so i get up this morning to get on the much loved game World of Warcraft just to find out that i cant log in. so i make sure im typing everything correctly and i did it enough times to satisfy myself that there is a problem.
so i check my e-mail and there has been a temporary password sent to my e-mail. i copy and paste this PW to my game account and it works and nothing is missing from any of my characters. doing more search and trying to figure things out i decided to see what would happen if i try to log into my e-mail through the website, seeing how this is the only way they would be able to check my e-mail for the temporary PW. well as i put in my accnt info it asks me for my secret question answer, of course i stop right there and dont answer it, so now i know thay cant view any new e-mails, im safe as far as my WoW accnt goes unless i log on and change my PW at the WoW website, but i am worried about any other info they may be able to steal, like bank accnt info. heres my OT lists.
OTListIt logfile created on: 5/24/2009 12:21:53 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Ken\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.59 Gb Available Physical Memory | 64.79% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 12.16 Gb Free Space | 16.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: Q
Current User Name: Ken
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
PRC - C:\Windows\SysWOW64\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Brownie\Brnipmon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Users\Ken\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AMD External Events Utility [Auto | Running]) -- C:\Windows\sysnative\atiesrxx.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files (x86)\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (PerfHost [On_Demand | Stopped]) -- C:\Windows\SysWow64\perfhost.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SBSDWSCService [Auto | Stopped]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV - (Alpham1 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\Alpham164.sys ()
DRV - (Alpham2 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\Alpham264.sys ()
DRV - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\sysnative\drivers\AtiHdmi.sys ()
DRV - (atikmdag [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\atikmdag.sys ()
DRV - (AvgLdx64 [System | Running]) -- C:\Windows\sysnative\Drivers\avgldx64.sys ()
DRV - (AvgMfx64 [System | Running]) -- C:\Windows\sysnative\Drivers\avgmfx64.sys ()
DRV - (AvgTdiA [System | Running]) -- C:\Windows\sysnative\Drivers\avgtdia.sys ()
DRV - (COMMONFX [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\COMMONFX.SYS ()
DRV - (COMMONFX.SYS [On_Demand | Running]) -- C:\Windows\sysnative\drivers\COMMONFX.SYS ()
DRV - (CT20XUT.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CT20XUT.DLL ()
DRV - (ctac32k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ctac32k.sys ()
DRV - (ctaud2k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ctaud2k.sys ()
DRV - (CTAUDFX [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\CTAUDFX.SYS ()
DRV - (CTAUDFX.SYS [On_Demand | Running]) -- C:\Windows\sysnative\drivers\CTAUDFX.SYS ()
DRV - (CTEAPSFX.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTEAPSFX.DLL ()
DRV - (CTEDSPFX.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTEDSPFX.DLL ()
DRV - (CTEDSPIO.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTEDSPIO.DLL ()
DRV - (CTEDSPSY.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTEDSPSY.DLL ()
DRV - (CTERFXFX [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\CTERFXFX.SYS ()
DRV - (CTERFXFX.SYS [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\CTERFXFX.SYS ()
DRV - (CTEXFIFX.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTEXFIFX.DLL ()
DRV - (CTHWIUT.DLL [On_Demand | Stopped]) -- C:\Windows\sysnative\CTHWIUT.DLL ()
DRV - (ctprxy2k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ctprxy2k.sys ()
DRV - (CTSBLFX [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\CTSBLFX.SYS ()
DRV - (CTSBLFX.SYS [On_Demand | Running]) -- C:\Windows\sysnative\drivers\CTSBLFX.SYS ()
DRV - (ctsfm2k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ctsfm2k.sys ()
DRV - (emupia [On_Demand | Running]) -- C:\Windows\sysnative\drivers\emupia2k.sys ()
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\GEARAspiWDM.sys ()
DRV - (ha10kx2k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ha10kx2k.sys ()
DRV - (hap16v2k [On_Demand | Running]) -- C:\Windows\sysnative\drivers\hap16v2k.sys ()
DRV - (hap17v2k [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\hap17v2k.sys ()
DRV - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\HdAudio.sys ()
DRV - (JRAID [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\jraid.sys ()
DRV - (MSIGreenPower [On_Demand | Stopped]) -- C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\NTGLM7X64.sys (MICRO-STAR INT'L CO., LTD.)
DRV - (MSIGreenPowerRushTop [On_Demand | Stopped]) -- C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\RushTop64.sys (Your Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ctoss2k.sys ()
DRV - (RTL8169 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\Rtlh64.sys ()
DRV - (RushTopDevice_J [On_Demand | Stopped]) -- C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\RushJ64.sys (Your Corporation)
DRV - (SaiH8000 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\SaiH8000.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/15 10:32:18 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun (brother)
O4 - HKLM..\Run: [CTHelper] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" ()
O4 - HKCU..\Run: [iMeshInstall] C:\Users\Ken\AppData\Local\Temp\iMeshInstallLauncher.exe /Launch='"C:\Users\Ken\AppData\Local\Temp\NSU53B~1.EXE" /N' File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk = C:\Program Files (x86)\MSI\DualCoreCenter\StartUpDualCoreCenter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\system32\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/13 08:09:27 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3d407b71-b06a-11dd-a7e8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3d407b71-b06a-11dd-a7e8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/24 12:18:46 | 00,000,000 | R--D | M]
========== Files/Folders - Created Within 30 Days ==========
[2009/05/24 12:16:28 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\Ken\Desktop\OTListIt2.exe
[2009/05/24 12:06:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/05/24 11:59:09 | 13,995,096 | ---- | C] (Sunbelt Software ) -- C:\Users\Ken\Desktop\vipre.exe
[2009/05/24 08:09:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/05/24 08:09:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/05/24 08:07:20 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Ken\Desktop\spybotsd162.exe
[2009/05/21 08:37:47 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/05/20 17:10:15 | 00,000,000 | ---D | C] -- C:\Users\Ken\Desktop\HKN Scripts
[2009/05/20 13:08:36 | 00,243,679 | ---- | C] () -- C:\Users\Ken\Desktop\Jamba-0.4e.zip
[2009/05/19 19:22:37 | 00,000,000 | ---D | C] -- C:\Users\Ken\Desktop\hotkeynet
[2009/05/11 17:38:58 | 01,512,432 | ---- | C] () -- C:\Users\Ken\Desktop\AtlasLoot-v5.04.03.zip
[2009/05/10 13:26:36 | 00,554,242 | ---- | C] () -- C:\Users\Ken\Desktop\Gatherer-3.1.13.zip
[2009/05/09 09:23:04 | 00,330,337 | ---- | C] () -- C:\Users\Ken\Desktop\DBM-svn-alpha-r1078.zip
[2009/05/03 12:17:10 | 00,117,227 | ---- | C] () -- C:\Users\Ken\Documents\Untitled.wma
[2009/04/28 22:06:08 | 00,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2009/04/28 22:05:54 | 00,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2009/04/28 22:05:38 | 00,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2009/04/28 21:36:36 | 00,167,952 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2008/12/03 18:40:12 | 00,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2008/12/03 18:40:11 | 00,000,152 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2008/12/03 18:40:09 | 00,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/12/03 18:39:48 | 00,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2008/12/03 18:39:47 | 00,009,853 | ---- | C] () -- C:\Windows\HL-2170W.INI
[2008/12/03 18:37:20 | 00,000,324 | ---- | C] () -- C:\Windows\Brownie.ini
[2008/11/11 22:47:11 | 00,142,848 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2008/11/11 22:47:11 | 00,070,656 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2008/11/11 21:15:05 | 00,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2008/06/27 19:05:08 | 00,049,565 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2008/06/27 19:05:06 | 00,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2008/06/27 18:27:54 | 00,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll
[2008/06/27 18:26:00 | 00,010,752 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2007/08/13 21:45:02 | 00,077,824 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll
[2007/04/12 09:10:28 | 00,105,728 | ---- | C] () -- C:\Windows\System32\APOMgrH.dll
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/10/02 18:25:18 | 00,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini
========== Files - Modified Within 30 Days ==========
[2009/05/24 12:16:32 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Ken\Desktop\OTListIt2.exe
[2009/05/24 11:59:23 | 13,995,096 | ---- | M] (Sunbelt Software ) -- C:\Users\Ken\Desktop\vipre.exe
[2009/05/24 08:07:42 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Ken\Desktop\spybotsd162.exe
[2009/05/24 07:55:31 | 00,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F2A33F59-5BC2-45FD-B68B-D19E0626A181}.job
[2009/05/24 07:52:27 | 00,000,324 | ---- | M] () -- C:\Windows\Brownie.ini
[2009/05/24 07:51:45 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/24 07:51:43 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/20 13:08:40 | 00,243,679 | ---- | M] () -- C:\Users\Ken\Desktop\Jamba-0.4e.zip
[2009/05/11 17:39:06 | 01,512,432 | ---- | M] () -- C:\Users\Ken\Desktop\AtlasLoot-v5.04.03.zip
[2009/05/10 13:26:44 | 00,554,242 | ---- | M] () -- C:\Users\Ken\Desktop\Gatherer-3.1.13.zip
[2009/05/09 09:23:13 | 00,330,337 | ---- | M] () -- C:\Users\Ken\Desktop\DBM-svn-alpha-r1078.zip
[2009/05/03 12:18:22 | 00,117,227 | ---- | M] () -- C:\Users\Ken\Documents\Untitled.wma
[2009/04/28 22:06:08 | 00,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2009/04/28 22:05:54 | 00,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2009/04/28 22:05:38 | 00,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2009/04/28 21:36:36 | 00,167,952 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
========== Alternate Data Streams ==========
@Alternate Data Stream - 523 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
OTListIt Extras logfile created on: 5/24/2009 12:21:53 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Ken\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.59 Gb Available Physical Memory | 64.79% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 12.16 Gb Free Space | 16.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: Q
Current User Name: Ken
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- C:\Windows\system32\regedit.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
{2DB907B4-F243-4786-8C57-DDF10DA6513F} = LPORT=RPC-EPMAP | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28539 | SVC=RPCSS |
{5359EA55-B0B5-486C-83D3-41E6EE38D263} = LPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28503 | APP=SYSTEM |
{58A96AF4-20D4-4F85-8DA6-33DC99B83EF0} = RPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28507 | APP=SYSTEM |
{6E3EBACB-DCF9-45FB-B5AC-5AFFD655429D} = LPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28519 | APP=SYSTEM |
{76C2D0F1-B039-4E31-9545-B6CEC892050A} = LPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28527 | APP=SYSTEM |
{783409D4-A84A-4144-8396-9DA90A3831F8} = RPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28531 | APP=SYSTEM |
{8684A57C-F415-436B-AC05-79C720CC6A40} = LPORT=3724 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BLIZZARD DOWNLOADER: 3724 |
{86DA7874-CE7A-46F7-9D52-DC07E58E1A63} = RPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28515 | APP=SYSTEM |
{8722A512-3CF6-4587-BA90-72AE13D3170B} = LPORT=RPC | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{DD6189E4-45E2-4CDF-8E98-B5778115FC3D} = LPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28511 | APP=SYSTEM |
{E4EC9ED3-A92F-47A0-99CE-47A937EBD684} = RPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28523 | APP=SYSTEM |
========== Vista Active Application Exception List ==========
{49C7B545-0566-4B2A-A8D2-90043937F023} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES (X86)\BONJOUR\MDNSRESPONDER.EXE |
{4FA79E59-A389-448C-ADFA-5BBC9134D9F7} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES (X86)\ITUNES\ITUNES.EXE |
{4FC96555-8A77-4C18-AA73-C1EE876F8213} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BLIZZARD DOWNLOADER | APP=C:\USERS\PUBLIC\DOCUMENTS\BLIZZARD ENTERTAINMENT\WORLD OF WARCRAFT\WOW-2.3.0.7561-TO-2.4.0.8089-ENUS-DOWNLOADER.EXE |
{89C61F87-D315-4D60-B819-883899649E4C} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | [email protected],-28545 |
{97F6A0E7-2878-42CC-A867-CF1AE7F1AAF0} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES (X86)\BONJOUR\MDNSRESPONDER.EXE |
{9B6686B0-C83B-4E43-94B8-1E517F88BD96} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | [email protected],-28544 |
{9DD3F55E-16CD-4FA1-9D12-0B6A11265C47} = PROFILE=PUBLIC | DIR=IN | ACTION=ALLOW | NAME=AVGEMC.EXE | APP=C:\PROGRAM FILES (X86)\AVG\AVG8\AVGEMC.EXE |
{C178B8E5-9611-43E3-99E1-ED20372BA588} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | [email protected],-28543 |
{CDF5A23F-A606-4C3E-B572-3D424B036C16} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES (X86)\ITUNES\ITUNES.EXE |
{CEA7D892-5A80-41BC-8A23-281B8E64D620} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | [email protected],-28546 |
{D322C9B2-5335-47FF-956E-FE69FAC0FD60} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BLIZZARD DOWNLOADER | APP=C:\USERS\PUBLIC\DOCUMENTS\BLIZZARD ENTERTAINMENT\WORLD OF WARCRAFT\WOW-2.3.0.7561-TO-2.4.0.8089-ENUS-DOWNLOADER.EXE |
{ED5D0C09-87BA-42FF-966F-E8D2DCFE59C0} = PROFILE=PUBLIC | DIR=IN | ACTION=ALLOW | NAME=AVGUPD.EXE | APP=C:\PROGRAM FILES (X86)\AVG\AVG8\AVGUPD.EXE |
TCP Query User{1D5AB6C3-1704-499B-96B8-0128C315E856}C:\users\ken\appdata\local\temp\blizzard launcher temporary - 08818bd0\launcher.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=LAUNCHER.EXE | APP=C:\USERS\KEN\APPDATA\LOCAL\TEMP\BLIZZARD LAUNCHER TEMPORARY - 08818BD0\LAUNCHER.EXE |
TCP Query User{6828A45D-6C4E-4DD8-9D59-0FA9C0BAADF4}C:\users\ken\appdata\local\temp\blizzard launcher temporary - 3765a6d0\launcher.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=LAUNCHER.EXE | APP=C:\USERS\KEN\APPDATA\LOCAL\TEMP\BLIZZARD LAUNCHER TEMPORARY - 3765A6D0\LAUNCHER.EXE |
TCP Query User{70741F27-E676-464B-8EE3-E546D38DD575}C:\program files\world of warcraft\launcher.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=BLIZZARD LAUNCHER | APP=C:\PROGRAM FILES\WORLD OF WARCRAFT\LAUNCHER.EXE |
TCP Query User{DBDB5C78-8AED-4B90-ACEC-C25318AC598A}C:\program files\world of warcraft\backgrounddownloader.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BLIZZARD DOWNLOADER | APP=C:\PROGRAM FILES\WORLD OF WARCRAFT\BACKGROUNDDOWNLOADER.EXE |
TCP Query User{FC9CDD57-B433-4484-BC43-37D420BF5039}C:\program files (x86)\internet explorer\iexplore.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE |
UDP Query User{3000E0C5-7F5B-4887-9A55-73EDCF91E2BD}C:\program files (x86)\internet explorer\iexplore.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE |
UDP Query User{35DA1CBF-23C8-471D-A7F4-449983AF0B45}C:\users\ken\appdata\local\temp\blizzard launcher temporary - 3765a6d0\launcher.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=LAUNCHER.EXE | APP=C:\USERS\KEN\APPDATA\LOCAL\TEMP\BLIZZARD LAUNCHER TEMPORARY - 3765A6D0\LAUNCHER.EXE |
UDP Query User{7CF56E93-A3DC-4DC7-96FB-7A0FD06FCBDB}C:\users\ken\appdata\local\temp\blizzard launcher temporary - 08818bd0\launcher.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=LAUNCHER.EXE | APP=C:\USERS\KEN\APPDATA\LOCAL\TEMP\BLIZZARD LAUNCHER TEMPORARY - 08818BD0\LAUNCHER.EXE |
UDP Query User{CE3429FC-1A7D-4CD7-9A73-AB4550D4FA93}C:\program files\world of warcraft\backgrounddownloader.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BLIZZARD DOWNLOADER | APP=C:\PROGRAM FILES\WORLD OF WARCRAFT\BACKGROUNDDOWNLOADER.EXE |
UDP Query User{E791FEA0-4DF9-4B87-89E4-5ADD5F2AC4B9}C:\program files\world of warcraft\launcher.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=BLIZZARD LAUNCHER | APP=C:\PROGRAM FILES\WORLD OF WARCRAFT\LAUNCHER.EXE |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{259BDEFB-DCE0-990E-6C65-EA6DCAF1C604}" = Catalyst Control Center HydraVision Full
"{262296A3-87A4-4614-CBF1-E04455694390}" = Catalyst Control Center Graphics Light
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{4411E4C3-C60F-B094-0E1F-C6E73311A9EA}" = Catalyst Control Center InstallProxy
"{4C1DEA45-A92F-4AEE-87BA-BB505D62AF2B}" = Brother HL-2170W
"{5E7AFD67-97C1-E310-CDC4-9F1547E1677C}" = Catalyst Control Center Graphics Previews Vista
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83A92C93-C5F2-128A-532A-B7C295450476}" = Catalyst Control Center Graphics Full Existing
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8EA950F9-4CC6-35FC-BB9A-761298DE9ADC}" = Catalyst Control Center Graphics Full New
"{9B4B3428-7640-400E-9B96-22243568E296}" = Catalyst Control Center Graphics Previews Common
"{A111CF27-5082-6499-17D3-7FDA158206EF}" = ccc-core-static
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5C36070-143F-489D-FB5A-903940D42325}" = Catalyst Control Center Core Implementation
"{E77C580F-E2C8-23C7-350E-F3317D1C4A8A}" = CCC Help English
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AudioConSole" = Creative Audio Console
"AVG8Uninstall" = AVG Free 8.5
"CCleaner" = CCleaner (remove only)
"DualCoreCenter_is1" = DualCoreCenter
"Fraps" = Fraps (remove only)
"OpenAL" = OpenAL
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"World of Warcraft" = World of Warcraft
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Thx again for all the help,
Ken