[code] OTS logfile created on: 1/18/2010 6:41:40 AM - Run 1 OTS by OldTimer - Version 3.1.19.1 Folder = C:\Documents and Settings\Althaf Hameez\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 84.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 75.46 Gb Free Space | 32.40% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ALTHAFH Current User Name: Althaf Hameez Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Althaf Hameez\My Documents\Downloads\OTS.exe -> [2010/01/18 06:40:21 | 00,632,320 | ---- | M] (OldTimer Tools) utorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe -> [2009/12/15 19:15:37 | 00,289,584 | ---- | M] (BitTorrent, Inc.) eyedefender.exe -> C:\Program Files\EyeDefender\EyeDefender.exe -> [2009/11/18 23:01:20 | 00,163,840 | ---- | M] () opendnsupdater.exe -> C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe -> [2009/11/17 01:28:38 | 00,839,168 | ---- | M] () hamachi-2.exe -> C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -> [2009/10/29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) msseces.exe -> C:\Program Files\Microsoft Security Essentials\msseces.exe -> [2009/09/13 18:52:50 | 01,048,392 | ---- | M] (Microsoft Corporation) nmsaccessu.exe -> C:\Program Files\CDBurnerXP\NMSAccessU.exe -> [2009/09/06 12:38:06 | 00,071,096 | ---- | M] () pnkbstra.exe -> C:\WINDOWS\system32\PnkBstrA.exe -> [2009/09/01 10:58:03 | 00,075,064 | ---- | M] () msmpeng.exe -> c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -> [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) ati2evxx.exe -> C:\WINDOWS\system32\ati2evxx.exe -> [2009/05/16 08:45:52 | 00,602,112 | ---- | M] (ATI Technologies Inc.) mom.exe -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe -> [2009/04/22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) ccc.exe -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe -> [2009/04/22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) rthdcpl.exe -> C:\WINDOWS\RTHDCPL.EXE -> [2009/02/17 13:20:32 | 17,508,864 | ---- | M] (Realtek Semiconductor Corp.) hp1006mc.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE -> [2008/04/28 06:14:00 | 00,073,728 | ---- | M] (Software 2000 Limited) explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Althaf Hameez\My Documents\Downloads\OTS.exe -> [2010/01/18 06:40:21 | 00,632,320 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll -> [2004/08/04 06:27:02 | 01,050,624 | R--- | M] (Microsoft Corporation) [Win32 Services - Safe List] (Hamachi2Svc) LogMeIn Hamachi 2.0 Tunneling Engine [Auto | Running] -> C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -> [2009/10/29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) (JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) (NMSAccessU) NMSAccessU [Auto | Running] -> C:\Program Files\CDBurnerXP\NMSAccessU.exe -> [2009/09/06 12:38:06 | 00,071,096 | ---- | M] () (PnkBstrA) PnkBstrA [Auto | Running] -> C:\WINDOWS\system32\PnkBstrA.exe -> [2009/09/01 10:58:03 | 00,075,064 | ---- | M] () (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2009/08/23 09:53:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) (MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -> [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) (Ati HotKey Poller) Ati HotKey Poller [Auto | Running] -> C:\WINDOWS\system32\ati2evxx.exe -> [2009/05/16 08:45:52 | 00,602,112 | ---- | M] (ATI Technologies Inc.) (ATI Smart) ATI Smart [Auto | Stopped] -> C:\WINDOWS\system32\ati2sgag.exe -> [2009/05/15 21:05:00 | 00,593,920 | ---- | M] () (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [Driver Services - Safe List] (StarOpen) StarOpen [File_System | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\StarOpen.sys -> [2009/09/28 20:57:28 | 00,007,168 | ---- | M] () (taphss) Anchorfree HSS Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\taphss.sys -> [2009/09/16 01:34:58 | 00,032,768 | ---- | M] (AnchorFree Inc) (SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2009/09/04 14:50:02 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2009/09/04 14:50:00 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2009/09/04 14:49:58 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (atksgt) atksgt [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\atksgt.sys -> [2009/08/19 13:25:53 | 00,278,984 | ---- | M] () (lirsgt) lirsgt [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\lirsgt.sys -> [2009/08/19 13:25:53 | 00,025,416 | ---- | M] () (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2009/07/15 19:33:21 | 00,685,816 | ---- | M] () (gdrv) gdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\gdrv.sys -> [2009/07/08 21:31:26 | 00,016,608 | ---- | M] (Windows (R) 2000 DDK provider) (MpFilter) Microsoft Malware Protection Driver [File_System | System | Running] -> C:\WINDOWS\system32\drivers\MpFilter.sys -> [2009/06/18 18:48:04 | 00,142,832 | ---- | M] (Microsoft Corporation) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2009/05/16 09:28:45 | 04,069,888 | ---- | M] (ATI Technologies Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2009/04/29 01:50:06 | 00,044,944 | ---- | M] (Sonic Solutions) (hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hamachi.sys -> [2009/04/23 11:15:06 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) (zonescreen) zonescreen [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\zsport.sys -> [2009/03/29 01:31:44 | 00,008,256 | ---- | M] (ZoneOS) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2009/02/17 14:25:54 | 05,026,816 | ---- | M] (Realtek Semiconductor Corp.) (ENTECH) ENTECH [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Entech.sys -> [2008/09/17 15:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) (adfs) adfs [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\adfs.sys -> [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) (Ambfilt) Ambfilt [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Ambfilt.sys -> [2008/08/05 17:40:12 | 01,684,736 | ---- | M] (Creative) (RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtenicxp.sys -> [2008/01/03 19:40:16 | 00,105,856 | ---- | M] (Realtek Semiconductor Corporation ) (SCDEmu) SCDEmu [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\scdemu.sys -> [2007/08/07 05:45:07 | 00,033,052 | ---- | M] (PowerISO Computing, Inc.) (Monfilt) Monfilt [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Monfilt.sys -> [2006/01/04 13:11:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Hdaudbus.sys -> [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2004/07/17 17:06:38 | 00,027,440 | ---- | M] () (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2001/08/23 19:30:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\: Main\\"Search Page" -> http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\: SearchURL\\"" -> http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\: "ProxyOverride" -> local -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\FireFox\Profiles\71z2tuv2.default\prefs.js -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 -> extensions.enabledItems -> {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:2.1 -> extensions.enabledItems -> {cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}:0.4 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> omnibar@ajitk.com:0.6.7.20091104 -> extensions.enabledItems -> {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 -> extensions.enabledItems -> yetanothersmoothscrolling@kataho:3.0.6 -> extensions.enabledItems -> {07b2a769-ed19-4483-87ce-c643914c9626}:1.6 -> extensions.enabledItems -> {24d1fe20-76df-11de-8a39-0800200c9a66}:2.0 -> extensions.enabledItems -> strata-o-various@addons.mozilla.org:1.85 -> network.proxy.http -> "localhost" -> network.proxy.http_port -> 9666 -> network.proxy.socks -> "localhost" -> network.proxy.socks_port -> 9050 -> network.proxy.socks_remote_dns -> true -> network.proxy.ssl -> "localhost" -> network.proxy.ssl_port -> 9666 -> < FireFox Settings [User.js] > -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\FireFox\Profiles\71z2tuv2.default\user.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/01/09 20:42:48 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/01/16 11:44:51 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Extensions -> [2009/07/08 21:46:31 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions -> [2010/01/16 20:23:17 | 00,000,000 | ---D | M] ANTHEM -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626} -> [2009/12/11 18:32:55 | 00,000,000 | ---D | M] No name found -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{24d1fe20-76df-11de-8a39-0800200c9a66} -> [2009/07/24 22:16:11 | 00,000,000 | ---D | M] No name found -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} -> [2009/09/26 20:56:25 | 00,000,000 | ---D | M] WOT -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} -> [2009/11/05 21:47:29 | 00,000,000 | ---D | M] Easy Youtube Video Downloader -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} -> [2009/12/11 18:32:58 | 00,000,000 | ---D | M] Google Redesigned -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406} -> [2009/12/11 18:33:01 | 00,000,000 | ---D | M] Adblock Plus -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/01/08 20:16:19 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\omnibar@ajitk.com -> [2009/11/07 22:52:39 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\strata-o-various@addons.mozilla.org -> [2009/07/10 13:54:48 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Althaf Hameez\Application Data\Mozilla\Firefox\Profiles\71z2tuv2.default\extensions\yetanothersmoothscrolling@kataho -> [2010/01/15 22:31:24 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/01/16 20:23:17 | 00,000,000 | ---D | M] < HOSTS File > (619896 bytes and 16467 lines) -> C:\WINDOWS\system32\drivers\etc\HOSTS -> First 25 entries... Reset Hosts 127.0.0.1 localhost 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 achmedia.com 127.0.0.1 aconti.net 127.0.0.1 secure.aconti.net 127.0.0.1 www.aconti.net #[Dialer.Aconti] 127.0.0.1 ads.active.com 127.0.0.1 am1.activemeter.com 127.0.0.1 www.activemeter.com #[Tracking.Cookie] 127.0.0.1 ads.activepower.net 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper] 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] 127.0.0.1 ad2games.com 127.0.0.1 cms.ad2click.nl 127.0.0.1 ads.ad2games.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {000123B4-9B42-4900-B3F7-F4B073EFC214} [HKLM] -> C:\Program Files\Orbitdownloader\orbitcth.dll [Octh Class] -> [2009/08/04 09:54:42 | 00,179,472 | ---- | M] (Orbitdownloader.com) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/10/11 04:17:12 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> C:\Program Files\Orbitdownloader\GrabPro.dll [Grab Pro] -> [2009/08/04 09:54:42 | 00,662,720 | ---- | M] () < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> C:\Program Files\Orbitdownloader\GrabPro.dll [Grab Pro] -> [2009/08/04 09:54:42 | 00,662,720 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Alcmtr" -> C:\WINDOWS\ALCMTR.EXE [ALCMTR.EXE] -> [2008/06/19 13:50:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) "MSConfig" -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto] -> [2004/08/04 06:26:54 | 00,158,208 | ---- | M] (Microsoft Corporation) "MSSE" -> c:\Program Files\Microsoft Security Essentials\msseces.exe ["c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide] -> [2009/09/13 18:52:50 | 01,048,392 | ---- | M] (Microsoft Corporation) "RTHDCPL" -> C:\WINDOWS\RTHDCPL.EXE [RTHDCPL.EXE] -> [2009/02/17 13:20:32 | 17,508,864 | ---- | M] (Realtek Semiconductor Corp.) "StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/05/20 16:24:56 | 00,098,304 | ---- | M] (Advanced Micro Devices, Inc.) < Run [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "EyeDefender" -> C:\Program Files\EyeDefender\EyeDefender.exe ["C:\Program Files\EyeDefender\EyeDefender.exe" /silent] -> [2009/11/18 23:01:20 | 00,163,840 | ---- | M] () "OpenDNS Updater" -> C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe ["C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart] -> [2009/11/17 01:28:38 | 00,839,168 | ---- | M] () "TransBar" -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\AKSoftware\TransBar\TransBar.exe [C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\AKSoftware\TransBar\TransBar.exe /s] -> [2005/06/02 01:11:18 | 00,065,536 | ---- | M] (AKSoftware) "uTorrent" -> C:\Program Files\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> [2009/12/15 19:15:37 | 00,289,584 | ---- | M] (BitTorrent, Inc.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Althaf Hameez Startup Folder > -> C:\Documents and Settings\Althaf Hameez\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions \Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoRemoteRecursiveEvents" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found \\"NoSaveSettings" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> &Download by Orbit -> C:\Program Files\Orbitdownloader\orbitmxt.dll [res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201] -> [2009/08/04 09:54:40 | 00,101,568 | ---- | M] (Orbitdownloader.com) &Grab video by Orbit -> C:\Program Files\Orbitdownloader\orbitmxt.dll [res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204] -> [2009/08/04 09:54:40 | 00,101,568 | ---- | M] (Orbitdownloader.com) Do&wnload selected by Orbit -> C:\Program Files\Orbitdownloader\orbitmxt.dll [res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203] -> [2009/08/04 09:54:40 | 00,101,568 | ---- | M] (Orbitdownloader.com) Down&load all by Orbit -> C:\Program Files\Orbitdownloader\orbitmxt.dll [res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202] -> [2009/08/04 09:54:40 | 00,101,568 | ---- | M] (Orbitdownloader.com) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6371 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\] > -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-823518204-839522115-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} [HKLM] -> http://www.monash.edu.my/VatDec.cab [VatCtrl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> -> File not found *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL "sysdm.cpl" -> -> File not found *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -> [2009/09/03 15:21:42 | 00,548,352 | ---- | M] (SUPERAntiSpyware.com) AtiExtEvent -> -> File not found crypt32chain -> -> File not found cryptnet -> -> File not found cscdll -> -> File not found ScCertProp -> -> File not found Schedule -> -> File not found sclgntfy -> -> File not found SensLogn -> -> File not found termsrv -> -> File not found WgaLogon -> -> File not found wlballoon -> -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 10:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com) "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> [] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> msapsspc.dll -> -> File not found schannel.dll -> -> File not found digest.dll -> -> File not found msnsspc.dll -> -> File not found *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Documents and Settings\Althaf Hameez\Desktop\L4D2\Left 4 Dead 2\left4dead2.exe" -> C:\Documents and Settings\Althaf Hameez\Desktop\L4D2\Left 4 Dead 2\left4dead2.exe [C:\Documents and Settings\Althaf Hameez\Desktop\L4D2\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2] -> [2009/11/17 19:19:00 | 00,385,024 | ---- | M] () "C:\Documents and Settings\Althaf Hameez\My Documents\Downloads\fre_wxp_x86_en\binfre_wxp_x86_en\zsserver.exe" -> C:\Documents and Settings\Althaf Hameez\My Documents\Downloads\fre_wxp_x86_en\binfre_wxp_x86_en\zsserver.exe [C:\Documents and Settings\Althaf Hameez\My Documents\Downloads\fre_wxp_x86_en\binfre_wxp_x86_en\zsserver.exe:*:Enabled:ZoneOS ZoneScreen wizard] -> [2009/03/29 01:31:46 | 00,046,272 | ---- | M] (ZoneOS) "C:\Program Files\Activision\Prototype\prototypef.exe" -> C:\Program Files\Activision\Prototype\prototypef.exe [C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM)] -> [2009/06/10 00:13:00 | 02,269,232 | ---- | M] (Activision) "C:\Program Files\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe" -> C:\Program Files\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe [C:\Program Files\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe:*:Enabled:STREET FIGHTER IV] -> [2009/05/19 18:23:30 | 04,371,736 | ---- | M] (CAPCOM U.S.A., INC.) "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -> C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4] -> [2008/08/14 07:58:34 | 00,611,712 | ---- | M] (Adobe Systems Incorporated) "C:\Program Files\CrossLoop\CrossLoopConnect.exe" -> C:\Program Files\CrossLoop\CrossLoopConnect.exe [C:\Program Files\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing] -> [2009/07/22 12:31:28 | 01,138,688 | ---- | M] (CrossLoop) "C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe" -> C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe [C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed] -> [2006/01/04 05:00:57 | 21,047,920 | ---- | M] () "C:\Program Files\Internet Explorer\iexplore.exe" -> C:\Program Files\Internet Explorer\iexplore.exe [C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer] -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) "C:\Program Files\Java\jre6\bin\java.exe" -> C:\Program Files\Java\jre6\bin\java.exe [C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary] -> [2009/10/11 04:17:31 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) "C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe" -> C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe [C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:*:Enabled:Gears of War] -> [2007/11/14 02:46:16 | 28,179,536 | ---- | M] (Epic Games, Inc.) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2006/10/27 15:03:04 | 01,018,664 | ---- | M] (Microsoft Corporation) "C:\Program Files\mIRC\mirc.exe" -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> [2008/10/17 14:09:50 | 02,810,880 | ---- | M] (mIRC Co. Ltd.) "C:\Program Files\Orbitdownloader\orbitdm.exe" -> C:\Program Files\Orbitdownloader\orbitdm.exe [C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit] -> [2009/08/04 09:54:42 | 01,719,568 | ---- | M] (Orbitdownloader.com) "C:\Program Files\Orbitdownloader\orbitnet.exe" -> C:\Program Files\Orbitdownloader\orbitnet.exe [C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit] -> [2009/07/06 14:30:18 | 00,557,056 | ---- | M] (Orbitdownloader.com) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" -> C:\Program Files\Pando Networks\Media Booster\PMB.exe [C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster] -> [2010/01/16 11:44:50 | 02,937,528 | ---- | M] () "C:\Program Files\SopCast\adv\SopAdver.exe" -> C:\Program Files\SopCast\adv\SopAdver.exe [C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver] -> [2007/03/07 15:57:12 | 00,567,384 | ---- | M] (www.sopcast.com) "C:\Program Files\SopCast\SopCast.exe" -> C:\Program Files\SopCast\SopCast.exe [C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application] -> [2009/07/09 12:39:52 | 01,921,024 | ---- | M] (www.sopcast.com) "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2009/12/15 19:15:37 | 00,289,584 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Warcraft III\Warcraft III.exe" -> C:\Program Files\Warcraft III\Warcraft III.exe [C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III] -> [2009/09/30 20:28:12 | 00,274,432 | ---- | M] (Blizzard Entertainment) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" -> C:\Program Files\Wolfenstein - Enemy Territory\ET.exe [C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET] -> [2003/05/27 13:44:36 | 01,396,808 | ---- | M] () "C:\Program Files\Xfire\Xfire.exe" -> C:\Program Files\Xfire\Xfire.exe [C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire] -> [2009/12/01 01:03:40 | 03,181,456 | ---- | M] (Xfire Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" -> C:\WINDOWS\System32\spool\drivers\w32x86\3\HP1006MC.EXE [C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE] -> [2008/04/28 06:14:00 | 00,073,728 | ---- | M] (Software 2000 Limited) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/08 20:48:43 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \G HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell \G\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun \G\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command \G\Shell\AutoRun\command\\"" -> G:\FalloutLauncher.exe [G:\FalloutLauncher.exe] -> File not found \I HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell \I\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\AutoRun \I\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\AutoRun\command \I\Shell\AutoRun\command\\"" -> I:\SETUP.EXE [I:\SETUP.EXE] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\configure\command \I\Shell\configure\command\\"" -> I:\SETUP.EXE [I:\SETUP.EXE] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\install\command \I\Shell\install\command\\"" -> I:\SETUP.EXE [I:\SETUP.EXE] -> File not found \{3dd696f0-f935-11de-9b30-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dd696f0-f935-11de-9b30-001fd008249b}\Shell\AutoRun\command \{3dd696f0-f935-11de-9b30-001fd008249b}\Shell\AutoRun\command\\"" -> F:\e9naq.exe [F:\e9naq.exe] -> File not found \{3dd696f0-f935-11de-9b30-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dd696f0-f935-11de-9b30-001fd008249b}\Shell\open\Command \{3dd696f0-f935-11de-9b30-001fd008249b}\Shell\open\Command\\"" -> F:\e9naq.exe [F:\e9naq.exe] -> File not found \{79ce9b86-e962-11de-9afc-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79ce9b86-e962-11de-9afc-001fd008249b}\Shell\AutoRun\command \{79ce9b86-e962-11de-9afc-001fd008249b}\Shell\AutoRun\command\\"" -> [wscript.exe bit2008_BEST4EVER.VBS] -> File not found \{79ce9b86-e962-11de-9afc-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79ce9b86-e962-11de-9afc-001fd008249b}\Shell\open\Command \{79ce9b86-e962-11de-9afc-001fd008249b}\Shell\open\Command\\"" -> [wscript.exe bit2008_BEST4EVER.VBS] -> File not found \{c0b1c833-6c68-11de-833d-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\AutoplaY\cOmmAnd \{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\AutoplaY\cOmmAnd\\"" -> [fbyd.pif] -> File not found \{c0b1c833-6c68-11de-833d-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\AutoRun\command \{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\AutoRun\command\\"" -> [fbyd.pif] -> File not found \{c0b1c833-6c68-11de-833d-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\eXPlOre\COmmANd \{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\eXPlOre\COmmANd\\"" -> [fbyd.pif] -> File not found \{c0b1c833-6c68-11de-833d-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\Open\CoMmAnd \{c0b1c833-6c68-11de-833d-001fd008249b}\sheLl\Open\CoMmAnd\\"" -> [fbyd.pif] -> File not found \{d9af201d-915d-11de-99f6-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9af201d-915d-11de-99f6-001fd008249b}\Shell\AutoRun\command \{d9af201d-915d-11de-99f6-001fd008249b}\Shell\AutoRun\command\\"" -> [wscript.exe bit2008_BEST4EVER.VBS] -> File not found \{d9af201d-915d-11de-99f6-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9af201d-915d-11de-99f6-001fd008249b}\Shell\open\Command \{d9af201d-915d-11de-99f6-001fd008249b}\Shell\open\Command\\"" -> [wscript.exe bit2008_BEST4EVER.VBS] -> File not found \{e12d5f4a-b0d0-11de-9a53-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e12d5f4a-b0d0-11de-9a53-001fd008249b}\Shell\AutoRun\command \{e12d5f4a-b0d0-11de-9a53-001fd008249b}\Shell\AutoRun\command\\"" -> F:\8xcrbho6.exe [F:\8xcrbho6.exe] -> File not found \{e12d5f4a-b0d0-11de-9a53-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e12d5f4a-b0d0-11de-9a53-001fd008249b}\Shell\open\Command \{e12d5f4a-b0d0-11de-9a53-001fd008249b}\Shell\open\Command\\"" -> F:\8xcrbho6.exe [F:\8xcrbho6.exe] -> File not found \{e6457012-76b9-11de-9664-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6457012-76b9-11de-9664-001fd008249b}\Shell\AutoRun\command \{e6457012-76b9-11de-9664-001fd008249b}\Shell\AutoRun\command\\"" -> F:\tmp.folder\restore.exe [F:\tmp.folder/restore.exe] -> File not found \{e6457012-76b9-11de-9664-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6457012-76b9-11de-9664-001fd008249b}\Shell\ExploRE\CoMmaNd \{e6457012-76b9-11de-9664-001fd008249b}\Shell\ExploRE\CoMmaNd\\"" -> F:\tmp.folder\restore.exe [F:\tmp.folder/restore.exe] -> File not found \{e6457012-76b9-11de-9664-001fd008249b} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6457012-76b9-11de-9664-001fd008249b}\Shell\OPeN\commAnd \{e6457012-76b9-11de-9664-001fd008249b}\Shell\OPeN\commAnd\\"" -> F:\tmp.folder\restore.exe [F:\tmp.folder/restore.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> exefile [open] -> "%1" %* -> helpfile [open] -> winhlp32.exe %1 -> [2004/08/04 06:26:58 | 00,283,648 | ---- | M] (Microsoft Corporation) htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2006/10/26 20:12:34 | 00,067,896 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2006/10/26 20:12:34 | 00,067,896 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [AddToPlaylistVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2009/07/06 21:55:48 | 00,135,416 | ---- | M] () Directory [find] -> %SystemRoot%\Explorer.exe -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2009/07/06 21:55:48 | 00,135,416 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2004/08/04 06:26:50 | 01,032,192 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 8/27/2009 11:39:21 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 9/4/2009 12:11:29 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 9/19/2009 11:19:01 PM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 10/4/2009 6:29:24 AM Computer Name = ALTHAFH | Source = MsiInstaller | ID = 10005 -> Description = Product: Windows Live Communications Platform -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2762. The arguments are: , , Application [ Error ] 10/4/2009 6:29:24 AM Computer Name = ALTHAFH | Source = MsiInstaller | ID = 10005 -> Description = Product: Windows Live Communications Platform -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2762. The arguments are: , , Application [ Error ] 10/12/2009 9:54:47 AM Computer Name = ALTHAFH | Source = WindowsLiveMessenger | ID = 15728647 -> Description = Application [ Error ] 10/21/2009 1:46:57 AM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting module , version 0.0.0.0, fault address 0x00000000. Application [ Error ] 10/21/2009 1:47:03 AM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d. Application [ Error ] 10/31/2009 9:27:10 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 10/31/2009 10:34:14 PM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application registration.exe, version 1.0.0.54, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00018af2. Application [ Error ] 8/27/2009 11:39:21 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 9/4/2009 12:11:29 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 9/19/2009 11:19:01 PM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 10/4/2009 6:29:24 AM Computer Name = ALTHAFH | Source = MsiInstaller | ID = 10005 -> Description = Product: Windows Live Communications Platform -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2762. The arguments are: , , Application [ Error ] 10/4/2009 6:29:24 AM Computer Name = ALTHAFH | Source = MsiInstaller | ID = 10005 -> Description = Product: Windows Live Communications Platform -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2762. The arguments are: , , Application [ Error ] 10/12/2009 9:54:47 AM Computer Name = ALTHAFH | Source = WindowsLiveMessenger | ID = 15728647 -> Description = Application [ Error ] 10/21/2009 1:46:57 AM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting module , version 0.0.0.0, fault address 0x00000000. Application [ Error ] 10/21/2009 1:47:03 AM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d. Application [ Error ] 10/31/2009 9:27:10 AM Computer Name = ALTHAFH | Source = Windows Live Messenger | ID = 1000 -> Description = Application [ Error ] 10/31/2009 10:34:14 PM Computer Name = ALTHAFH | Source = Application Error | ID = 1000 -> Description = Faulting application registration.exe, version 1.0.0.54, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00018af2. System [ Error ] 1/15/2010 10:47:59 PM Computer Name = ALTHAFH | Source = Dhcp | ID = 1002 -> Description = The IP address lease 192.168.0.3 for the Network Card with network address 001FD008249B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). System [ Error ] 1/15/2010 10:47:59 PM Computer Name = ALTHAFH | Source = ipnathlp | ID = 32003 -> Description = The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code. System [ Error ] 1/16/2010 3:57:23 AM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 10:46:29 AM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 12:38:53 PM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 12:39:01 PM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 8:14:41 PM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 8:34:41 PM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/16/2010 8:35:30 PM Computer Name = ALTHAFH | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} System [ Error ] 1/17/2010 9:36:09 AM Computer Name = ALTHAFH | Source = Dhcp | ID = 1002 -> Description = The IP address lease 192.168.0.5 for the Network Card with network address 001FD008249B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). [Files/Folders - Created Within 30 Days] LogMeIn Hamachi -> C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi -> [2010/01/18 06:37:11 | 00,000,000 | ---D | M] Fallout3 -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\Fallout3 -> [2010/01/17 06:05:40 | 00,000,000 | ---D | C] Fallout3 -> C:\Documents and Settings\All Users\Application Data\Fallout3 -> [2010/01/17 05:47:07 | 00,000,000 | ---D | C] Bethesda Softworks -> C:\Program Files\Bethesda Softworks -> [2010/01/17 05:47:04 | 00,000,000 | ---D | C] Icons -> C:\Documents and Settings\Althaf Hameez\Desktop\Icons -> [2010/01/16 12:43:26 | 00,000,000 | ---D | C] Allods Online -> C:\Documents and Settings\Althaf Hameez\Desktop\Allods Online -> [2010/01/16 11:45:25 | 00,000,000 | ---D | C] PMB Files -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\PMB Files -> [2010/01/16 11:44:59 | 00,000,000 | ---D | C] PMB Files -> C:\Documents and Settings\All Users\Application Data\PMB Files -> [2010/01/16 11:44:57 | 00,000,000 | ---D | C] Pando Networks -> C:\Program Files\Pando Networks -> [2010/01/16 11:41:57 | 00,000,000 | ---D | C] MozBackup -> C:\Program Files\MozBackup -> [2010/01/15 22:26:22 | 00,000,000 | ---D | C] To Backup -> C:\Documents and Settings\Althaf Hameez\Desktop\To Backup -> [2010/01/15 22:11:35 | 00,000,000 | ---D | C] microsoft -> C:\Documents and Settings\All Users\Documents\microsoft -> [2010/01/15 18:03:32 | 00,000,000 | ---D | C] ERDNT -> C:\WINDOWS\ERDNT -> [2010/01/15 10:37:13 | 00,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2010/01/15 10:37:02 | 00,000,000 | ---D | C] Mozilla -> C:\Documents and Settings\LocalService\Application Data\Mozilla -> [2010/01/14 20:42:29 | 00,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Althaf Hameez\Application Data\GlarySoft -> [2010/01/14 20:40:39 | 00,000,000 | ---D | C] Glary Utilities -> C:\Program Files\Glary Utilities -> [2010/01/14 20:36:09 | 00,000,000 | ---D | C] iun503.exe -> C:\WINDOWS\iun503.exe -> [2010/01/14 19:11:39 | 00,286,720 | ---- | C] (Indigo Rose Corporation) TEKKEN 3 -> C:\Program Files\TEKKEN 3 -> [2010/01/14 19:11:37 | 00,000,000 | ---D | C] Automobile -> C:\Documents and Settings\Althaf Hameez\Desktop\Automobile -> [2010/01/14 13:13:11 | 00,000,000 | ---D | C] Media -> C:\Documents and Settings\Althaf Hameez\Desktop\Media -> [2009/12/29 15:21:15 | 00,000,000 | ---D | C] Jazler Backups -> C:\Jazler Backups -> [2009/12/28 14:18:04 | 00,000,000 | ---D | C] L3CODECX.AX.BAK -> C:\WINDOWS\System32\L3CODECX.AX.BAK -> [2009/12/28 14:17:22 | 00,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) msexch35.dll -> C:\WINDOWS\System32\msexch35.dll -> [2009/12/28 14:16:30 | 00,344,064 | ---- | C] (Microsoft Corporation) msrpfs35.dll -> C:\WINDOWS\System32\msrpfs35.dll -> [2009/12/28 14:16:30 | 00,044,304 | ---- | C] (Microsoft Corporation) msjt4jlt.dll -> C:\WINDOWS\System32\msjt4jlt.dll -> [2009/12/28 14:16:29 | 01,238,288 | ---- | C] (Microsoft Corporation) msxbse35.dll -> C:\WINDOWS\System32\msxbse35.dll -> [2009/12/28 14:16:29 | 00,294,912 | ---- | C] (Microsoft Corporation) msexcl35.dll -> C:\WINDOWS\System32\msexcl35.dll -> [2009/12/28 14:16:29 | 00,252,688 | ---- | C] (Microsoft Corporation) mspdox35.dll -> C:\WINDOWS\System32\mspdox35.dll -> [2009/12/28 14:16:29 | 00,250,128 | ---- | C] (Microsoft Corporation) msltus35.dll -> C:\WINDOWS\System32\msltus35.dll -> [2009/12/28 14:16:29 | 00,168,720 | ---- | C] (Microsoft Corporation) mstext35.dll -> C:\WINDOWS\System32\mstext35.dll -> [2009/12/28 14:16:29 | 00,166,672 | ---- | C] (Microsoft Corporation) JETCOMP.exe -> C:\WINDOWS\System32\JETCOMP.exe -> [2009/12/28 14:16:29 | 00,039,424 | ---- | C] (Microsoft Corporation) hinstall.exe -> C:\WINDOWS\System32\hinstall.exe -> [2009/12/28 14:16:27 | 03,166,208 | ---- | C] (Aladdin Knowledge Systems.) haspvb32.dll -> C:\WINDOWS\System32\haspvb32.dll -> [2009/12/28 14:16:27 | 00,331,776 | ---- | C] (Aladdin Knowledge Systems) AEnhanceAUDIO.dll -> C:\WINDOWS\System32\AEnhanceAUDIO.dll -> [2009/12/28 14:16:27 | 00,143,360 | ---- | C] (AudioEnhance) EQPro.ocx -> C:\WINDOWS\System32\EQPro.ocx -> [2009/12/28 14:16:27 | 00,131,072 | ---- | C] (xFX JumpStart) FSFWrap.dll -> C:\WINDOWS\System32\FSFWrap.dll -> [2009/12/28 14:16:27 | 00,131,072 | ---- | C] (GDCL (www.gdcl.co.uk)) ccrpTmr6.dll -> C:\WINDOWS\System32\ccrpTmr6.dll -> [2009/12/28 14:16:27 | 00,090,112 | ---- | C] (http://www.mvps.org/vb) xFXSlider.ocx -> C:\WINDOWS\System32\xFXSlider.ocx -> [2009/12/28 14:16:27 | 00,065,536 | ---- | C] (xFX JumpStart) StreamSensor.dll -> C:\WINDOWS\System32\StreamSensor.dll -> [2009/12/28 14:16:27 | 00,024,576 | ---- | C] (AudioEnhance) SmartSubClass.dll -> C:\WINDOWS\System32\SmartSubClass.dll -> [2009/12/28 14:16:27 | 00,011,776 | ---- | C] (VBSmart) MMTypesX2.OCX -> C:\WINDOWS\System32\MMTypesX2.OCX -> [2009/12/28 14:16:25 | 00,428,032 | ---- | C] (SwiftSoft) MMAudioX2.OCX -> C:\WINDOWS\System32\MMAudioX2.OCX -> [2009/12/28 14:16:24 | 00,949,248 | ---- | C] (SwiftSoft) JSBBar16.ocx -> C:\WINDOWS\System32\JSBBar16.ocx -> [2009/12/28 14:16:24 | 00,282,624 | ---- | C] (Janus Systems SA de CV) ID3Edit.dll -> C:\WINDOWS\System32\ID3Edit.dll -> [2009/12/28 14:16:24 | 00,184,320 | ---- | C] (Audiopimp.com, IRC Inc. ) MSDERUN.DLL -> C:\WINDOWS\System32\MSDERUN.DLL -> [2009/12/28 14:16:24 | 00,136,192 | ---- | C] (Microsoft Corporation) AXSDINFO.OCX -> C:\WINDOWS\System32\AXSDINFO.OCX -> [2009/12/28 14:16:24 | 00,069,632 | ---- | C] (AXSoft Software) JazlerMonitor.ocx -> C:\WINDOWS\System32\JazlerMonitor.ocx -> [2009/12/28 14:16:24 | 00,045,056 | ---- | C] (AMFMedia) JazlerSlider.ocx -> C:\WINDOWS\System32\JazlerSlider.ocx -> [2009/12/28 14:16:24 | 00,036,864 | ---- | C] (AMFMedia) GRIDEX20.OCX -> C:\WINDOWS\System32\GRIDEX20.OCX -> [2009/12/28 14:16:22 | 00,457,257 | ---- | C] (Janus Systems SA de CV) Jazler Radio II -> C:\Jazler Radio II -> [2009/12/28 14:16:14 | 00,000,000 | ---D | C] Winamp Detect -> C:\Program Files\Winamp Detect -> [2009/12/21 17:24:40 | 00,000,000 | ---D | C] pxsfs.dll -> C:\WINDOWS\System32\pxsfs.dll -> [2009/12/21 17:24:24 | 01,858,032 | ---- | C] (Sonic Solutions) px.dll -> C:\WINDOWS\System32\px.dll -> [2009/12/21 17:24:24 | 00,670,192 | ---- | C] (Sonic Solutions) pxdrv.dll -> C:\WINDOWS\System32\pxdrv.dll -> [2009/12/21 17:24:24 | 00,551,408 | ---- | C] (Sonic Solutions) pxwave.dll -> C:\WINDOWS\System32\pxwave.dll -> [2009/12/21 17:24:24 | 00,436,720 | ---- | C] (Sonic Solutions) pxmas.dll -> C:\WINDOWS\System32\pxmas.dll -> [2009/12/21 17:24:24 | 00,219,632 | ---- | C] (Sonic Solutions) pxafs.dll -> C:\WINDOWS\System32\pxafs.dll -> [2009/12/21 17:24:24 | 00,129,520 | ---- | C] (Sonic Solutions) vxblock.dll -> C:\WINDOWS\System32\vxblock.dll -> [2009/12/21 17:24:24 | 00,096,752 | ---- | C] (Sonic Solutions) pxhpinst.exe -> C:\WINDOWS\System32\pxhpinst.exe -> [2009/12/21 17:24:24 | 00,072,176 | ---- | C] (Sonic Solutions) pxcpya64.exe -> C:\WINDOWS\System32\pxcpya64.exe -> [2009/12/21 17:24:24 | 00,066,544 | ---- | C] (Sonic Solutions) pxinsa64.exe -> C:\WINDOWS\System32\pxinsa64.exe -> [2009/12/21 17:24:24 | 00,066,032 | ---- | C] (Sonic Solutions) PxHelp20.sys -> C:\WINDOWS\System32\drivers\PxHelp20.sys -> [2009/12/21 17:24:24 | 00,044,944 | ---- | C] (Sonic Solutions) cdralw2k.sys -> C:\WINDOWS\System32\drivers\cdralw2k.sys -> [2009/12/21 17:24:24 | 00,009,200 | ---- | C] (Sonic Solutions) cdr4_xp.sys -> C:\WINDOWS\System32\drivers\cdr4_xp.sys -> [2009/12/21 17:24:24 | 00,009,072 | ---- | C] (Sonic Solutions) Winamp -> C:\Program Files\Winamp -> [2009/12/21 17:24:21 | 00,000,000 | ---D | C] Winamp -> C:\Documents and Settings\Althaf Hameez\Application Data\Winamp -> [2009/12/21 17:24:21 | 00,000,000 | ---D | C] Flash Backup -> C:\Documents and Settings\Althaf Hameez\Desktop\Flash Backup -> [2009/12/19 16:12:05 | 00,000,000 | ---D | C] Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/08/26 13:23:47 | 00,000,000 | ---D | M] Macromedia -> C:\Documents and Settings\LocalService\Application Data\Macromedia -> [2009/08/17 17:26:02 | 00,000,000 | ---D | M] Mozilla -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla -> [2009/08/17 16:35:46 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/07/08 20:51:29 | 00,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/07/08 20:48:40 | 00,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/07/08 20:48:40 | 00,000,000 | --SD | M] [Files/Folders - Modified Within 30 Days] User_Feed_Synchronization-{05907B57-49A5-43FD-A1AD-E45FD3B73D3F}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{05907B57-49A5-43FD-A1AD-E45FD3B73D3F}.job -> [2010/01/18 06:41:26 | 00,000,438 | -H-- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/01/18 06:37:11 | 00,002,206 | ---- | M] () GlaryInitialize.job -> C:\WINDOWS\tasks\GlaryInitialize.job -> [2010/01/18 06:36:46 | 00,000,328 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/01/18 06:36:40 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/01/18 06:36:34 | 00,002,048 | --S- | M] () NTUSER.DAT -> C:\Documents and Settings\Althaf Hameez\NTUSER.DAT -> [2010/01/17 21:13:30 | 06,553,600 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\Althaf Hameez\ntuser.ini -> [2010/01/17 21:13:30 | 00,000,178 | -HS- | M] () IconCache.db -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\IconCache.db -> [2010/01/17 15:17:28 | 11,766,220 | -H-- | M] () win.ini -> C:\WINDOWS\win.ini -> [2010/01/17 10:23:02 | 00,000,507 | ---- | M] () system.ini -> C:\WINDOWS\system.ini -> [2010/01/17 10:23:02 | 00,000,227 | ---- | M] () boot.ini -> C:\boot.ini -> [2010/01/17 10:23:02 | 00,000,211 | -HS- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/01/16 19:30:13 | 02,151,632 | ---- | M] () AllodsOnlineDownloader.exe -> C:\Documents and Settings\Althaf Hameez\Desktop\AllodsOnlineDownloader.exe -> [2010/01/16 11:39:04 | 01,705,656 | ---- | M] () MozBackup.lnk -> C:\Documents and Settings\All Users\Desktop\MozBackup.lnk -> [2010/01/15 22:26:23 | 00,000,706 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/01/15 22:19:42 | 00,025,088 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\Althaf Hameez\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2010/01/15 18:03:28 | 00,075,816 | ---- | M] () Glary Utilities.lnk -> C:\Documents and Settings\Althaf Hameez\Desktop\Glary Utilities.lnk -> [2010/01/14 20:36:17 | 00,000,675 | ---- | M] () iun503.exe -> C:\WINDOWS\iun503.exe -> [2010/01/14 19:11:31 | 00,286,720 | ---- | M] (Indigo Rose Corporation) attachments_2010_01_14.zip -> C:\Documents and Settings\Althaf Hameez\Desktop\attachments_2010_01_14.zip -> [2010/01/14 13:11:32 | 07,730,800 | ---- | M] () MpSigStub.exe -> C:\WINDOWS\System32\MpSigStub.exe -> [2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) SUPERAntiSpyware Free Edition.job -> C:\WINDOWS\tasks\SUPERAntiSpyware Free Edition.job -> [2010/01/12 22:13:11 | 00,000,280 | ---- | M] () HOSTS -> C:\WINDOWS\System32\drivers\etc\HOSTS -> [2010/01/12 04:36:26 | 00,619,896 | ---- | M] () vbaddin.ini -> C:\WINDOWS\vbaddin.ini -> [2010/01/10 20:50:39 | 00,000,063 | ---- | M] () Bank.accdb -> C:\Documents and Settings\Althaf Hameez\My Documents\Bank.accdb -> [2010/01/10 19:59:12 | 01,183,744 | ---- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) 30th December 2009.doc -> C:\Documents and Settings\All Users\Documents\30th December 2009.doc -> [2009/12/30 19:16:35 | 00,027,136 | ---- | M] () 30th December 2009.docx -> C:\Documents and Settings\Althaf Hameez\Desktop\30th December 2009.docx -> [2009/12/30 19:10:38 | 00,011,427 | ---- | M] () 30th December 2009.docx -> C:\Documents and Settings\All Users\Documents\30th December 2009.docx -> [2009/12/30 19:10:38 | 00,011,427 | ---- | M] () Testing Programming Skills.docx -> C:\Documents and Settings\Althaf Hameez\My Documents\Testing Programming Skills.docx -> [2009/12/28 22:44:31 | 00,017,619 | ---- | M] () PnkBstrK.sys -> C:\WINDOWS\System32\drivers\PnkBstrK.sys -> [2009/12/28 20:32:19 | 00,139,904 | ---- | M] () PnkBstrB.xtr -> C:\WINDOWS\System32\PnkBstrB.xtr -> [2009/12/28 20:32:04 | 00,189,744 | ---- | M] () PnkBstrB.exe -> C:\WINDOWS\System32\PnkBstrB.exe -> [2009/12/28 20:32:04 | 00,189,744 | ---- | M] () config.nt -> C:\WINDOWS\System32\config.nt -> [2009/12/28 14:16:52 | 00,002,624 | ---- | M] () Jazler II.lnk -> C:\Documents and Settings\All Users\Desktop\Jazler II.lnk -> [2009/12/28 14:16:18 | 00,000,359 | ---- | M] () Analysis.doc -> C:\Documents and Settings\Althaf Hameez\My Documents\Analysis.doc -> [2009/12/28 14:16:05 | 00,026,624 | ---- | M] () jagex_runescape_preferences.dat -> C:\Documents and Settings\Althaf Hameez\jagex_runescape_preferences.dat -> [2009/12/27 14:56:28 | 00,000,039 | ---- | M] () jagex_runescape_preferences2.dat -> C:\Documents and Settings\Althaf Hameez\jagex_runescape_preferences2.dat -> [2009/12/27 14:54:27 | 00,000,069 | ---- | M] () Winamp.lnk -> C:\Documents and Settings\All Users\Desktop\Winamp.lnk -> [2009/12/21 18:02:56 | 00,000,654 | ---- | M] () Chat.JPG -> C:\Documents and Settings\Althaf Hameez\My Documents\Chat.JPG -> [2009/12/21 15:56:47 | 00,029,480 | ---- | M] () 6 C:\Documents and Settings\Althaf Hameez\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Althaf Hameez\Local Settings\Temp\*.tmp -> [Files - No Company Name] AllodsOnlineDownloader.exe -> C:\Documents and Settings\Althaf Hameez\Desktop\AllodsOnlineDownloader.exe -> [2010/01/16 22:09:22 | 01,705,656 | ---- | C] () MozBackup.lnk -> C:\Documents and Settings\All Users\Desktop\MozBackup.lnk -> [2010/01/15 22:26:23 | 00,000,706 | ---- | C] () GlaryInitialize.job -> C:\WINDOWS\tasks\GlaryInitialize.job -> [2010/01/14 20:36:19 | 00,000,328 | ---- | C] () Glary Utilities.lnk -> C:\Documents and Settings\Althaf Hameez\Desktop\Glary Utilities.lnk -> [2010/01/14 20:36:17 | 00,000,675 | ---- | C] () attachments_2010_01_14.zip -> C:\Documents and Settings\Althaf Hameez\Desktop\attachments_2010_01_14.zip -> [2010/01/14 13:08:47 | 07,730,800 | ---- | C] () SUPERAntiSpyware Free Edition.job -> C:\WINDOWS\tasks\SUPERAntiSpyware Free Edition.job -> [2010/01/12 22:09:03 | 00,000,280 | ---- | C] () 30th December 2009.doc -> C:\Documents and Settings\All Users\Documents\30th December 2009.doc -> [2009/12/30 19:16:34 | 00,027,136 | ---- | C] () 30th December 2009.docx -> C:\Documents and Settings\All Users\Documents\30th December 2009.docx -> [2009/12/30 19:15:30 | 00,011,427 | ---- | C] () 30th December 2009.docx -> C:\Documents and Settings\Althaf Hameez\Desktop\30th December 2009.docx -> [2009/12/30 19:10:38 | 00,011,427 | ---- | C] () Testing Programming Skills.docx -> C:\Documents and Settings\Althaf Hameez\My Documents\Testing Programming Skills.docx -> [2009/12/28 22:25:09 | 00,017,619 | ---- | C] () config.hsp -> C:\WINDOWS\System32\config.hsp -> [2009/12/28 14:16:40 | 00,002,577 | ---- | C] () Jazler II.lnk -> C:\Documents and Settings\All Users\Desktop\Jazler II.lnk -> [2009/12/28 14:16:18 | 00,000,359 | ---- | C] () MMRegOCX.EXE -> C:\WINDOWS\System32\MMRegOCX.EXE -> [2009/12/28 14:16:14 | 00,062,464 | ---- | C] () Analysis.doc -> C:\Documents and Settings\Althaf Hameez\My Documents\Analysis.doc -> [2009/12/28 14:16:04 | 00,026,624 | ---- | C] () Winamp.lnk -> C:\Documents and Settings\All Users\Desktop\Winamp.lnk -> [2009/12/21 17:24:40 | 00,000,654 | ---- | C] () Chat.JPG -> C:\Documents and Settings\Althaf Hameez\My Documents\Chat.JPG -> [2009/12/21 15:56:41 | 00,029,480 | ---- | C] () vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2009/12/17 20:29:42 | 00,010,240 | ---- | C] () StarOpen.sys -> C:\WINDOWS\System32\drivers\StarOpen.sys -> [2009/12/07 16:27:39 | 00,007,168 | ---- | C] () xfcodec.dll -> C:\WINDOWS\System32\xfcodec.dll -> [2009/12/01 01:03:46 | 00,041,872 | ---- | C] () WinShake.ini -> C:\WINDOWS\System32\WinShake.ini -> [2009/10/18 07:42:47 | 00,000,096 | ---- | C] () klif.sys -> C:\WINDOWS\System32\drivers\klif.sys -> [2009/10/10 21:27:42 | 00,003,584 | ---- | C] () FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2009/09/26 22:55:18 | 00,569,400 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/09/11 20:44:44 | 00,000,376 | ---- | C] () PnkBstrK.sys -> C:\WINDOWS\System32\drivers\PnkBstrK.sys -> [2009/09/01 10:59:33 | 00,139,904 | ---- | C] () atksgt.sys -> C:\WINDOWS\System32\drivers\atksgt.sys -> [2009/08/19 13:25:53 | 00,278,984 | ---- | C] () lirsgt.sys -> C:\WINDOWS\System32\drivers\lirsgt.sys -> [2009/08/19 13:25:53 | 00,025,416 | ---- | C] () AgCPanelTraditionalChinese.dll -> C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelSwedish.dll -> C:\WINDOWS\System32\AgCPanelSwedish.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelSpanish.dll -> C:\WINDOWS\System32\AgCPanelSpanish.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelSimplifiedChinese.dll -> C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelPortugese.dll -> C:\WINDOWS\System32\AgCPanelPortugese.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelKorean.dll -> C:\WINDOWS\System32\AgCPanelKorean.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelJapanese.dll -> C:\WINDOWS\System32\AgCPanelJapanese.dll -> [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () AgCPanelGerman.dll -> C:\WINDOWS\System32\AgCPanelGerman.dll -> [2009/08/03 00:21:52 | 00,058,648 | ---- | C] () AgCPanelFrench.dll -> C:\WINDOWS\System32\AgCPanelFrench.dll -> [2009/08/03 00:21:52 | 00,058,648 | ---- | C] () HPPLVS.dll -> C:\WINDOWS\System32\HPPLVS.dll -> [2009/07/20 17:41:22 | 00,065,536 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2009/07/15 19:33:21 | 00,685,816 | ---- | C] () windowfx3.ini -> C:\WINDOWS\windowfx3.ini -> [2009/07/10 14:11:28 | 00,000,000 | ---- | C] () windowfx2.ini -> C:\WINDOWS\windowfx2.ini -> [2009/07/10 14:10:56 | 00,000,000 | ---- | C] () xlive.dll.cat -> C:\WINDOWS\System32\xlive.dll.cat -> [2009/04/22 00:19:06 | 00,172,173 | ---- | C] () physxcudart_20.dll -> C:\WINDOWS\System32\physxcudart_20.dll -> [2008/06/06 18:13:06 | 00,197,912 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 14:58:52 | 00,030,808 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 14:53:56 | 00,026,489 | ---- | C] () GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 15:39:28 | 00,029,779 | ---- | C] () GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 15:39:28 | 00,026,040 | ---- | C] () secdrv.sys -> C:\WINDOWS\System32\drivers\secdrv.sys -> [2004/07/17 17:06:38 | 00,027,440 | ---- | C] () [File - Lop Check] DAEMON Tools Pro -> C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro -> [2009/08/19 14:01:37 | 00,000,000 | ---D | M] Fallout3 -> C:\Documents and Settings\All Users\Application Data\Fallout3 -> [2010/01/17 05:47:09 | 00,000,000 | ---D | M] Locktime -> C:\Documents and Settings\All Users\Application Data\Locktime -> [2009/08/13 15:10:10 | 00,000,000 | ---D | M] PMB Files -> C:\Documents and Settings\All Users\Application Data\PMB Files -> [2010/01/16 11:44:57 | 00,000,000 | ---D | M] {0691F710-1ECA-4B5A-9727-25554F1BFDC6} -> C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} -> [2009/07/15 21:39:37 | 00,000,000 | -H-D | M] Amazon -> C:\Documents and Settings\Althaf Hameez\Application Data\Amazon -> [2009/11/11 18:08:35 | 00,000,000 | ---D | M] Any Audio Converter -> C:\Documents and Settings\Althaf Hameez\Application Data\Any Audio Converter -> [2009/12/04 21:39:59 | 00,000,000 | ---D | M] Any Video Converter -> C:\Documents and Settings\Althaf Hameez\Application Data\Any Video Converter -> [2009/12/02 20:19:30 | 00,000,000 | ---D | M] Auslogics -> C:\Documents and Settings\Althaf Hameez\Application Data\Auslogics -> [2009/11/01 07:22:37 | 00,000,000 | ---D | M] Canneverbe_Limited -> C:\Documents and Settings\Althaf Hameez\Application Data\Canneverbe_Limited -> [2009/12/07 16:27:50 | 00,000,000 | ---D | M] DAEMON Tools Pro -> C:\Documents and Settings\Althaf Hameez\Application Data\DAEMON Tools Pro -> [2009/08/19 14:01:26 | 00,000,000 | ---D | M] Flickroom.7F2D43979C1E442A06B65B60EA738890E1A9A99A.1 -> C:\Documents and Settings\Althaf Hameez\Application Data\Flickroom.7F2D43979C1E442A06B65B60EA738890E1A9A99A.1 -> [2009/09/10 18:44:36 | 00,000,000 | ---D | M] Foxit -> C:\Documents and Settings\Althaf Hameez\Application Data\Foxit -> [2009/07/08 22:25:47 | 00,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Althaf Hameez\Application Data\GlarySoft -> [2010/01/14 20:40:39 | 00,000,000 | ---D | M] GrabPro -> C:\Documents and Settings\Althaf Hameez\Application Data\GrabPro -> [2009/08/26 11:21:48 | 00,000,000 | ---D | M] ImgBurn -> C:\Documents and Settings\Althaf Hameez\Application Data\ImgBurn -> [2009/07/30 19:53:13 | 00,000,000 | ---D | M] InfraRecorder -> C:\Documents and Settings\Althaf Hameez\Application Data\InfraRecorder -> [2009/10/25 10:21:35 | 00,000,000 | ---D | M] IObit -> C:\Documents and Settings\Althaf Hameez\Application Data\IObit -> [2009/07/08 22:16:50 | 00,000,000 | ---D | M] IrfanView -> C:\Documents and Settings\Althaf Hameez\Application Data\IrfanView -> [2010/01/15 11:22:56 | 00,000,000 | ---D | M] JGoodies -> C:\Documents and Settings\Althaf Hameez\Application Data\JGoodies -> [2009/08/14 23:09:21 | 00,000,000 | ---D | M] Locktime -> C:\Documents and Settings\Althaf Hameez\Application Data\Locktime -> [2009/08/13 15:10:22 | 00,000,000 | ---D | M] MechCAD -> C:\Documents and Settings\Althaf Hameez\Application Data\MechCAD -> [2009/08/19 06:22:16 | 00,000,000 | ---D | M] OpenDNS Updater -> C:\Documents and Settings\Althaf Hameez\Application Data\OpenDNS Updater -> [2009/11/20 09:54:34 | 00,000,000 | ---D | M] Orbit -> C:\Documents and Settings\Althaf Hameez\Application Data\Orbit -> [2009/12/07 21:07:27 | 00,000,000 | ---D | M] Rainmeter -> C:\Documents and Settings\Althaf Hameez\Application Data\Rainmeter -> [2009/09/05 23:06:37 | 00,000,000 | ---D | M] runic games -> C:\Documents and Settings\Althaf Hameez\Application Data\runic games -> [2009/11/21 16:27:36 | 00,000,000 | ---D | M] Spesoft Text To MP3 -> C:\Documents and Settings\Althaf Hameez\Application Data\Spesoft Text To MP3 -> [2009/07/26 14:53:34 | 00,000,000 | ---D | M] TeraCopy -> C:\Documents and Settings\Althaf Hameez\Application Data\TeraCopy -> [2009/11/12 22:15:50 | 00,000,000 | ---D | M] uTorrent -> C:\Documents and Settings\Althaf Hameez\Application Data\uTorrent -> [2010/01/17 21:13:24 | 00,000,000 | ---D | M] GlaryInitialize.job -> C:\WINDOWS\Tasks\GlaryInitialize.job -> [2010/01/18 06:36:46 | 00,000,328 | ---- | M] () SUPERAntiSpyware Free Edition.job -> C:\WINDOWS\Tasks\SUPERAntiSpyware Free Edition.job -> [2010/01/12 22:13:11 | 00,000,280 | ---- | M] () User_Feed_Synchronization-{05907B57-49A5-43FD-A1AD-E45FD3B73D3F}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{05907B57-49A5-43FD-A1AD-E45FD3B73D3F}.job -> [2010/01/18 06:41:26 | 00,000,438 | -H-- | M] () [File - Purity Scan] [Custom Scans] < netsvcs > < %SYSTEMDRIVE%\*.exe > install.exe -> C:\install.exe -> [2007/11/07 08:03:18 | 00,562,688 | ---- | M] (Microsoft Corporation) < MD5 Scans Start> < %systemdrive%\AGP440.SYS /md5 /s > AGP440.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys -> [2004/08/04 06:35:44 | 18,738,937 | ---- | M] () agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys -> [2008/04/14 00:06:38 | 00,042,368 | ---- | M] (Microsoft Corporation) < %systemdrive%\ATAPI.SYS /md5 /s > atapi.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys -> [2004/08/04 06:35:44 | 18,738,937 | ---- | M] () atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys -> [2008/04/14 00:10:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\Documents and Settings\Althaf Hameez\desktop\To Backup\Drivers\Primary IDE Channel\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\Documents and Settings\Althaf Hameez\desktop\To Backup\Drivers\Secondary IDE Channel\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\Documents and Settings\Althaf Hameez\desktop\To Backup\Drivers\Standard IDE_ESDI Hard Disk Controller\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\dllcache\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys -> [2004/08/04 04:29:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) < %systemdrive%\EVENTLOG.DLL /md5 /s > eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll -> [2008/04/14 05:41:53 | 00,056,320 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\dllcache\eventlog.dll -> [2004/08/04 06:26:44 | 00,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\eventlog.dll -> [2004/08/04 06:26:44 | 00,055,808 | ---- | M] (Microsoft Corporation) < %systemdrive%\NETLOGON.DLL /md5 /s > netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll -> [2008/04/14 05:42:01 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll -> [2009/02/07 00:16:09 | 00,408,064 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\dllcache\netlogon.dll -> [2004/08/04 06:26:46 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\netlogon.dll -> [2004/08/04 06:26:46 | 00,407,040 | ---- | M] (Microsoft Corporation) < %systemdrive%\SCECLI.DLL /md5 /s > scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\dllcache\scecli.dll -> [2004/08/04 06:26:46 | 00,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\scecli.dll -> [2004/08/04 06:26:46 | 00,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll -> [2008/04/14 05:42:05 | 00,181,248 | ---- | M] (Microsoft Corporation) < MD5 Scans End> < %systemroot%\*. /mp /s > Restore point Set: OTS Restore Point (0) < %systemroot%\system32\*.dll /lockedfiles > ATIDEMGX.dll : Unable to obtain MD5 -> C:\WINDOWS\system32\ATIDEMGX.dll -> [2009/05/16 09:09:20 | 00,442,368 | ---- | M] (Advanced Micro Devices, Inc.) < %systemroot%\Tasks\*.job /lockedfiles > < End of report > [/code]