6-AF78-64318A996A9F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1CAABF84-2356-4BFB-AF59-B1E4C13D1846}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1E76BF2E-2B13-41FD-81A2-9A2496AA950F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{1F5BBEA2-C65E-435C-86E8-815F865AF041}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{25C2F239-F07B-4C7D-97AE-9A5800CE79BE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sam and max episode 4\sammax104_drm.exe |
"{264FF486-BCB4-423D-BA65-F3362D59BFE0}" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\temp\7zsbc2d.tmp\symnrt.exe |
"{2672AD7C-DB7B-4BB3-9152-0C74C3EFDCD2}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{2994E6B0-6050-4294-A7CF-80088D9D60D4}" = protocol=17 | dir=in | app=c:\program files\adventurequest worlds toolbar\troubleshooter.exe |
"{2FEC0472-B118-47A9-907E-2D939F0AD308}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{309B252A-B678-4D91-8057-533AE50C89E5}" = protocol=6 | dir=in | app=c:\program files\adventurequest worlds toolbar\toolbarupdate.exe |
"{3210BF69-67B2-49C2-A63B-992722BC4F80}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{3A33BD40-E626-4960-A0D0-A51A20F83BB3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{3DA92A3F-FF7F-42DB-B87C-F9CB307D1754}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{4470E9A5-A643-44FD-ACCA-A4AFD2EFE756}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{45C53DE0-5A6D-4510-AF4C-09A89678E0E9}" = protocol=17 | dir=in | app=c:\program files\adventurequest worlds toolbar\toolbarupdate.exe |
"{4633A3E7-4115-4F97-8E8D-36312D1FC192}" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher.exe |
"{544CEBA3-7083-48C4-B616-CAC4ED4ED76F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{57FB0340-89F3-4A14-A62C-CFBA07BBFD2E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{58707C40-EC43-4581-8847-C7584F9F8979}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{58743D3F-0051-4FFD-87C1-A2ABD94A57B3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{58C63E15-5206-412B-908D-D6537F66D7AB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{626FFA1D-8610-41AE-A8B9-E74BD3F0D1BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{657B082E-38A4-4616-8ECB-6C5938ADC592}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mightier\mightier.exe |
"{67E590FD-01D5-4D81-816F-9169EFFF136A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{6C685E55-80E1-40AF-B285-0FD547CE1B0D}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{73C1830E-01F7-4558-AB78-4E14BCA8258E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{75993878-64A3-4B1F-9264-091DBF94E052}" = protocol=6 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{7AC643AE-440D-47A3-BF6C-3AE039966028}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8354507F-79CE-42A2-9BD0-3D9D7E5E4078}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{91F1F045-7B91-43C8-AD28-F78410BF77C0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{97665B0A-F8FD-4754-BE73-3C19F382CA76}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{97678543-4CB0-486C-8215-0A04256AB72A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{9A05D179-6D25-45C9-AE61-04E4A09EA7DA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{9B7EDC8A-AA02-4135-BA35-2CA4291B253D}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9C46D263-3485-415D-AB9D-EE4511B1DF2A}" = protocol=6 | dir=in | app=c:\windows\temp\~osc295.tmp\opnsqr.exe |
"{9F7622AE-FF62-4F5B-88DF-360E6D8CA097}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{A0FB307A-7248-48D0-BC1A-445950A66A49}" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher (1).exe |
"{A38F33F9-B8C0-4F22-909E-A90F49BDCBAD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sam and max episode 4\sammax104_drm.exe |
"{AB179F42-AB3F-45B2-9F22-3D80788A1131}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{ABE255F2-CCBB-446B-B4C2-D8499D9636AE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{AE1B6BD2-FEA4-46F6-8695-925632BBE2E4}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B0D0E571-2E18-43C2-BC83-A377ABAC522D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{B8840938-6FCC-4227-82B8-24D686230A9C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{BCCF1E45-AE32-4947-80E4-1EC8ADD1F5FD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mightier\mightier.exe |
"{BF02D6C9-4B2C-417B-BADD-1A22EFFAFF4A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{BFDC18B5-4614-4C3B-86CA-763A7AC020DC}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{C1C12F80-B57A-4ED7-90D0-69B8DA8DF627}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D0C48DC3-4F58-4A5C-A661-B2622B53B886}" = protocol=17 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{D5E47A79-51DE-4A4F-B34E-1D8A0F9F8E60}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{D813DF86-6841-4067-9692-5D778DA13C65}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{DCF45273-6C58-45AC-8726-D735B4C72C61}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E06A4B80-89D6-4F36-AC3C-959DCB65A9AC}" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher.exe |
"{E804AA7B-A4C9-4AD7-B153-7F828F21C729}" = protocol=6 | dir=in | app=c:\program files\adventurequest worlds toolbar\troubleshooter.exe |
"{ECF76C95-3844-41F4-A49E-67906646FCB3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EDBE3FC2-D566-4032-8A16-E9C152BEF8A9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{EE31D3C4-1258-4E66-967B-E6A163807B24}" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\temp\7zsbc2d.tmp\symnrt.exe |
"{F5B610E2-9254-4736-AC8F-2FDDAB63F2D6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FB669716-62E0-4507-A0C3-6D069335DB45}" = protocol=6 | dir=in | app=c:\windows\temp\~osf299.tmp\prmrsr.exe |
"{FC77A00B-EA08-481D-8082-6DDC23FB3A01}" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\cafe_launcher (1).exe |
"TCP Query User{0B719555-0D8E-4971-AAE2-2200E08DE83F}C:\ac web ultimate repack\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\server\mysql\bin\mysqld.exe |
"TCP Query User{0DC27F79-D900-46EE-8F76-CA66EA0C1C14}C:\ac web ultimate repack\server\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\server\apache\bin\apache.exe |
"TCP Query User{0FE53ED3-AE63-4978-AF35-B2C5ED5248D9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{113F0565-77E7-4E5A-B184-67D680A1F8C6}C:\ac web ultimate repack\ascent\ascent-logonserver.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-logonserver.exe |
"TCP Query User{16043591-C1CE-468F-BC44-35D34CCA52C7}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{1863AE9B-A3BA-4C2F-8C5F-A512FF615D2F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{1E302F0B-AC11-4AF6-A5A7-B46F6762BCC4}C:\trinity entertainment\trinity gunz\gunz.exe" = protocol=6 | dir=in | app=c:\trinity entertainment\trinity gunz\gunz.exe |
"TCP Query User{22707934-89D5-44ED-9594-C1249AEEE9D6}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"TCP Query User{2C7D0BBD-4765-452B-AD09-F4D66F9BEAEC}C:\users\alan\downloads\wowclient-downloader.exe" = protocol=6 | dir=in | app=c:\users\alan\downloads\wowclient-downloader.exe |
"TCP Query User{3ADE619E-6E05-4EDC-9C4D-CD6CB9AD2080}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe |
"TCP Query User{4819ED2D-8954-4CEA-92EC-0CB041486018}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{4CD94965-12CF-4AE6-983A-80E9BA2B4226}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe |
"TCP Query User{55F2F05E-EE36-4ABA-B785-55C4059353B7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5B690B84-5C0B-433C-843D-86FC6E04CEAD}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"TCP Query User{5D0D1272-B852-46E8-A108-5FD4941D1FCB}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{5D4FDF23-D815-4265-857B-40013FF1BB08}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"TCP Query User{5DDD0263-DD0F-489C-85FF-E086B0E12195}C:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe |
"TCP Query User{68E169F7-10BA-44E4-9037-98DA4B86D6CA}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"TCP Query User{70AC20B5-78DA-491D-8DCC-9A4CF379B382}C:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe |
"TCP Query User{77E285E5-18D5-4713-B7EC-9304A79A296A}C:\alien arena 2009\crx.exe" = protocol=6 | dir=in | app=c:\alien arena 2009\crx.exe |
"TCP Query User{7BD464A8-1264-47CD-ACEB-A770E092466C}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{86429B82-F3F3-4F9E-9794-0AD902072F64}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{92A60A4A-FEC5-4370-A789-98BDC4EC6E5C}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe" = protocol=6 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe |
"TCP Query User{9670A8EB-DD77-46C7-AFE6-D68F35246F44}C:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\world of warcraft\repair.exe |
"TCP Query User{B4E4CC3D-6603-402F-94DA-CEF8F009A90C}C:\ijji\english\u_gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_gunz.exe |
"TCP Query User{C489DDD5-09B8-42B6-99A8-97F1D025B14B}C:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{D3096553-D449-4957-B28B-FE65665A21BF}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{D787ECD8-8AEE-4077-9F8D-67252E857A49}C:\ac web ultimate repack\ascent\ascent-world.exe" = protocol=6 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-world.exe |
"TCP Query User{DC5187C9-B0EC-4274-A152-3F3DC7FDD411}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{EBFBDF28-9DB2-45E1-BFF2-1AC3D033F23F}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{F685BDE2-A614-42F3-81EA-D1785226C280}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{F77CC665-ECBF-41E3-A5F8-DCA94B7F0ED3}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{FAD368A8-8181-4289-8B4C-89479C311BE9}C:\program files\maiet\new folder\drgunz.exe" = protocol=6 | dir=in | app=c:\program files\maiet\new folder\drgunz.exe |
"UDP Query User{0BFBC220-66BC-4745-817D-CFE7E05A7C89}C:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\speedcuber101\half-life 2 deathmatch\hl2.exe |
"UDP Query User{1341F8C8-54E5-4806-B2D5-432502C1B914}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{22FB9D38-EE3E-4E24-9B3D-8D2E5599377D}C:\trinity entertainment\trinity gunz\gunz.exe" = protocol=17 | dir=in | app=c:\trinity entertainment\trinity gunz\gunz.exe |
"UDP Query User{29BF80EF-E4EC-4BBB-87AD-FD1684420557}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{2CB6ECE9-2D66-4544-A5F7-60D2954E62A1}C:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\world of warcraft\repair.exe |
"UDP Query User{31AD7311-0404-4169-8687-DF49B451F271}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{3ED2EEEC-D6A7-4B99-8B36-465BD227E289}C:\ac web ultimate repack\ascent\ascent-world.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-world.exe |
"UDP Query User{4469CB1F-36B3-4731-915C-735C64924122}C:\ijji\english\u_gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_gunz.exe |
"UDP Query User{458937C2-925B-4494-B4F5-9017F8D5EE1B}C:\users\alan\downloads\wowclient-downloader.exe" = protocol=17 | dir=in | app=c:\users\alan\downloads\wowclient-downloader.exe |
"UDP Query User{46B17A83-979B-457C-8996-D92812C96F97}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{55DA7C2E-F4FE-416F-83AB-CCBF1BBB220B}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{6119EA24-200C-45CF-894F-FB4FEAF7E6E8}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"UDP Query User{6187C658-7F8D-4A1F-A223-0B9455C6A5E4}C:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3 dedicated server\binaries\aa3game.exe |
"UDP Query User{64A84C4B-DF85-455D-AB00-A2173AA9B574}C:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"UDP Query User{6A9D0430-33D9-4FD1-97A6-2D30DE74F96B}C:\alien arena 2009\crx.exe" = protocol=17 | dir=in | app=c:\alien arena 2009\crx.exe |
"UDP Query User{74C36F72-761E-4544-B43D-2EE216A72D52}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"UDP Query User{76FAB6D1-F000-4260-94C2-15275409FF7B}C:\program files\maiet\new folder\drgunz.exe" = protocol=17 | dir=in | app=c:\program files\maiet\new folder\drgunz.exe |
"UDP Query User{7BA3FCBC-BED6-4733-A900-3E3F656C919F}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{7E7289C4-186D-472D-B625-2A463346EFF1}C:\ac web ultimate repack\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\server\mysql\bin\mysqld.exe |
"UDP Query User{839F1AEC-CC38-49CE-9218-F8127AC85023}C:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe |
"UDP Query User{846CD644-7049-4EC2-99F9-FE7D184E44B3}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"UDP Query User{B0F11D92-E588-47FD-B195-A6B1B7429877}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C0621E0B-DE29-4D72-A7BA-F43DAE9591BE}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{C96533FD-73D7-4537-B7B8-A93EA7F4ECF6}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{CF687041-5147-4301-9D3E-9D2C7A213B14}C:\ac web ultimate repack\server\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\server\apache\bin\apache.exe |
"UDP Query User{D0B04741-22C3-412B-BD54-962782BD90D9}C:\ac web ultimate repack\ascent\ascent-logonserver.exe" = protocol=17 | dir=in | app=c:\ac web ultimate repack\ascent\ascent-logonserver.exe |
"UDP Query User{D186D19E-AF19-436D-9B2F-9B7C3369C62C}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (4).exe |
"UDP Query User{D3C3CB80-8480-4F14-A1D3-8A3B64572C95}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{D7C1FC99-789D-43FB-A0E0-B83FB0FFCEC4}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{D9D108BE-BD28-4149-BB84-A3DE07ED6B28}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{E8FFBFE1-90AD-4F7F-A7B8-B8D5D8D808CA}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E909B0C8-271E-499A-B310-B47F40A3035F}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader.exe |
"UDP Query User{E93CA7D9-4A2D-4948-AA36-9BA91224D16F}C:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe" = protocol=17 | dir=in | app=c:\users\alan\documents\downloads\wotlk-beta-3.0.1-enus-downloader (3).exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07B739FD-DD3E-5060-6DF2-1D0A6448C192}" = Catalyst Control Center Graphics Full Existing
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0DB87EAC-F695-4D59-9609-C93119AE6B35}" = SAMSUNG Dr. Printer
"{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}" = HP Total Care Advisor
"{101C938A-B723-97FB-A065-EDFD782E5978}" = Catalyst Control Center Graphics Light
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{188CEE76-0503-4910-A845-E1DC45685DA0}" = RangeBooster G WUA-2340
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{36787A11-7848-3C1C-17E3-667A9FFB0E9C}" = Catalyst Control Center Core Implementation
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4DFAEE3E-3489-5236-9028-1A5B9B359CD0}" = Catalyst Control Center Graphics Full New
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5BFB956C-3AB9-492A-9E91-5D8C87DCC598}" = Paint.NET v3.5.1
"{5D8CC168-A12E-422D-A3DF-53AD64E4F1ED}" = RPS CRT
"{5FE82A80-8985-082F-9B61-7EEDB1FCB461}" = ccc-core-static
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78610B4D-3157-9EA6-905E-64F144EC1E30}" = Catalyst Control Center Graphics Previews Common
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9600B88C-BE14-4BEA-A529-F5F312900BA3}" = Samsung PC Studio 3
"{96FF1134-84D4-8E51-0C1D-1798C6EED45E}" = Catalyst Control Center Graphics Previews Vista
"{99D3379A-4741-FC40-5E63-E47DD31560D2}" = CCC Help English
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0F66FCA-8206-9034-9B67-D1F50DA2DDAC}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A548C254-03BB-22F8-1064-899487B3CF85}" = Catalyst Control Center InstallProxy
"{AB06254A-9A28-F8AD-236E-FB5C3108FE85}" = ATI Catalyst Install Manager
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus®
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E55250B8-D012-47A3-97E2-99FFBD0D3AD3}" = Just Flight - FS Insider C152
"{E7394983-3869-46F4-A117-EB148F104D79}" = World Community Grid - BOINC for Windows
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F27BAAE4-7559-1836-67D7-70E27486C9E2}" = HydraVision
"{F6124436-F906-7B89-7009-50BB8CD7CA93}" = ccc-utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Public Beta 1.1.6
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdventureQuest Worlds Toolbar" = AdventureQuest Worlds Toolbar
"avast!" = avast! Antivirus
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"FlashDevelop" = FlashDevelop 3.0.6
"Google Desktop" = Google Desktop
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Full)
"Launch of the Screaming Narwhal" = Tales of Monkey Island - Launch of the Screaming Narwhal
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Moo0 RightClicker" = Moo0 RightClicker 1.36
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MyDefrag v4.2.1_is1" = MyDefrag v4.2.1
"OnlineArmor_is1" = Online Armor 4.0
"OpenAL" = OpenAL
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PicNic" = PicNic
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Samsung CLP-300 Series" = Samsung CLP-300 Series
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Startup Delayer" = Startup Delayer v2.5 (build 138)
"SystemRequirementsLab" = System Requirements Lab
"TeraCopy_is1" = TeraCopy 2.01
"TreeX_is1" = TreeX V2
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (ALAN)
"AI RoboForm" = AI RoboForm
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 23/11/2009 8:53:37 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 5.
Error - 23/11/2009 9:04:08 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 5.
Error - 29/11/2009 12:15:09 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\System32\WerFault.exe failed, 00000005.
Error - 29/11/2009 7:46:14 PM | Computer Name = ALAN-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\ProgramData\Symantec\Common Client\settings.dat failed, 00000005.
[ Application Events ]
Error - 06/09/2009 12:19:09 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06/09/2009 3:29:29 PM | Computer Name = ALAN-PC | Source = VSS | ID = 8194
Description =
Error - 06/09/2009 3:34:55 PM | Computer Name = ALAN-PC | Source = VSS | ID = 8194
Description =
Error - 06/09/2009 10:07:15 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06/09/2009 10:17:45 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07/09/2009 11:23:58 AM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07/09/2009 3:03:27 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 6:27:40 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 6:53:29 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08/09/2009 8:35:53 PM | Computer Name = ALAN-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 15/04/2008 8:12:37 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 27/10/2008 7:53:05 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 25/01/2009 7:49:14 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 08/03/2009 5:37:13 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 21/03/2009 11:47:42 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide
Error - 04/04/2009 10:56:26 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 05/04/2009 11:49:35 AM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 23/05/2009 11:03:36 PM | Computer Name = ALAN-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 09/06/2009 7:17:40 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 11/06/2009 8:43:34 PM | Computer Name = ALAN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 11/12/2009 7:44:15 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:44:25 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:51:59 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 7:52:07 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 8:42:42 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 8:42:52 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 10:28:14 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 11/12/2009 10:28:25 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/12/2009 12:06:58 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/12/2009 12:07:07 PM | Computer Name = ALAN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
< End of report >
#54
Posted 12 December 2009 - 10:30 AM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Here is the MBR log.
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
kernel: MBR read successfully
user & kernel MBR OK
#55
Posted 12 December 2009 - 02:49 PM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
Hi,
Please follow these steps.
-- Step 1 --
Run Malwarebytes' Anti-Malware.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
-- Step 2 --
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
Please follow these steps.
-- Step 1 --
Run Malwarebytes' Anti-Malware.
- Select the Update tab and then click Check for Updates. If an update is found, it will download and install the latest version.
- Select the Scanner tab, select "Perform Quick Scan", then click Scan
- The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
-- Step 2 --
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
- Double-click SystemLook.exe to run it.
- Copy the content of the following codebox into the main textfield:
:reg HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /s HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop /s HKCU\Control Panel\Desktop
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
#56
Posted 12 December 2009 - 05:46 PM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
The MBAM report.
Malwarebytes' Anti-Malware 1.42
Database version: 3350
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865
12/12/2009 4:46:47 PM
mbam-log-2009-12-12 (16-46-47).txt
Scan type: Quick Scan
Objects scanned: 97875
Time elapsed: 5 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.42
Database version: 3350
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865
12/12/2009 4:46:47 PM
mbam-log-2009-12-12 (16-46-47).txt
Scan type: Quick Scan
Objects scanned: 97875
Time elapsed: 5 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
#57
Posted 12 December 2009 - 05:47 PM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Here is the SystemLook log.
SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 16:47 on 12/12/2009 by ALAN (Administrator - Elevation successful)
========== reg ==========
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"= 0000000000 (0)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"LockTaskbar"= 0x0000000001 (1)
"NoAddPrinter"= 0x0000000001 (1)
"NoAutoTrayNotify"= 0x0000000001 (1)
"NoCloseDragDropBands"= 0x0000000001 (1)
"NoDrives"= 0000000000 (0)
"NoLowDiskSpaceChecks"= 0x0000000001 (1)
"TaskbarNoResize"= 0x0000000001 (1)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
(No values found)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
(No values found)
[HKEY_CURRENT_USER\Control Panel\Desktop]
"ActiveWndTrackTimeout"= 0000000000 (0)
"AutoEndTasks"="1"
"BlockSendInputResets"="0"
"CaretWidth"= 0x0000000001 (1)
"ClickLockTime"= 0x00000004b0 (1200)
"CoolSwitchColumns"="7"
"CoolSwitchRows"="3"
"CursorBlinkRate"="530"
"DragFullWindows"="1"
"DragHeight"="4"
"DragWidth"="4"
"FocusBorderHeight"= 0x0000000001 (1)
"FocusBorderWidth"= 0x0000000001 (1)
"FontSmoothing"="2"
"FontSmoothingGamma"= 0x00000003e8 (1000)
"FontSmoothingOrientation"= 0x0000000001 (1)
"FontSmoothingType"= 0x0000000002 (2)
"ForegroundFlashCount"= 0x0000000003 (3)
"ForegroundLockTimeout"= 0000000000 (0)
"HungAppTimeout"="1000"
"LeftOverlapChars"="3"
"MenuShowDelay"="200"
"PaintDesktopVersion"= 0000000000 (0)
"Pattern Upgrade"="TRUE"
"RightOverlapChars"="3"
"ScreenSaveActive"="1"
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="300"
"SCRNSAVE.EXE"="boinc.scr"
"SmoothScroll"=00 00 00 00 (REG_BINARY)
"TileWallpaper"="0"
"UserPreferencesMask"=90 36 07 80 12 00 00 00 (REG_BINARY)
"WaitToKillAppTimeout"="1000"
"WallPaper"="C:\Users\ALAN\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg"
"WallpaperOriginX"= 0000000000 (0)
"WallpaperOriginY"= 0000000000 (0)
"WallpaperStyle"="2"
"WheelScrollChars"="4"
"WheelScrollLines"="4"
[HKEY_CURRENT_USER\Control Panel\Desktop\LanguageConfiguration]
[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]
-=End Of File=-
SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 16:47 on 12/12/2009 by ALAN (Administrator - Elevation successful)
========== reg ==========
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"= 0000000000 (0)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"LockTaskbar"= 0x0000000001 (1)
"NoAddPrinter"= 0x0000000001 (1)
"NoAutoTrayNotify"= 0x0000000001 (1)
"NoCloseDragDropBands"= 0x0000000001 (1)
"NoDrives"= 0000000000 (0)
"NoLowDiskSpaceChecks"= 0x0000000001 (1)
"TaskbarNoResize"= 0x0000000001 (1)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
(No values found)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
(No values found)
[HKEY_CURRENT_USER\Control Panel\Desktop]
"ActiveWndTrackTimeout"= 0000000000 (0)
"AutoEndTasks"="1"
"BlockSendInputResets"="0"
"CaretWidth"= 0x0000000001 (1)
"ClickLockTime"= 0x00000004b0 (1200)
"CoolSwitchColumns"="7"
"CoolSwitchRows"="3"
"CursorBlinkRate"="530"
"DragFullWindows"="1"
"DragHeight"="4"
"DragWidth"="4"
"FocusBorderHeight"= 0x0000000001 (1)
"FocusBorderWidth"= 0x0000000001 (1)
"FontSmoothing"="2"
"FontSmoothingGamma"= 0x00000003e8 (1000)
"FontSmoothingOrientation"= 0x0000000001 (1)
"FontSmoothingType"= 0x0000000002 (2)
"ForegroundFlashCount"= 0x0000000003 (3)
"ForegroundLockTimeout"= 0000000000 (0)
"HungAppTimeout"="1000"
"LeftOverlapChars"="3"
"MenuShowDelay"="200"
"PaintDesktopVersion"= 0000000000 (0)
"Pattern Upgrade"="TRUE"
"RightOverlapChars"="3"
"ScreenSaveActive"="1"
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="300"
"SCRNSAVE.EXE"="boinc.scr"
"SmoothScroll"=00 00 00 00 (REG_BINARY)
"TileWallpaper"="0"
"UserPreferencesMask"=90 36 07 80 12 00 00 00 (REG_BINARY)
"WaitToKillAppTimeout"="1000"
"WallPaper"="C:\Users\ALAN\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg"
"WallpaperOriginX"= 0000000000 (0)
"WallpaperOriginY"= 0000000000 (0)
"WallpaperStyle"="2"
"WheelScrollChars"="4"
"WheelScrollLines"="4"
[HKEY_CURRENT_USER\Control Panel\Desktop\LanguageConfiguration]
[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics]
-=End Of File=-
#58
Posted 13 December 2009 - 04:22 AM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
Hi,
Go to Control Panel -> Ease of Access Center -> Make it easier to focus on tasks
Check that Remove Background Images is not checked.
Go to Control Panel -> Ease of Access Center -> Make it easier to focus on tasks
Check that Remove Background Images is not checked.
#59
Posted 13 December 2009 - 11:31 AM
speedcuber101
- Topic Starter
-
- Member
-
- 41 posts
Member
Remove Background Images is not checked although the background image is still not there.
#60
Posted 13 December 2009 - 02:09 PM
hammerman
-
- Member
-
- 4,183 posts
Member 4k
Hi,
I think you should ask for help on the Vista Forum with this desktop problem.
Please give them a link to this topic and tell them I was helping you.
I think you should ask for help on the Vista Forum with this desktop problem.
Please give them a link to this topic and tell them I was helping you.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
