Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

c:\Windows\System32fdeploy32.dll

Started by kucova , May 08 2009 04:50 PM

  • Please log in to reply

#1
kucova
Posted 08 May 2009 - 04:50 PM

kucova

    New Member

  • Member
  • Pip
  • 3 posts
From the moment i turn my comp on it appears on the screen the little window that shown the name of the aplication on the left upper corner --bad image and it shows on the window that :
C\Windows\system32fdeploy32.dll is either not designed to run on Windows or it contains an error.Try uninstalline the program again using the original installation media or contact your system administrator or software vendor for support.......!
i have to click ok or else wont open the comp or any page anywhere that i want to go

after searchin the internet i find something like this for this malware
File Activity
One or more files with the name __C00B4369.EXE creates, deletes, copies or moves the following files and folders:

Creates c:\windows\system32\dhcpmon32.dll
Creates c:\windows\system32\dinput832.dll
Creates c:\windows\system32\dispex32.dll
Creates c:\windows\system32\dmcompos32.dll
Creates c:\windows\system32\dmdskmgr32.dll
Creates c:\windows\system32\dmime32.dll
Creates c:\windows\system32\dmserver32.dll
Creates c:\windows\system32\dmusic32.dll
Creates c:\windows\system32\dnsapi32.dll
Creates c:\windows\system32\docprop32.dll
Creates c:\windows\system32\dpcdll32.dll
Creates c:\windows\system32\dpnhpast32.dll
Creates c:\windows\system32\dpnlobby32.dll
Creates c:\windows\system32\dpserial32.dll
Creates c:\windows\system32\dpvoice32.dll
Creates c:\windows\system32\drmstor32.dll
Creates c:\windows\system32\ds16gt32.dll
Creates c:\windows\system32\dsauth32.dll
Creates c:\windows\system32\dsdmoprp32.dll
Creates c:\windows\system32\dskquoui32.dll
Creates c:\windows\system32\dssec32.dll
Creates c:\windows\system32\dsuiext32.dll
Creates c:\windows\system32\duser32.dll
Creates c:\windows\system32\dxdiagn32.dll
Creates c:\windows\system32\dxtmsft32.dll
Creates c:\windows\system32\encdec32.dll
Creates c:\windows\system32\ersvc32.dll
Creates c:\windows\system32\esent32.dll
Creates c:\windows\system32\esentprf32.dll
Creates c:\windows\system32\expsrv32.dll
Creates c:\windows\system32\fdeploy32.dll so my problem is created from this __C00B4369.EXE i assume...
am not sure if i have to post too the OTListit but am put in it anyway...:)


OTListIt logfile created on: 5/8/2009 6:38:28 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.32 Mb Total Physical Memory | 144.96 Mb Available Physical Memory | 14.31% Memory free
2.24 Gb Paging File | 1.04 Gb Available in Paging File | 46.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.19 Gb Total Space | 156.87 Gb Free Space | 70.29% Space Free | Partition Type: NTFS
Drive D: | 9.70 Gb Total Space | 4.33 Gb Free Space | 44.69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLEDARAGASTRA
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe (Webroot Software, Inc. )
PRC - C:\Windows\system32\AUDIODG.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Windows\system32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Windows\zHotkey.exe ()
PRC - C:\Windows\ModPS2Key.exe (Chicony)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\system32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Webroot\Spy Sweeper\SSU.EXE (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - c:\program files\windows defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Users\Owner\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AlertService [Auto | Running]) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [Auto | Running]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (DQLWinService [Auto | Running]) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c9bbe4c5aa7a57 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (ISPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Norton AntiVirus\isPwdSvc.exe (Symantec Corporation)
SRV - (ISSM [Auto | Running]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (LiveUpdate Notice Ex [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Service [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (M1 Server [Auto | Running]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (MCLServiceATL [Auto | Running]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (McShield [Unknown | Stopped]) -- File not found
SRV - (McSysmon [On_Demand | Stopped]) -- File not found
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\Windows\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\Windows\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (PrismXL [Auto | Running]) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (Remote UI Service [Auto | Running]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (Symantec Core LC [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (SymAppCore [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe (Webroot Software, Inc. )
SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (ac97intc [On_Demand | Stopped]) -- C:\Windows\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (Aspi32 [Auto | Running]) -- C:\Windows\System32\drivers\aspi32.sys (Adaptec)
DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cdrbsdrv [System | Running]) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E100B [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Boot | Running]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (IDSvix86 [System | Running]) -- C:\ProgramData\Symantec\Definitions\SymcData\ids-diskless\20090428.002\IDSvix86.sys (Symantec Corporation)
DRV - (igfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntelDH [On_Demand | Running]) -- C:\Windows\System32\Drivers\IntelDH.sys (Intel Corporation)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LVPrcMon [On_Demand | Stopped]) -- C:\Windows\system32\drivers\LVPrcMon.sys ()
DRV - (LVUSBSta [On_Demand | Running]) -- C:\Windows\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (MREMP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090508.003\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090508.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NETw2v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw2v32.sys (Intel® Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (nmsgopro [Auto | Running]) -- C:\Windows\system32\DRIVERS\nmsgopro.sys (Gteko Ltd.)
DRV - (nmsunidr [Auto | Running]) -- C:\Windows\system32\DRIVERS\nmsunidr.sys (Gteko Ltd.)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PID_0928 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\LV561AV.SYS (Logitech Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (sonypvs1 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\sonypvs1.sys (Sony Corporation)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SRTSP [On_Demand | Running]) -- C:\Windows\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\Windows\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (ssfs0bbc [Boot | Running]) -- C:\Windows\system32\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (SSHRMD [Boot | Running]) -- C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS (Webroot Software, Inc. (www.webroot.com))
DRV - (SSIDRV [Boot | Running]) -- C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS (Webroot Software, Inc. (www.webroot.com))
DRV - (SSKBFD [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (STHDA [On_Demand | Running]) -- C:\Windows\system32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (SYMDNS [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (TSHWMDTCP [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (UdfReadr [System | Running]) -- C:\Windows\System32\drivers\udfreadr.sys (Roxio)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...h...DTP&M=T5224
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...DTP&M=T5224
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...h...DTP&M=T5224

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - URLSearchHook: - Reg Error: Key error. File not found
IE - URLSearchHook: {0adb501b-f9c4-4c02-a9ed-2f605a0586e0} - C:\Program Files\Mob Wars Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "FireSearch"
FF - prefs.js..browser.startup.homepage: "http://www.ffsearch.net/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/04/28 11:00:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/05/08 17:31:21 | 00,000,000 | ---D | M]

[2008/06/06 18:32:27 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\frt2shzy.default\extensions
[2008/06/06 18:30:55 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\frt2shzy.default\extensions\[email protected]

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Freecause Toolbar BHO) - {28A27F58-704F-40E1-8053-28E909FBF604} - C:\Program Files\Mob Wars Toolbar\Toolbar.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Mob Wars Toolbar) - {6857857C-15D3-435D-AF19-E0217298B416} - C:\Program Files\Mob Wars Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6857857C-15D3-435D-AF19-E0217298B416} - C:\Program Files\Mob Wars Toolbar\Toolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CCUTRAYICON] "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" (Intel® Corporation)
O4 - HKLM..\Run: [CHotkey] "C:\Windows\zHotkey.exe" ()
O4 - HKLM..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe" (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe" (Intel Corporation)
O4 - HKLM..\Run: [ModPS2] "C:\Windows\ModPS2Key.exe" (Chicony)
O4 - HKLM..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup (Intel Corporation)
O4 - HKLM..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe" (Intel Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] "C:\Windows\system32\PSDrvCheck.exe" ()
O4 - HKLM..\Run: [RegistryMechanic] File not found
O4 - HKLM..\Run: [ShowWnd] "C:\Windows\ShowWnd.exe" ()
O4 - HKLM..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray (Webroot Software, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.18\AMVConverter\grab.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\fdeploy32.dll) - C:\Windows\System32\fdeploy32.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\system32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/29 15:36:35 | 00,000,174 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 18:01:00 | 00,000,053 | -HS- | M] () - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/05/08 18:28:46 | 00,502,272 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTListIt2.exe
[2009/05/08 18:25:01 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/08 18:24:23 | 00,267,612 | ---- | C] () -- C:\Users\Owner\Desktop\Rooter.exe
[2009/05/08 17:32:12 | 00,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2009/05/08 17:31:40 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/08 17:31:39 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/08 17:31:28 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/08 17:31:20 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/05/08 17:31:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/08 17:26:06 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/05/08 17:25:24 | 00,000,714 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2009/05/08 17:24:49 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/08 17:19:25 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Owner\Desktop\SysRestorePoint.exe
[2009/05/08 15:59:47 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2009/05/08 15:51:13 | 00,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2009/05/06 20:58:39 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/05/06 20:58:33 | 00,028,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdimon.dll
[2009/05/05 10:58:27 | 00,139,264 | ---- | C] () -- C:\Windows\System32\fdeploy32.dll
[2009/05/05 10:58:27 | 00,005,740 | -HS- | C] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583C.manifest
[2009/05/05 10:58:27 | 00,001,519 | -HS- | C] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583P.manifest
[2009/05/05 10:58:27 | 00,000,011 | -HS- | C] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583S.manifest
[2009/05/05 10:58:27 | 00,000,011 | -HS- | C] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583O.manifest
[2009/05/05 10:58:26 | 00,001,372 | ---- | C] () -- C:\Windows\System32\rkHLFjyQ57QxS.vbs
[2009/05/05 09:59:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2009/04/28 11:00:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/28 11:00:38 | 00,001,037 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/04/28 11:00:00 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/04/21 15:48:04 | 00,001,077 | ---- | C] () -- C:\Users\Owner\Documents\[email protected] Sharing Folders Archive.lnk
[2009/04/17 21:41:10 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/17 21:41:00 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/17 21:40:59 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/17 21:40:23 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/17 21:40:22 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/17 21:40:21 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/17 21:40:15 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/17 21:40:14 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/17 21:40:13 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/17 21:40:13 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/17 21:40:13 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/17 21:40:13 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/17 21:40:13 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/17 21:39:34 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/17 21:39:33 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/17 21:39:32 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/17 21:39:31 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/17 21:39:31 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/14 16:07:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mob Wars Toolbar
[2009/04/13 22:27:22 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/04/13 22:27:22 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/04/13 22:27:21 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/04/13 22:27:21 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/04/13 22:27:21 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/04/13 22:27:20 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/04/13 22:27:20 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/13 22:27:20 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/04/13 22:27:19 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/04/13 22:27:19 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/04/13 22:27:18 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/04/13 22:27:18 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/04/13 22:27:18 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/04/13 22:27:18 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/04/13 22:27:17 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/13 22:27:17 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/04/13 22:27:17 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/04/13 22:27:16 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/04/13 22:27:16 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/04/13 22:27:15 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/04/13 22:27:15 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/13 22:27:15 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/04/13 22:27:15 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/13 22:27:14 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/04/13 22:27:14 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/04/13 22:27:14 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/04/13 22:27:14 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/04/13 22:27:13 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/13 22:27:13 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/04/13 22:27:12 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/13 22:27:12 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/04/13 22:27:11 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/04/13 22:27:10 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/04/13 22:27:09 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/04/13 22:27:09 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/04/13 22:27:09 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/04/13 22:27:08 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/04/13 22:27:07 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/13 22:27:02 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/13 22:27:01 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/04/13 22:27:01 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/04/13 22:27:00 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/04/13 22:26:59 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/04/13 22:26:58 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/04/13 22:26:58 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/04/13 22:26:58 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/04/13 22:26:58 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/04/13 22:26:57 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/13 22:26:41 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/13 22:26:41 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/04/13 22:26:38 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/13 22:26:34 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/13 22:26:31 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/04/13 22:26:28 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/13 22:26:10 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/12 23:12:47 | 00,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/04/12 23:06:00 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009/04/12 17:39:19 | 00,001,781 | ---- | C] () -- C:\Users\Public\Desktop\Spy Sweeper.lnk
[2009/04/12 17:36:41 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/04/02 14:30:04 | 00,031,088 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2008/04/29 18:18:09 | 00,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/04/29 18:18:09 | 00,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/04/20 21:33:05 | 00,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2008/02/23 14:57:33 | 03,049,984 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/02/23 14:57:33 | 00,404,480 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008/02/23 14:57:33 | 00,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2008/02/23 14:57:33 | 00,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2007/12/11 20:45:06 | 01,069,056 | ---- | C] () -- C:\Windows\System32\libmySQL.dll
[2007/10/30 17:58:45 | 00,000,044 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/10/12 02:11:58 | 00,059,500 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/06/08 21:26:00 | 00,003,654 | ---- | C] () -- C:\Windows\System32\drivers\Sonyhcp.dll
[2007/05/11 17:27:58 | 02,107,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2007/01/03 17:17:23 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007/01/03 17:17:17 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/01/03 16:43:24 | 00,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/01/03 16:43:24 | 00,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/12/12 11:13:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 10:02:50 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:31 | 00,000,188 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/23 13:09:34 | 00,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006/03/06 11:41:02 | 00,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
[2005/12/09 15:37:42 | 00,016,768 | ---- | C] () -- C:\Windows\System32\drivers\LVPrcMon.sys
[2004/09/16 14:26:40 | 00,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/05/08 18:40:01 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9B960FFC-F167-429F-9B4F-EBB661D72B1F}.job
[2009/05/08 18:28:57 | 00,502,272 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTListIt2.exe
[2009/05/08 18:24:33 | 00,267,612 | ---- | M] () -- C:\Users\Owner\Desktop\Rooter.exe
[2009/05/08 18:13:32 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009/05/08 18:13:14 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/08 18:13:13 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/08 18:12:59 | 00,001,540 | ---- | M] () -- C:\Windows\tasks\wrSpySweeperFullSweep.job
[2009/05/08 18:12:59 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/08 18:12:53 | 00,343,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/05/08 18:12:43 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/08 17:31:40 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/08 17:25:24 | 00,000,714 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2009/05/08 17:19:41 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Owner\Desktop\SysRestorePoint.exe
[2009/05/08 15:27:08 | 00,000,188 | ---- | M] () -- C:\Windows\win.ini
[2009/05/08 09:04:25 | 00,001,519 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583P.manifest
[2009/05/08 09:04:14 | 00,005,740 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583C.manifest
[2009/05/08 09:04:14 | 00,000,011 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583S.manifest
[2009/05/08 09:04:14 | 00,000,011 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\020000007754ecbf583O.manifest
[2009/05/07 15:54:51 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/07 15:54:51 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/07 15:54:51 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/06 20:58:40 | 00,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2009/05/05 10:58:27 | 00,139,264 | ---- | M] () -- C:\Windows\System32\fdeploy32.dll
[2009/05/05 10:58:26 | 00,001,372 | ---- | M] () -- C:\Windows\System32\rkHLFjyQ57QxS.vbs
[2009/05/04 20:00:51 | 00,000,480 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus - Run Full System Scan - Owner.job
[2009/04/28 11:00:38 | 00,001,037 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/04/28 11:00:00 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/04/21 15:48:04 | 00,001,077 | ---- | M] () -- C:\Users\Owner\Documents\[email protected] Sharing Folders Archive.lnk
[2009/04/12 23:12:47 | 00,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/04/12 17:39:19 | 00,001,781 | ---- | M] () -- C:\Users\Public\Desktop\Spy Sweeper.lnk
[2009/04/12 17:36:42 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat
< End of report >



OTListIt Extras logfile created on: 5/8/2009 6:38:28 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.32 Mb Total Physical Memory | 144.96 Mb Available Physical Memory | 14.31% Memory free
2.24 Gb Paging File | 1.04 Gb Available in Paging File | 46.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.19 Gb Total Space | 156.87 Gb Free Space | 70.29% Space Free | Partition Type: NTFS
Drive D: | 9.70 Gb Total Space | 4.33 Gb Free Space | 44.69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLEDARAGASTRA
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2879045403-900941454-1005646090-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
"EnableNotificationsCache" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2879045403-900941454-1005646090-500]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
"EnableNotificationsCache" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

{0436B902-5959-48F5-BBE9-2CCC6D4736A3} = LPORT=1900 | PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTEL® VIIV™ MEDIA SERVER UPNP DISCOVERY |
{05FBD4B6-2DA2-4AC6-A2AF-FFDAE80D49C8} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{0C8EBF2E-4E9F-4D08-B948-FBAD19E5FDF8} = LPORT=5357 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD EVENTS-IN) | APP=SYSTEM |
{0CBDFDF6-549E-400D-A6AB-8F07EFB55E92} = RPORT=5358 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD EVENTSSECURE-OUT) | APP=SYSTEM |
{0FD52EDE-F33D-4E33-B68A-DEA25B0A3E3C} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32789 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{143456FC-F291-449B-A9BE-5CE6CB698D1D} = LPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (SSDP-IN) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{188F12EE-AB30-4231-B894-3AA5F2746D1F} = RPORT=2177 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (QWAVE-UDP-OUT) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{1FBEB326-D596-4408-B5FD-A82EB644BB69} = LPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28503 | APP=SYSTEM |
{2037B740-FCA1-462F-BAE2-6A4BFF07FE62} = LPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32753 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{25196BFD-60F8-432C-86C8-7D6B054354D4} = RPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28507 | APP=SYSTEM |
{25AD04E0-F8AA-4EC4-9AAC-0F09D5EA52E9} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD-IN) | APP=C:\WINDOWS\SYSTEM32\NETPROJ.EXE |
{3B69261F-1EEF-45EC-90F5-7849EF4B28E5} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32811 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{445BA54E-F221-44E9-8A1A-30233D0C0217} = LPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28511 | APP=SYSTEM |
{46729CA5-CCFF-452B-AE6B-E62F61FAC3E6} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD-OUT) | APP=C:\WINDOWS\SYSTEM32\NETPROJ.EXE |
{491D1961-2900-44F1-A956-17870BAFB5C1} = LPORT=9442 | PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTEL® VIIV™ MEDIA SERVER DISCOVERY |
{4B2C84B2-A44E-4F53-93C1-0F7C43916A60} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32785 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{50BA2B8D-B5B4-4FED-AA76-8C553C0CFBBA} = LPORT=2177 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (QWAVE-TCP-IN) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{5DD1E714-35DB-4132-BD8E-89877E6FD398} = RPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (SSDP-OUT) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{62A505FD-64E2-406D-8C81-36A016B260B0} = RPORT=2177 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (QWAVE-TCP-OUT) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{6438C731-04F9-49B0-A396-5F7C8F63920C} = RPORT=5357 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD EVENTS-OUT) | APP=SYSTEM |
{72A8986D-2140-4EA7-8169-7A27D1944A96} = RPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32757 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{7AE4219F-8D74-4064-B3F8-31C28B32D6E7} = LPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28519 | APP=SYSTEM |
{7F40019A-FB41-4DC3-A4A2-CFF4E0F59992} = LPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32801 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{80722E5C-C7FF-4646-87D5-2A67FEE5DA7B} = RPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28523 | APP=SYSTEM |
{9A5DF684-0DF3-4020-A036-E09198AB8C07} = LPORT=RPC-EPMAP | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28539 | SVC=RPCSS |
{9DA56F34-2AF6-4223-B589-BD19B2E03F9E} = LPORT=10243 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (HTTP-STREAMING-IN) | APP=SYSTEM |
{9DA5E580-BA73-4245-8708-09D2F1B2561D} = RPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28515 | APP=SYSTEM |
{B22411A2-9E69-4BF0-80DC-AEBBFC939312} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{BB25B276-1D99-4764-B6AE-71F84233DE6D} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32809 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{BCAB012E-4205-4382-A822-002D67BB93D5} = LPORT=2869 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (UPNP-IN) | APP=SYSTEM |
{C341D022-1033-4207-9F8B-1823D7F994E9} = RPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28531 | APP=SYSTEM |
{C3E07324-E2E0-4152-9735-E7E8373D9DF1} = RPORT=10243 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (HTTP-STREAMING-OUT) | APP=SYSTEM |
{D719DAE5-477B-4268-8043-973394F01B2F} = LPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28527 | APP=SYSTEM |
{DCBD60AF-B02E-49D3-973C-363E7030B911} = LPORT=5358 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (WSD EVENTSSECURE-IN) | APP=SYSTEM |
{E761B615-BDA0-4F78-A6FA-3599D61A515F} = LPORT=RPC | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{F5CDA4CF-C162-43B9-A603-D2B7EE2D2E84} = RPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32805 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{FDBC0F49-41F9-43E0-882A-3E21FBA35A00} = LPORT=2177 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (QWAVE-UDP-IN) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |

========== Vista Active Application Exception List ==========

{04578C81-C325-4E69-BDE2-965AD88E1047} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (UDP-IN) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{06B8AA03-1D80-4910-9617-1BB59A12CF98} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=VOIPWISE | APP=C:\PROGRAM FILES\VOIPWISE.COM\VOIPWISE\VOIPWISE.EXE |
{0E9D895A-1DDF-4000-925D-7B32195B1A11} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE SYNC | APP=C:\PROGRAM FILES\WINDOWS LIVE\SYNC\WINDOWSLIVESYNC.EXE |
{1043624C-C4BB-4228-BE2F-93203C952893} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | [email protected],-28543 |
{1C6818D3-CB9D-448F-AFD0-FDB3E3D9EBAF} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (UPNPHOST-OUT) | APP=C:\WINDOWS\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{1CE16965-2120-4F8A-AEBA-D6234C7F6E3E} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | [email protected],-28544 |
{24EB37CC-9013-4395-B46E-2FF87B474FAC} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (TCP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{2D397FB5-8647-460B-BB12-A5B2249ACFA0} = PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SPCM | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\MEDIA SERVER\BIN\TSHWMDTCP.EXE |
{341C8049-D7B4-4AB8-ACB6-A8BE373F9774} = PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTEL® REMOTING SERVICE | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\SHELLS\REMOTE UI SERVICE.EXE |
{3F5CCF88-3BC7-443E-A866-0D05797F48AC} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (STREAMING-UDP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{4300F73A-6103-4670-94E9-B133D30C0425} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (TCP-IN) | APP=C:\WINDOWS\SYSTEM32\NETPROJ.EXE |
{63ED51BE-ABB0-423E-9C1B-998DD5F10ECB} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (TCP-IN) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{71ED18D3-689F-4CAC-9A9A-11279E13DEA7} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER (TCP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{78A8B771-0BEA-4593-888E-EA7CB28E13F8} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=CONNECT TO A NETWORK PROJECTOR (TCP-OUT) | APP=C:\WINDOWS\SYSTEM32\NETPROJ.EXE |
{7A2B4950-6DBD-49DE-AF92-2332EBB55706} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | [email protected],-28546 |
{833ABB70-EC3F-4645-ABD9-AB02BC801636} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | [email protected],-28545 |
{857E5728-B92E-4D05-A233-F655A3D4AA73} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-32821 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{8600B1A9-71B0-4169-958A-7675B313C10F} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MCAFEE NETWORK AGENT | APP=C:\PROGRAM FILES\COMMON FILES\MCAFEE\MNA\MCNASVC.EXE |
{868B71F2-B877-4C6C-9065-0C40BC48C14D} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MCAFEE NETWORK AGENT | APP=C:\PROGRAM FILES\COMMON FILES\MCAFEE\MNA\MCNASVC.EXE |
{8FAB7029-2715-4D61-A948-F0015DB01AEE} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SPCM | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\MEDIA SERVER\BIN\TSHWMDTCP.EXE |
{95A6F314-C42C-4298-9ADB-379611C02187} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER (UDP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{9BDDB2DA-A93E-4E85-956D-50F614BA330C} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=VOIPWISE | APP=C:\PROGRAM FILES\VOIPWISE.COM\VOIPWISE\VOIPWISE.EXE |
{9C80D141-2ACA-47AB-B23C-89D9C7EA8C81} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{9FCE4148-0422-417D-A8BE-C100CBFD7DDD} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER (UDP-IN) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{A5DD4364-4314-42A9-A9A3-1CC7D5A0487F} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (UPNP-OUT) | APP=SYSTEM |
{BABCF079-49F8-4014-8A70-D17470CC4D2B} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=INTEL® REMOTING SERVICE | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\SHELLS\REMOTE UI SERVICE.EXE |
{BCB3BAEB-9A09-42A0-A3E4-07421DDCD0E4} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{BF215F53-DFA2-4015-8BC4-B61CA258F7E7} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=VOIPDISCOUNT | APP=C:\PROGRAM FILES\VOIPDISCOUNT.COM\VOIPDISCOUNT\VOIPDISCOUNT.EXE |
{C6D68445-42ED-44C3-908D-781621AC1792} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=INTEL® VIIV™ MEDIA SERVER | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\MEDIA SERVER\BIN\MEDIASERVER.EXE |
{CB987E3C-B584-4C46-B29D-4E5A4802AB4B} = PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS SHELL NETWORKING | APP=%SYSTEMROOT%\EXPLORER.EXE |
{D0660F88-CE2D-464B-88D9-7C22C7D4FFEA} = PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS SHELL NETWORKING | APP=%SYSTEMROOT%\EXPLORER.EXE |
{D27CCB14-8A0E-4695-A891-D6AD6CB750C4} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (UDP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{EA4E4C93-9AB3-4841-9E03-0DA5EBF2E29B} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (STREAMING-UDP-IN) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{F9E0E424-A0A0-4141-B2DE-296E49F1ABC4} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=WINDOWS MEDIA PLAYER NETWORK SHARING SERVICE (STREAMING-TCP-OUT) | APP=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{FC647C95-7F76-498B-B182-F1C4C0398FA8} = PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTEL® VIIV™ MEDIA SERVER | APP=C:\PROGRAM FILES\INTEL\INTELDH\INTEL MEDIA SERVER\MEDIA SERVER\BIN\MEDIASERVER.EXE |
{FFD55766-5C41-43F7-8AF3-9FCD1FDF2326} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=VOIPDISCOUNT | APP=C:\PROGRAM FILES\VOIPDISCOUNT.COM\VOIPDISCOUNT\VOIPDISCOUNT.EXE |
TCP Query User{3D5504CA-9A14-485C-932E-B95DCAD5CA7D}C:\program files\internet explorer\iexplore.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
TCP Query User{561FB531-6732-41C8-95CA-185E6AEB0125}C:\users\owner\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=OCTOSHAPECLIENT.EXE | APP=C:\USERS\OWNER\APPDATA\LOCAL\OCTOSHAPE\OCTOSHAPE STREAMING SERVICES\OCTOSHAPECLIENT.EXE |
TCP Query User{567A3DC4-5A8D-4717-BEB8-253437E48A9A}C:\program files\skype\phone\skype.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=SKYPE. TAKE A DEEP BREATH | APP=C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE |
TCP Query User{5AC26E31-1686-4314-A59B-6EC60A02802A}C:\users\owner\desktop\virtualdj.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=VIRTUALDJ.EXE | APP=C:\USERS\OWNER\DESKTOP\VIRTUALDJ.EXE |
TCP Query User{744D7943-4F00-4113-B5EB-8418322D9993}C:\program files\real\realplayer\recordingmanager.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=REALNETWORKS DOWNLOAD AND RECORD MANAGER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\RECORDINGMANAGER.EXE |
TCP Query User{A7E74813-4D21-4424-AFBE-2B1238101A94}C:\users\owner\desktop\turretwarsmp_demo_win_106\turretwarsmp_demo_win_106\turretwars mp demo.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=TURRETWARS MP DEMO.EXE | APP=C:\USERS\OWNER\DESKTOP\TURRETWARSMP_DEMO_WIN_106\TURRETWARSMP_DEMO_WIN_106\TURRETWARS MP DEMO.EXE |
TCP Query User{BEB1F7EF-3923-49D1-B11A-197831FD6C1A}C:\program files\leapftp\leapftp.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FILE TRANSFER PROTOCOL (FTP) CLIENT | APP=C:\PROGRAM FILES\LEAPFTP\LEAPFTP.EXE |
TCP Query User{C64C76EF-81BA-4CBA-9BE0-4C4FD9B9317B}C:\program files\real\realplayer\realplay.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=REALPLAYER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE |
UDP Query User{031C4435-E1CF-4D5E-8BD3-DB4ED30E12CE}C:\users\owner\desktop\turretwarsmp_demo_win_106\turretwarsmp_demo_win_106\turretwars mp demo.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=TURRETWARS MP DEMO.EXE | APP=C:\USERS\OWNER\DESKTOP\TURRETWARSMP_DEMO_WIN_106\TURRETWARSMP_DEMO_WIN_106\TURRETWARS MP DEMO.EXE |
UDP Query User{0982A9ED-BF39-4C47-8449-CDCFCAB7F827}C:\users\owner\desktop\virtualdj.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=VIRTUALDJ.EXE | APP=C:\USERS\OWNER\DESKTOP\VIRTUALDJ.EXE |
UDP Query User{44F1601B-DD86-4A4F-8295-D6559E3F2A15}C:\program files\leapftp\leapftp.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FILE TRANSFER PROTOCOL (FTP) CLIENT | APP=C:\PROGRAM FILES\LEAPFTP\LEAPFTP.EXE |
UDP Query User{60693FFB-236A-46E0-8A24-305D22DDB8F1}C:\program files\real\realplayer\realplay.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=REALPLAYER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE |
UDP Query User{6E270206-1025-4AC0-9354-D02ABBC1DCDC}C:\program files\internet explorer\iexplore.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
UDP Query User{9C4C8A9A-2BA3-4DD2-9446-06ED6C285C88}C:\program files\skype\phone\skype.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=SKYPE. TAKE A DEEP BREATH | APP=C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE |
UDP Query User{DA8BE08D-57C0-4A7D-928B-0C01651E432B}C:\users\owner\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=OCTOSHAPECLIENT.EXE | APP=C:\USERS\OWNER\APPDATA\LOCAL\OCTOSHAPE\OCTOSHAPE STREAMING SERVICES\OCTOSHAPECLIENT.EXE |
UDP Query User{DEA2708D-30C3-4A77-9FD1-B1644C803688}C:\program files\real\realplayer\recordingmanager.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=REALNETWORKS DOWNLOAD AND RECORD MANAGER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\RECORDINGMANAGER.EXE |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228F6876-A313-40A3-91C0-C3CBE6997D09}" = Symantec
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E9CF2B-4063-4dab-A251-93FA46F7DECC}_is1" = Spy Sweeper
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel® Viiv™ Software
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}" = Internet Worm Protection
"{31C71563-6607-4BE6-AD87-CCE2F6BADD5E}" = Symantec Real Time Storage Protection Component
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = eMachines Recovery Center Installer
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.18
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B199E0E5-E51C-4AB5-85B1-D1F28D4F4512}" = SymNet
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}" = Norton AntiVirus SYMLT MSI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"[email protected] ISO Burner v 1.1" = [email protected] ISO Burner v 1.1
"Adaptec UDF Reader" = Adaptec UDF Reader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ATT-AACE" = ATT-AACE
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ERUNT_is1" = ERUNT 1.1j
"GreenBrowser_is1" = GreenBrowser
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Intel® Configuration Center" = Intel® Viiv™ Software
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mob Wars Toolbar" = Mob Wars Toolbar 1.438
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = Photo Recovery
"SymSetup.{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus (Symantec Corporation)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VoipDiscount_is1" = VoipDiscount
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QUICKMEDIACONVERTER" = Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/29/2008 4:36:35 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 4/29/2008 4:50:58 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 4/29/2008 4:54:26 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 4/29/2008 4:57:32 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 4/29/2008 7:00:20 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application MovieMk.exe, version 6.0.6000.16386, time stamp
0x4549b5b6, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000374, fault offset 0x000af1c9, process id 0x1c98, application
start time 0x01c8aa49f8b6231b.

Error - 4/30/2008 7:30:34 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application MovieMk.exe, version 6.0.6000.16386, time stamp
0x4549b5b6, faulting module QuickTime.qts, version 7.4.5.67, time stamp 0x47edbb03,
exception code 0xc0000005, fault offset 0x00f34150, process id 0xa24, application
start time 0x01c8ab18912b9244.

Error - 5/6/2008 9:19:47 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program realplay.exe version 11.0.0.431 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 4a0 Start Time: 01c8af7af902e8dd Termination Time: 118

Error - 5/8/2008 8:54:43 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16643 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 56c Start Time: 01c8b16b226e2540 Termination Time: 94

Error - 5/10/2008 1:55:59 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 5/12/2008 6:43:20 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

[ IntelDH Events ]
Error - 10/17/2007 3:10:25 PM | Computer Name = Owner-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer

[ Media Center Events ]
Error - 12/18/2007 9:25:22 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/21/2007 4:37:14 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/16/2008 12:43:29 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 4/17/2008 10:22:00 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/24/2008 8:40:36 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/26/2008 7:09:51 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/1/2008 9:31:25 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/28/2008 9:13:42 AM | Computer Name = bledaragastra | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/2/2008 8:39:51 PM | Computer Name = bledaragastra | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/6/2009 9:30:45 PM | Computer Name = bledaragastra | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 5/7/2009 5:38:38 PM | Computer Name = bledaragastra | Source = Service Control Manager | ID = 7011
Description =

Error - 5/7/2009 5:38:41 PM | Computer Name = bledaragastra | Source = netbt | ID = 4307
Description = Initialization failed because the transport refused to open initial
addresses.

Error - 5/7/2009 11:54:58 PM | Computer Name = bledaragastra | Source = Service Control Manager | ID = 7011
Description =

Error - 5/8/2009 9:03:19 AM | Computer Name = bledaragastra | Source = HTTP | ID = 15016
Description =

Error - 5/8/2009 9:04:01 AM | Computer Name = bledaragastra | Source = Service Control Manager | ID = 7000
Description =

Error - 5/8/2009 3:12:39 PM | Computer Name = bledaragastra | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:11:37 PM on 5/8/2009 was unexpected.

Error - 5/8/2009 3:12:43 PM | Computer Name = bledaragastra | Source = HTTP | ID = 15016
Description =

Error - 5/8/2009 3:13:38 PM | Computer Name = bledaragastra | Source = Service Control Manager | ID = 7000
Description =

Error - 5/8/2009 6:12:59 PM | Computer Name = bledaragastra | Source = HTTP | ID = 15016
Description =

Error - 5/8/2009 6:13:42 PM | Computer Name = bledaragastra | Source = Service Control Manager | ID = 7000
Description =


< End of report >


please i need help.. i aprisciate you time...!
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP