Ok. Here are the logs:
OTL LOGOTL logfile created on: 6/21/2009 1:12:21 AM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\Vicious\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.14% Memory free
3.35 Gb Paging File | 2.61 Gb Available in Paging File | 77.93% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 14.64 Gb Free Space | 6.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VICIOUS-E8CB986
Current User Name: Vicious
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\WINDOWS\System32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\System32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG)
PRC - C:\WINDOWS\System32\libusbd-nt.exe (
http://libusb-win32.sourceforge.net)
PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\System32\PnkBstrA.exe ()
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Eset\nod32kui.exe (Eset )
PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe (Lexmark)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\WINDOWS\System32\oodtray.exe (O&O Software GmbH)
PRC - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
PRC - C:\program files\steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe (Jetsoft Development Company)
PRC - C:\Program Files\LexmarkX63\ACMonitor_X63.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Rainmeter\Rainmeter.exe ()
PRC - C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Vicious\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (InCDsrv [Auto | Running]) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\System32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (libusbd [Auto | Running]) -- C:\WINDOWS\System32\libusbd-nt.exe (
http://libusb-win32.sourceforge.net)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NOD32krn [Auto | Running]) -- C:\Program Files\Eset\nod32krn.exe (Eset )
SRV - (nTuneService [Auto | Running]) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (O&O Defrag [Auto | Running]) -- C:\WINDOWS\System32\oodag.exe (O&O Software GmbH)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\System32\PnkBstrA.exe ()
SRV - (SeaPort [Auto | Stopped]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (StyleXPService [Auto | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
========== Driver Services (SafeList) ========== DRV - (adfs [Auto | Running]) -- C:\WINDOWS\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (AMON [Auto | Running]) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (ENTECH [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (FXDRV [On_Demand | Stopped]) -- C:\Program Files\SuperUtilities\Fxdrv.sys (Foxconn)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (InCDfs [Disabled | Running]) -- C:\WINDOWS\System32\drivers\InCDFs.sys (Nero AG)
DRV - (InCDPass [System | Running]) -- C:\WINDOWS\System32\drivers\InCDPass.sys (Nero AG)
DRV - (incdrm [System | Running]) -- C:\WINDOWS\System32\drivers\InCDRm.sys (Nero AG)
DRV - (irsir [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\irsir.sys (Microsoft Corporation)
DRV - (libusb0 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\libusb0.sys ()
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\motmodem.sys (Motorola)
DRV - (nod32drv [System | Running]) -- C:\WINDOWS\system32\drivers\nod32drv.sys ()
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvatabus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvax [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\nvax.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (nvnforce [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\nvapu.sys (NVIDIA Corporation)
DRV - (NVR0Dev [On_Demand | Running]) -- C:\WINDOWS\nvoclock.sys (NVidia Corp.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RivaTuner32 [On_Demand | Stopped]) -- C:\Program Files\RivaTuner v2.09\RivaTuner32.sys ()
DRV - (SbcpHid [Auto | Running]) -- C:\WINDOWS\System32\Drivers\SbcpHid.sys ()
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys ()
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (StyleXPHelper [System | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...p...&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...p...ER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "
http://slirsredirect...fftrie7&query="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com"FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems:
[email protected]:0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..keyword.URL: "
http://slirsredirect...0fftrab&query=" FF - HKLM\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/01 04:26:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/20 01:44:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/14 16:47:20 | 00,000,000 | ---D | M]
[2008/08/29 01:04:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Extensions
[2008/08/29 01:04:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/20 16:47:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Firefox\Profiles\bdygfo2v.default\extensions
[2009/04/28 00:45:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Firefox\Profiles\bdygfo2v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/10/31 22:35:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Firefox\Profiles\bdygfo2v.default\extensions\
[email protected][2009/01/24 04:28:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\mozilla\Firefox\Profiles\bdygfo2v.default\extensions\
[email protected][2008/12/01 18:58:43 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Vicious\Application Data\Mozilla\FireFox\Profiles\bdygfo2v.default\searchplugins\aim-search.xml
[2008/01/24 00:23:18 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\Vicious\Application Data\Mozilla\FireFox\Profiles\bdygfo2v.default\searchplugins\aolsearch.xml
[2007/07/21 12:14:55 | 00,002,105 | ---- | M] () -- C:\Documents and Settings\Vicious\Application Data\Mozilla\FireFox\Profiles\bdygfo2v.default\searchplugins\youtube-video-search.xml
[2009/06/20 01:45:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/14 16:47:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/09/01 20:44:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/12/10 06:51:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/19 08:40:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/08/01 01:06:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/02/18 22:41:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/07 18:24:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/19 20:30:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/06/14 16:47:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/14 16:47:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/24 15:34:32 | 01,044,480 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2007/08/29 17:47:44 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/02/24 15:34:14 | 01,337,648 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/02/24 15:34:22 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2008/09/26 12:40:34 | 00,053,248 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll
[2005/12/05 23:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2009/06/14 16:47:15 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2004/12/14 02:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007/12/21 04:00:00 | 00,144,720 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/01/31 05:01:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/01/31 05:01:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/01/31 05:01:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/01/31 05:01:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/01/31 05:01:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/01/31 05:01:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/01/31 05:01:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/12/21 04:00:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2008/09/26 22:22:56 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/04/16 13:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2009/02/24 15:34:32 | 00,200,704 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/04/30 17:23:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/30 17:23:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/30 17:23:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/30 17:23:04 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/30 17:23:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/30 17:23:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/30 17:23:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (66 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LexStart] File not found
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\System32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe (Lexmark)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe ()
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AcBtnMgr_X63.exe.lnk = C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe (Jetsoft Development Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ACMonitor_X63.exe.lnk = C:\Program Files\LexmarkX63\ACMonitor_X63.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\Vicious\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Vicious\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1}
http://musicmix.mess.../Medialogic.CAB (CMediaMix Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.233.217.3 64.233.217.5
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/20 12:37:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{84dd5cdb-36bb-11dc-84eb-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{84dd5cdb-36bb-11dc-84eb-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{84dd5cdb-36bb-11dc-84eb-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
========== Files/Folders - Created Within 30 Days ========== [9 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2100/02/23 18:55:50 | 00,001,096 | ---- | C] () -- C:\WINDOWS\Lexmark_ICM.ini
[2100/02/23 15:35:34 | 00,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/08 17:03:54 | 00,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2100/02/08 16:53:34 | 00,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2009/06/21 01:09:58 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Virus.doc
[2009/06/21 01:08:27 | 00,512,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vicious\Desktop\OTL.exe
[2009/06/19 22:07:51 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/19 22:07:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/06/19 20:01:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/06/19 18:08:28 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/19 15:35:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vicious\Application Data\Malwarebytes
[2009/06/19 15:35:29 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/19 15:35:28 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/19 15:35:28 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/19 15:35:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/18 14:10:47 | 00,453,273 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\desktop.PNG
[2009/06/17 17:38:57 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\91044056.ini
[2009/06/17 14:31:22 | 00,000,000 | ---D | C] -- C:\Program Files\IconPhile
[2009/06/17 11:54:46 | 00,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2009/06/17 11:29:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/06/17 10:13:28 | 00,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2009/06/17 09:21:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vicious\My Documents\Rosetta Languages
[2009/06/17 08:53:14 | 00,001,576 | ---- | C] () -- C:\Documents and Settings\Vicious\Start Menu\Programs\Startup\Rainmeter.lnk
[2009/06/17 08:53:03 | 00,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2009/06/17 08:46:56 | 04,999,119 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\01.Govinda - Charming the Serpent.mp3
[2009/06/17 08:33:15 | 07,663,616 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\14 - Grand Tourism - La Guitare Enchantee.mp3
[2009/06/17 08:17:30 | 08,649,375 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\09 Nightmares on Wax - Carboot Soul (Limited Edition) - Survival.mp3
[2009/06/17 08:17:11 | 08,659,961 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\09 - Survival.mp3
[2009/06/15 22:09:35 | 00,000,502 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Skin Log - Florida.doc
[2009/06/15 14:22:08 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/06/15 14:22:08 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/06/15 14:22:08 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/06/15 14:22:07 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/06/15 14:22:07 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/06/15 14:22:06 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/06/15 14:11:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vicious\Local Settings\Application Data\Downloaded Installations
[2009/06/14 13:52:44 | 00,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ACMonitor_X63.exe.lnk
[2009/06/14 13:52:44 | 00,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AcBtnMgr_X63.exe.lnk
[2009/06/14 13:47:40 | 00,002,554 | ---- | C] () -- C:\WINDOWS\System32\oodbs.lor
[2009/06/14 13:38:24 | 00,000,162 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\New Wordpad Document.doc
[2009/06/05 16:51:41 | 00,000,000 | ---D | C] -- C:\Program Files\MS Office 2007 Portable (6-in-1)
[2009/06/05 16:05:36 | 00,000,000 | ---D | C] -- C:\Program Files\OO Software
[2009/06/05 15:42:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vicious\Local Settings\Application Data\O&O
[2009/06/05 02:12:31 | 03,346,193 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\finish.png
[2009/06/04 22:19:22 | 00,019,456 | ---- | C] (
http://libusb-win32.sourceforge.net) -- C:\WINDOWS\System32\libusbd-9x.exe
[2009/06/04 22:19:22 | 00,018,944 | ---- | C] (
http://libusb-win32.sourceforge.net) -- C:\WINDOWS\System32\libusbd-nt.exe
[2009/06/04 22:19:22 | 00,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32-0.1.10.1
[2009/06/03 23:06:03 | 00,349,699 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix2.jpg
[2009/06/03 09:08:02 | 03,319,215 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemash.png
[2009/06/03 08:56:33 | 03,326,475 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackredmix.png
[2009/06/03 08:55:08 | 03,328,019 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackredtrim.png
[2009/06/03 08:53:19 | 03,321,449 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix2.png
[2009/06/03 08:51:11 | 03,319,124 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix.png
[2009/06/03 08:48:39 | 03,316,293 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\whiteblackrim.png
[2009/06/03 08:46:16 | 03,319,715 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\redblacktrim.png
[2009/06/03 08:33:23 | 03,450,855 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\blackwhiterim.png
[2009/06/02 14:49:26 | 00,342,399 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Temp1.jpg
[2009/06/02 14:42:00 | 01,282,326 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\label.BMP
[2009/06/02 14:22:26 | 01,453,086 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\receipt.BMP
[2009/06/02 04:04:08 | 03,362,764 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\template3.png
[2009/06/02 04:02:40 | 02,683,015 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\template1.jpg
[2009/06/01 23:47:48 | 09,830,698 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\09 Try A Little Tenderness.mp3
[2009/06/01 23:42:29 | 11,008,765 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\11. Shout.mp3
[2009/06/01 23:36:13 | 05,389,138 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Who's That Lady.mp3
[2009/06/01 23:31:29 | 03,583,994 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Áíôßăńáöď áđü bryan adams and barbra streisand - brian adams & barbara streisand - i finally found someone.mp3
[2009/06/01 23:20:47 | 09,154,105 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Earth, Wind & Fire - Boogie Wonderland.mp3
[2009/06/01 23:14:13 | 04,857,856 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Sing A Song.mp3
[2009/05/31 00:15:53 | 02,693,608 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\template.jpg
[2009/05/30 01:48:21 | 02,757,134 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Perfectlabel.psd
[2009/05/28 22:22:26 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2009/05/28 22:05:03 | 53,649,219 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Sticktemp1e.psd
[2009/05/28 20:36:45 | 00,000,000 | ---D | C] -- C:\Program Files\iMesh Applications
[2009/05/27 12:33:50 | 08,300,492 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\(02)_primo_,_drop_the_funk_(funk_distraction_mix)_-_miguel_migs.mp3
[2009/05/24 02:39:28 | 51,019,288 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\WIP.psd
[2009/05/24 02:39:19 | 52,287,815 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\WIP3.psd
[2009/05/24 02:39:07 | 51,577,603 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\WIP2.psd
[2009/05/24 02:39:06 | 03,900,701 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Tournament_FightStick_Template_MadCatz.psd
[2009/05/24 02:38:55 | 55,546,316 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Stickart2.psd
[2009/05/24 02:38:45 | 51,032,241 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Stickart1.psd
[2009/05/24 02:38:43 | 00,014,873 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\New Rich Text Docum11ent.rtf
[2009/05/24 02:38:16 | 05,435,230 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\label.psd
[2009/05/24 02:38:15 | 06,886,356 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\label2.psd
[2009/05/24 02:38:13 | 04,329,688 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\hraptemplatebezelssplatters12.psd
[2009/05/24 02:38:12 | 04,485,933 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\hraptemplatebezelssplatters1.psd
[2009/05/24 02:38:11 | 01,324,407 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\HRAP3_Vewlix8SS.zip
[2009/05/24 02:38:10 | 00,180,743 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Bookmarks 2009-05-23.json
[2009/05/24 02:37:29 | 17,288,3218 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\Armin van Buuren - A State Of Trance 330 (DI-FM) 12-13-2007.mp3
[2009/05/24 02:37:22 | 19,203,361 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\12 - Black Mighty Orchestra - Ocean Beach (Cybophonia Cinematic Remix)..mp3
[2009/05/24 02:37:15 | 22,202,368 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\10-Monk And Canatella _ Enter The Monk.mp3
[2009/05/24 02:37:12 | 12,271,040 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\10 - Mind Wide Open.mp3
[2009/05/24 02:37:09 | 10,446,280 | ---- | C] () -- C:\Documents and Settings\Vicious\My Documents\06 Black Mighty Orchestra - Give Me your Love (Crazy [bleep] remix).mp3
[2008/10/19 00:11:46 | 00,000,427 | ---- | C] () -- C:\WINDOWS\n02.ini
[2008/10/18 19:45:25 | 00,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2008/10/01 17:01:22 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/01 17:01:22 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/09/16 17:21:55 | 00,001,554 | ---- | C] () -- C:\WINDOWS\RefreshLock.ini
[2008/05/22 00:50:17 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/05/22 00:49:55 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/05/16 22:46:32 | 00,000,537 | ---- | C] () -- C:\WINDOWS\FICEDULA.INI
[2008/05/10 15:47:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008/05/10 01:50:18 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/03/14 01:59:29 | 00,000,082 | ---- | C] () -- C:\WINDOWS\TweakOblivion.ini
[2008/03/08 06:04:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2008/03/08 05:27:26 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\smdll.dll
[2008/03/08 05:27:26 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2008/03/08 05:27:26 | 00,008,192 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2008/03/08 05:27:25 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/03/08 05:27:23 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/03/08 05:27:19 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/03/08 05:27:10 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2008/03/08 05:27:10 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2008/03/08 05:27:09 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2008/03/07 00:12:24 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/03/03 02:33:03 | 00,000,182 | ---- | C] () -- C:\WINDOWS\bsacmd.INI
[2008/03/02 17:15:32 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2007/11/26 22:56:28 | 00,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/10/17 00:07:08 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007/10/16 10:23:28 | 00,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2007/10/07 10:44:01 | 00,000,654 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2007/09/02 11:51:00 | 00,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2007/07/29 22:41:32 | 00,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/07/21 07:13:54 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/07/21 03:41:23 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007/04/20 06:05:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/04/20 06:05:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/12 12:01:30 | 00,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/12/30 18:47:50 | 00,000,495 | ---- | C] () -- C:\WINDOWS\sagamp3cutter.ini
[2006/03/18 09:16:04 | 00,540,178 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2004/08/04 00:56:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/07/17 11:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003/08/07 14:01:52 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/07/17 15:43:35 | 00,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\SCCD3X01.DLL
[2002/07/17 15:43:35 | 00,090,112 | ---- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2001/09/05 16:23:56 | 00,030,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/08/23 08:00:00 | 00,000,631 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 08:00:00 | 00,000,264 | ---- | C] () -- C:\WINDOWS\System.ini
[2001/05/13 17:18:34 | 00,000,209 | ---- | C] () -- C:\WINDOWS\X63_DS.ini
[2000/10/24 09:08:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/10/24 09:08:33 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/04/20 03:15:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\unvise32.dll
[1997/11/17 17:13:16 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
========== Files - Modified Within 30 Days ========== [9 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/06/21 01:09:58 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Virus.doc
[2009/06/21 01:08:32 | 00,512,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vicious\Desktop\OTL.exe
[2009/06/21 00:33:00 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/06/20 18:00:00 | 00,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/06/20 13:18:58 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2009/06/20 13:18:56 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2009/06/20 04:14:16 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/20 01:53:42 | 00,000,066 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/06/20 00:57:00 | 00,000,380 | ---- | M] () -- C:\WINDOWS\tasks\DriverCure.job
[2009/06/19 22:25:25 | 00,195,072 | ---- | M] () -- C:\Documents and Settings\Vicious\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/19 16:50:33 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/06/18 14:10:47 | 00,453,273 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\desktop.PNG
[2009/06/18 11:34:49 | 00,272,746 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\jhfghgf.m3u
[2009/06/17 19:53:03 | 02,482,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/17 19:52:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/17 19:52:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/17 19:52:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/17 19:52:43 | 00,002,554 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2009/06/17 17:38:57 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\91044056.ini
[2009/06/17 14:21:28 | 00,000,502 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Skin Log - Florida.doc
[2009/06/17 13:49:48 | 00,171,144 | ---- | M] () -- C:\Documents and Settings\Vicious\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/17 11:44:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/17 09:00:53 | 04,999,119 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\01.Govinda - Charming the Serpent.mp3
[2009/06/17 08:53:14 | 00,001,576 | ---- | M] () -- C:\Documents and Settings\Vicious\Start Menu\Programs\Startup\Rainmeter.lnk
[2009/06/17 08:41:30 | 07,663,616 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\14 - Grand Tourism - La Guitare Enchantee.mp3
[2009/06/17 08:28:14 | 08,659,961 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\09 - Survival.mp3
[2009/06/17 08:21:19 | 08,649,375 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\09 Nightmares on Wax - Carboot Soul (Limited Edition) - Survival.mp3
[2009/06/14 13:59:39 | 00,000,209 | ---- | M] () -- C:\WINDOWS\X63_DS.ini
[2009/06/14 13:52:44 | 00,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ACMonitor_X63.exe.lnk
[2009/06/14 13:52:44 | 00,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AcBtnMgr_X63.exe.lnk
[2009/06/14 13:45:56 | 00,000,162 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\New Wordpad Document.doc
[2009/06/08 16:22:17 | 00,001,953 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Things to Sell.doc
[2009/06/05 15:48:38 | 53,649,219 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Sticktemp1e.psd
[2009/06/05 02:12:53 | 03,346,193 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\finish.png
[2009/06/03 23:06:06 | 00,349,699 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix2.jpg
[2009/06/03 09:08:22 | 03,319,215 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemash.png
[2009/06/03 08:56:57 | 03,326,475 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackredmix.png
[2009/06/03 08:55:32 | 03,328,019 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackredtrim.png
[2009/06/03 08:53:43 | 03,321,449 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix2.png
[2009/06/03 08:51:36 | 03,319,124 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackwhitemix.png
[2009/06/03 08:49:03 | 03,316,293 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\whiteblackrim.png
[2009/06/03 08:46:38 | 03,319,715 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\redblacktrim.png
[2009/06/03 08:33:44 | 03,450,855 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\blackwhiterim.png
[2009/06/02 14:49:28 | 00,342,399 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Temp1.jpg
[2009/06/02 14:43:08 | 01,282,326 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\label.BMP
[2009/06/02 14:40:31 | 01,453,086 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\receipt.BMP
[2009/06/02 04:04:28 | 03,362,764 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\template3.png
[2009/06/02 04:02:44 | 02,683,015 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\template1.jpg
[2009/06/01 23:49:12 | 09,830,698 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\09 Try A Little Tenderness.mp3
[2009/06/01 23:45:15 | 11,008,765 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\11. Shout.mp3
[2009/06/01 23:37:25 | 05,389,138 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Who's That Lady.mp3
[2009/06/01 23:33:55 | 03,583,994 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Áíôßăńáöď áđü bryan adams and barbra streisand - brian adams & barbara streisand - i finally found someone.mp3
[2009/06/01 23:28:30 | 09,154,105 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Earth, Wind & Fire - Boogie Wonderland.mp3
[2009/06/01 23:14:43 | 04,857,856 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Sing A Song.mp3
[2009/05/31 16:19:35 | 02,693,608 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\template.jpg
[2009/05/30 01:48:25 | 02,757,134 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Perfectlabel.psd
[2009/05/27 12:47:22 | 08,300,492 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\(02)_primo_,_drop_the_funk_(funk_distraction_mix)_-_miguel_migs.mp3
[2009/05/26 17:57:29 | 00,000,631 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/23 04:45:25 | 00,180,743 | ---- | M] () -- C:\Documents and Settings\Vicious\My Documents\Bookmarks 2009-05-23.json
========== LOP Check ========== [2009/06/19 22:07:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/08 14:35:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/15 13:27:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/10/20 14:05:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/06/17 07:36:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/03/23 12:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/02/03 05:16:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2007/11/09 03:18:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2009/04/28 19:13:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/02/04 02:38:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2009/06/20 13:33:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/01 18:58:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/19 15:35:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Vicious\Application Data
[2008/03/09 02:42:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Ahead
[2008/05/25 20:04:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Bioshock
[2007/10/13 05:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\BitTorrent
[2008/03/13 22:34:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\BitTorrent DNA
[2008/02/01 04:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\BitTorrent DNA[bleep]
[2008/10/22 20:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
[2008/10/31 22:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Damdai
[2008/09/08 21:29:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\DNA
[2009/03/30 17:21:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\dvdcss
[2009/03/15 13:48:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\fltk.org
[2007/11/27 01:05:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\FrostWire
[2009/02/22 17:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\OLYMPUS
[2008/02/04 02:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Publish Providers
[2008/02/10 22:39:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\SecondLife
[2008/05/25 05:12:59 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Vicious\Application Data\SecuROM
[2008/02/04 02:53:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Sony
[2008/02/04 02:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Sony Setup
[2008/01/13 05:09:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\SystemRequirementsLab
[2009/06/19 17:43:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\uTorrent
[2007/12/19 21:59:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\What the...
[2009/04/08 23:59:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Vicious\Application Data\Xilisoft Corporation
[2009/06/17 11:44:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/23 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/06/20 00:57:00 | 00,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\DriverCure.job
[2009/06/20 18:00:00 | 00,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2009/06/21 00:33:00 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2009/06/17 19:52:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 488 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
EXTRAS LOGOTL Extras logfile created on: 6/21/2009 1:12:21 AM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\Vicious\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.14% Memory free
3.35 Gb Paging File | 2.61 Gb Available in Paging File | 77.93% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 14.64 Gb Free Space | 6.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VICIOUS-E8CB986
Current User Name: Vicious
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.reg [@ = regfile] -- Reg Error: Value error. File not found
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent ()
C:\Program Files\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe:*:Enabled:PlayOnline Viewer File not found
C:\Program Files\Steam\SteamApps\viciousboss\counter-strike source\hl2.exe:*:Enabled:hl2 ()
C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek ()
C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor (Autodesk, Inc.)
C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager (Autodesk, Inc.)
C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server (Autodesk, Inc.)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:BitTorrent DNA ()
C:\Program Files\Steam\steam.exe:*:Enabled:Steam (Valve Corporation)
C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb (Orb Networks, Inc.)
C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray (Orb Networks)
C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client (Orb Networks)
C:\Program Files\Steam\SteamApps\viciousboss\source sdk base\hl2.exe:*:Enabled:hl2 File not found
C:\UT2004Demo\System\UT2004.exe:*:Enabled:UT2004 File not found
C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice File not found
C:\Program Files\DNA\btdna.exe:*:Enabled:btdna (BitTorrent, Inc.)
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ ()
C:\Program Files\OCTGN\OCTGN.exe:*:Enabled:OCTGN- Online Card and Tabletop Games Network File not found
C:\Program Files\Sun\Steam\steamapps\viciousboss\counter-strike source\hl2.exe:*:Enabled:hl2 File not found
C:\nFBA\nfba.exe:*:Enabled:Emulator for MC68000/Z80 based arcade games (Team FB Alpha)
C:\Program Files\GGPO\ggpo.exe:*:Enabled:ggpo ()
C:\Program Files\GGPO\ggpofba.exe:*:Enabled:Emulator for MC68000/Z80 based arcade games (Team FB Alpha)
C:\Documents and Settings\Vicious\Local Settings\Apps\2.0\3GX2J0PY.M1X\BQ1MHO16.MLH\2dff..tion_fcdf29b345c9098a_0001.0000_c4d8af0ee0519334\2DF FreePlay Client.exe:*:Enabled:2DF FreePlay Client (Damdai)
C:\Documents and Settings\Vicious\Application Data\Damdai\2DF\FreePlay\freeplay_emu.exe:*:Enabled:2DF FreePlay Emulator (Damdai)
C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE (Lexmark International, Inc.)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader File not found
C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM File not found
C:\Documents and Settings\Vicious\Local Settings\Apps\2.0\3GX2J0PY.M1X\BQ1MHO16.MLH\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2DF FreePlay Client.exe:*:Enabled:2DF FreePlay Client (Damdai)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 (Adobe Systems Incorporated)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10E33F6D-16E6-400E-BA1E-DF9F1BCD1B30}" = SuperUtilities
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 14
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{31800004-6386-4999-A519-518F2D78D8F0}" = Python 2.5.1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160050}" = Java™ SE Development Kit 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A915F98-120A-49D6-BA90-924DC4918F01}" = Pluggy
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68BD9036-0952-4849-AE7A-963BB53EDB71}" = GGPO
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}" = Motorola Driver Installation 3.4.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DA83EA6-E731-4722-958D-613399AE1033}" = Nero 7 Essentials
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{92DF1607-ABCD-4511-8095-2436D94E952C}" = Microsoft DirectX SDK (March 2008)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A0A20753-92DF-4631-82B4-9CACE2FCED6A}" = Oblivion - The Fighter's Stronghold
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF68235B-7FA7-4B91-AD10-C22867154174}" = NVIDIA CUDA Toolkit
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D8D06241-617C-42AB-B9C7-D9BA5A377D10}" = NVIDIA Texture Tools 2
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8F728D0-C3F0-42EB-BBC2-C4A38A577CB1}" = Motorola Phone Tools
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASIO4ALL" = ASIO4ALL
"Bink and Smacker" = Bink and Smacker
"Collab" = Collab
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriverCleanerDotNET" = DH Driver Cleaner.NET
"FL Studio 8" = FL Studio 8
"Francesco's leveled creatures-items mod_is1" = Francesco's leveled creatures-items mod 4.5b
"Francesco's optional new items/creatures_is1" = Francesco's optional new items/creatures 4.5
"Fraps" = Fraps (remove only)
"HijackThis" = HijackThis 2.0.2
"IconPackager" = IconPackager
"IL Download Manager" = IL Download Manager
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"iZotope Ozone Free 1.0 for Winamp_is1" = iZotope Ozone Free 1.0 for Winamp
"LastFM_is1" = Last.fm 1.5.4.24567
"LGPDetails" = LGP Details Property Sheet
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Movkit Batch Video Converter_is1" = Movkit Batch Video Converter 2.8
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NifSkope" = NifSkope (remove only)
"NOD32" = NOD32 antivirus system
"NVIDIA Drivers" = NVIDIA Drivers
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.10
"Operation Optimization_is1" = Operation Optimization v1.1.1
"Orb" = Winamp Remote
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"Rainlendar2" = Rainlendar2 (remove only)
"Rainmeter" = Rainmeter (remove only)
"RealAlt_is1" = Real Alternative 1.7.5
"RocketDock_is1" = RocketDock 1.3.5
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Soulseek" = SoulSeek Client 156c
"Steam App 17500" = Zombie Panic! Source
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"StyleXP" = StyleXP (remove only)
"SystemRequirementsLab" = System Requirements Lab
"The Rosetta Stone" = The Rosetta Stone
"Toxic Biohazard" = Toxic Biohazard
"TweakOblivion_is1" = Oblivion - TweakOblivion 5.10 (Build:370)
"Unofficial Oblivion Patch_is1" = Unofficial Oblivion Patch v3.0.0
"Unofficial Official Mods Patch_is1" = Unofficial Official Mods Patch v15
"Unofficial Shivering Isles Patch_is1" = Unofficial Shivering Isles Patch v1.4.0
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wxPython2.8-ansi-py25_is1" = wxPython 2.8.7.1 (ansi) for Python 2.5
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent 6.0
"BitTorrent DNA" = DNA
"LiteStep Installer" = LiteStep
"Neo Final Burn Alpha" = Neo Final Burn Alpha
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/19/2009 5:36:38 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Error | ID = 1000
Description = Faulting application rainmeter.exe, version 0.0.0.0, faulting module
user32.dll, version 5.1.2600.2180, fault address 0x0000d227.
Error - 6/19/2009 7:50:50 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Error | ID = 1000
Description = Faulting application rainmeter.exe, version 0.0.0.0, faulting module
user32.dll, version 5.1.2600.2180, fault address 0x0000d227.
Error - 6/19/2009 7:52:36 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.5.2419, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/19/2009 7:56:03 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Error | ID = 1000
Description = Faulting application winamp.exe, version 5.5.5.2419, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Error - 6/19/2009 10:06:58 PM | Computer Name = VICIOUS-E8CB986 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 6/19/2009 10:06:58 PM | Computer Name = VICIOUS-E8CB986 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 6/19/2009 11:04:40 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Hang | ID = 1002
Description = Hanging application moviemk.exe, version 2.1.4026.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/19/2009 11:04:41 PM | Computer Name = VICIOUS-E8CB986 | Source = Application Hang | ID = 1002
Description = Hanging application moviemk.exe, version 2.1.4026.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/20/2009 2:50:15 AM | Computer Name = VICIOUS-E8CB986 | Source = Application Error | ID = 1000
Description = Faulting application rainmeter.exe, version 0.0.0.0, faulting module
user32.dll, version 5.1.2600.2180, fault address 0x0000d227.
Error - 6/20/2009 4:10:46 AM | Computer Name = VICIOUS-E8CB986 | Source = Application Hang | ID = 1002
Description = Hanging application vegas80.exe, version 8.0.0.179, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 6/5/2009 3:40:38 PM | Computer Name = VICIOUS-E8CB986 | Source = Service Control Manager | ID = 7034
Description = The O&O Defrag service terminated unexpectedly. It has done this
3 time(s).
Error - 6/5/2009 3:41:52 PM | Computer Name = VICIOUS-E8CB986 | Source = Service Control Manager | ID = 7034
Description = The O&O Defrag service terminated unexpectedly. It has done this
4 time(s).
Error - 6/5/2009 4:04:00 PM | Computer Name = VICIOUS-E8CB986 | Source = Service Control Manager | ID = 7034
Description = The O&O Defrag service terminated unexpectedly. It has done this
1 time(s).
Error - 6/7/2009 7:31:15 PM | Computer Name = VICIOUS-E8CB986 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the libusbd service.
Error - 6/14/2009 1:57:51 AM | Computer Name = VICIOUS-E8CB986 | Source = Print | ID = 6161
Description = The document AirTran Airways Reservations owned by Chris failed to
print on printer Lexmark X63. Data type: LEMF. Size of the spool file in bytes:
1560711. Number of bytes printed: 4. Total number of pages in the document: 2.
Number of pages printed: 0. Client machine: \\VICIOUS-E8CB986. Win32 error code
returned by the print processor: 232 (0xe8).
Error - 6/14/2009 2:04:32 AM | Computer Name = VICIOUS-E8CB986 | Source = Print | ID = 6161
Description = The document AirTran Airways Reservations owned by Chris failed to
print on printer Lexmark X63. Data type: LEMF. Size of the spool file in bytes:
1561983. Number of bytes printed: 4. Total number of pages in the document: 2.
Number of pages printed: 0. Client machine: \\VICIOUS-E8CB986. Win32 error code
returned by the print processor: 232 (0xe8).
Error - 6/14/2009 2:05:12 AM | Computer Name = VICIOUS-E8CB986 | Source = Print | ID = 6161
Description = The document AirTran Airways Reservations owned by Chris failed to
print on printer Lexmark X63. Data type: LEMF. Size of the spool file in bytes:
1561543. Number of bytes printed: 4. Total number of pages in the document: 2.
Number of pages printed: 0. Client machine: \\VICIOUS-E8CB986. Win32 error code
returned by the print processor: 232 (0xe8).
Error - 6/14/2009 1:38:49 PM | Computer Name = VICIOUS-E8CB986 | Source = Print | ID = 6161
Description = The document New Wordpad Document.doc owned by Vicious failed to print
on printer Lexmark X63. Data type: LEMF. Size of the spool file in bytes: 2590.
Number of bytes printed: 4. Total number of pages in the document: 1. Number of
pages printed: 0. Client machine: \\VICIOUS-E8CB986. Win32 error code returned
by the print processor: 232 (0xe8).
Error - 6/14/2009 1:48:36 PM | Computer Name = VICIOUS-E8CB986 | Source = Print | ID = 23
Description = Printer Lexmark X63,0 failed to initialize because a suitable Lexmark
X63 driver could not be found.
Error - 6/19/2009 9:45:45 PM | Computer Name = VICIOUS-E8CB986 | Source = Service Control Manager | ID = 7034
Description = The SeaPort service terminated unexpectedly. It has done this 1 time(s).
< End of report >
COMBOFIX LOGComboFix 09-06-22.04 - Vicious 06/22/2009 20:02.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1660 [GMT -4:00]
Running from: c:\documents and settings\Vicious\Desktop\Combo-Fix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\SKYNETqutvbwve.sys
c:\windows\system32\SKYNETcnenrkpr.dat
c:\windows\system32\SKYNETgtxmssqa.dll
c:\windows\system32\SKYNETpmkanebk.dll
c:\windows\system32\SKYNETurxtfkln.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNETwqonwmmy
((((((((((((((((((((((((( Files Created from 2009-05-23 to 2009-06-23 )))))))))))))))))))))))))))))))
.
2100-02-23 19:35 . 2001-02-22 14:54 768 ----a-w- c:\program files\x73_lut.dat
2100-02-08 21:03 . 2001-05-11 16:39 53248 ----a-w- c:\program files\ACMonitor_X73.exe
2009-06-22 10:46 . 2009-06-22 10:46 93 ----a-w- c:\windows\system32\SKYNET.dat
2009-06-21 05:15 . 2009-06-21 05:15 286208 ----a-w- C:\cwkyt4he.exe
2009-06-20 02:07 . 2009-06-20 02:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-20 02:07 . 2009-06-20 02:08 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-20 00:29 . 2009-06-20 00:29 152576 ----a-w- c:\documents and settings\Vicious\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-19 22:08 . 2009-06-19 22:08 -------- d-----w- c:\program files\Trend Micro
2009-06-19 19:35 . 2009-06-19 19:35 -------- d-----w- c:\documents and settings\Vicious\Application Data\Malwarebytes
2009-06-19 19:35 . 2009-06-17 15:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-19 19:35 . 2009-06-19 19:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-19 19:35 . 2009-06-19 19:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-19 19:35 . 2009-06-17 15:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-17 18:31 . 2009-06-17 18:36 -------- d-----w- c:\program files\IconPhile
2009-06-17 15:54 . 2009-06-17 23:43 -------- d-----w- c:\program files\foobar2000
2009-06-17 15:29 . 2009-06-17 15:29 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-17 14:13 . 2009-06-17 14:21 -------- d-----w- c:\program files\RocketDock
2009-06-17 12:53 . 2009-06-17 12:56 -------- d-----w- c:\program files\Rainmeter
2009-06-15 19:35 . 2009-06-15 19:35 -------- d-----w- c:\documents and settings\Chris\Local Settings\Application Data\CAPCOM
2009-06-15 18:22 . 2009-03-09 19:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-06-15 18:22 . 2009-03-09 19:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-06-15 18:22 . 2009-03-09 19:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-06-15 18:22 . 2009-03-16 18:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-06-15 18:22 . 2009-03-16 18:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-06-15 18:22 . 2009-03-16 18:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-06-15 18:11 . 2009-06-15 18:11 -------- d-----w- c:\documents and settings\Vicious\Local Settings\Application Data\Downloaded Installations
2009-06-06 15:40 . 2009-06-19 20:51 -------- d-----w- c:\documents and settings\Chris\Tracing
2009-06-05 20:51 . 2009-06-05 20:52 -------- d-----w- c:\program files\MS Office 2007 Portable (6-in-1)
2009-06-05 20:05 . 2009-06-05 20:05 -------- d-----w- c:\program files\OO Software
2009-06-05 19:42 . 2009-06-05 19:42 -------- d-----w- c:\documents and settings\Vicious\Local Settings\Application Data\O&O
2009-06-05 02:19 . 2009-06-05 02:19 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
2009-06-05 02:19 . 2005-03-10 00:50 19456 ----a-w- c:\windows\system32\libusbd-9x.exe
2009-06-05 02:19 . 2005-03-10 00:50 18944 ----a-w- c:\windows\system32\libusbd-nt.exe
2009-05-29 02:22 . 2009-05-29 02:22 -------- d-----w- c:\program files\Adobe Media Player
2009-05-29 00:36 . 2009-05-29 00:36 -------- d-----w- c:\program files\iMesh Applications
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-22 16:08 . 2007-08-30 06:13 -------- d-----w- c:\documents and settings\Vicious\Application Data\uTorrent
2009-06-22 02:40 . 2008-10-01 08:53 -------- d-----w- c:\program files\Steam
2009-06-20 17:33 . 2008-02-04 06:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-20 00:30 . 2007-09-02 00:44 -------- d-----w- c:\program files\Java
2009-06-20 00:03 . 2009-04-15 05:16 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-19 00:43 . 2008-10-23 00:02 -------- d-----w- c:\program files\GGPO
2009-06-18 04:33 . 2008-08-23 21:57 171144 ----a-w- c:\documents and settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-17 17:49 . 2007-07-20 05:15 171144 ----a-w- c:\documents and settings\Vicious\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-17 13:01 . 2007-08-17 17:27 -------- d-----w- c:\program files\Soulseek
2009-06-17 11:38 . 2007-07-20 16:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 11:36 . 2009-04-28 23:13 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-06-17 11:32 . 2008-02-04 07:13 -------- d-----w- c:\program files\AllToAVI
2009-06-16 18:57 . 2007-10-16 14:22 -------- d-----w- c:\program files\ESET
2009-06-14 18:00 . 2008-08-23 21:33 -------- d-----w- c:\program files\LexmarkX63
2009-06-05 19:33 . 2007-07-22 08:32 -------- d-----w- c:\documents and settings\Vicious\Application Data\DivX
2009-05-29 02:23 . 2007-07-23 02:05 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-21 15:33 . 2009-03-01 08:26 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-09 04:35 . 2009-05-09 04:33 2988592 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\DriverCure\Temp\Update.exe
2009-04-28 23:13 . 2009-04-28 23:13 -------- d-----w- c:\documents and settings\Chris\Application Data\DriverCure
2009-04-28 23:13 . 2009-04-28 23:13 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-04-28 23:13 . 2009-04-28 23:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-04-08 18:28 . 2009-04-08 18:28 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-07 22:23 . 2009-04-07 22:23 152576 ----a-w- c:\documents and settings\Vicious\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2001-07-26 21:58 . 2000-01-11 17:50 47 ----a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 17:46 . 2001-07-20 15:48 8116 ----a-w- c:\program files\OSLO3071b2.USB
2001-05-08 21:36 . 2000-12-05 20:56 114688 ----a-w- c:\program files\lxarscan.dll
2001-04-23 19:22 . 2100-02-08 20:53 1437 ----a-w- c:\program files\gtx73.ini
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[7] 2004-08-04 04:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\svchost.exe
[7] 2004-08-04 04:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\dllcache\svchost.exe
[7] 2004-08-04 04:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\user32.dll
[7] 2004-08-04 04:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\dllcache\user32.dll
[7] 2004-08-04 04:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\ws2_32.dll
[7] 2004-08-04 04:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-12-20 23:15 826368 A82935D32D0672E8FF4E91AE398E901C c:\windows\SoftwareDistribution\Download\2e4e820fa4f0714d84e95e04fd4b348e\SP2GDR\wininet.dll
[-] 2008-12-20 23:56 827904 044E0A4E9FE97C0FB9AFE9C89E2A82E6 c:\windows\SoftwareDistribution\Download\2e4e820fa4f0714d84e95e04fd4b348e\SP2QFE\wininet.dll
[-] 2008-08-26 07:24 826368 EF8EBA98145BFA44E80D17A3B3453300 c:\windows\SoftwareDistribution\Download\5d9d48823dca01f9929a959c29f5edc4\SP2GDR\wininet.dll
[-] 2008-08-26 09:08 827904 77C192FE56A70D7FA0247BA0A6201C32 c:\windows\SoftwareDistribution\Download\5d9d48823dca01f9929a959c29f5edc4\SP2QFE\wininet.dll
[7] 2004-08-04 04:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\system32\wininet.dll
[7] 2004-08-04 04:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\system32\dllcache\wininet.dll
[7] 2004-08-04 03:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\dllcache\tcpip.sys
[7] 2004-08-04 03:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\drivers\tcpip.sys
[7] 2004-08-04 04:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\winlogon.exe
[7] 2004-08-04 04:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\dllcache\winlogon.exe
[7] 2004-08-04 03:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys
[7] 2004-08-04 03:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys
[7] 2004-08-04 03:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys
[7] 2004-08-04 03:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-04 05:05 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\system32\ntkrnlpa.exe
[7] 2004-08-04 03:20 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\system32\ntoskrnl.exe
[7] 2004-08-04 04:56 1032192 A0732187050030AE399B241436565E64 c:\windows\explorer.exe
[7] 2004-08-04 04:56 1032192 A0732187050030AE399B241436565E64 c:\windows\system32\dllcache\explorer.exe
[7] 2004-08-04 04:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\system32\services.exe
[7] 2004-08-04 04:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\system32\dllcache\services.exe
[7] 2004-08-04 04:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\lsass.exe
[7] 2004-08-04 04:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\dllcache\lsass.exe
[7] 2004-08-04 04:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\ctfmon.exe
[7] 2004-08-04 04:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\dllcache\ctfmon.exe
[7] 2004-08-04 04:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\spoolsv.exe
[7] 2004-08-04 04:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-10-16 19:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 19:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe
[7] 2004-08-04 04:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\userinit.exe
[7] 2004-08-04 04:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\dllcache\userinit.exe
[7] 2004-08-04 04:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\termsrv.dll
[7] 2004-08-04 04:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\dllcache\termsrv.dll
[7] 2004-08-04 04:56 983552 888190E31455FAD793312F8D087146EB c:\windows\system32\kernel32.dll
[7] 2004-08-04 04:56 983552 888190E31455FAD793312F8D087146EB c:\windows\system32\dllcache\kernel32.dll
[7] 2004-08-04 04:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\powrprof.dll
[7] 2004-08-04 04:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\dllcache\powrprof.dll
[7] 2004-08-04 04:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\imm32.dll
[7] 2004-08-04 04:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\dllcache\imm32.dll
[7] 2004-08-04 04:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\sfcfiles.dll
[7] 2004-08-04 04:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\dllcache\sfcfiles.dll
[7] 2004-08-04 04:56 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\system32\appmgmts.dll
[7] 2004-08-04 04:56 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\system32\dllcache\appmgmts.dll
[7] 2004-08-04 02:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2007-07-24 1298432]
"STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 1372160]
"OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-07-19 57344]
"Steam"="c:\program files\steam\steam.exe" [2009-06-11 1217784]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-29 8466432]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-02-12 1620480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-02-12 1050112]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-10-16 949376]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-04-09 200704]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-04-29 208896]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-29 81920]
"OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-07-19 40960]
"PrinTray"="c:\windows\System32\spool\DRIVERS\W32X86\3\printray.exe" [2001-10-21 36864]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-02-26 2553088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-29 1626112]
c:\documents and settings\Vicious\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2009-4-21 108544]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AcBtnMgr_X63.exe.lnk - c:\program files\LexmarkX63\AcBtnMgr_X63.exe [2001-6-6 53248]
ACMonitor_X63.exe.lnk - c:\program files\LexmarkX63\ACMonitor_X63.exe [2001-6-6 40960]
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-7-28 25214]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\viciousboss\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\nFBA\\nfba.exe"=
"c:\\Program Files\\GGPO\\ggpo.exe"=
"c:\\Program Files\\GGPO\\ggpofba.exe"=
"c:\\Documents and Settings\\Vicious\\Local Settings\\Apps\\2.0\\3GX2J0PY.M1X\\BQ1MHO16.MLH\\2dff..tion_fcdf29b345c9098a_0001.0000_c4d8af0ee0519334\\2DF FreePlay Client.exe"=
"c:\\Documents and Settings\\Vicious\\Application Data\\Damdai\\2DF\\FreePlay\\freeplay_emu.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Documents and Settings\\Vicious\\Local Settings\\Apps\\2.0\\3GX2J0PY.M1X\\BQ1MHO16.MLH\\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\\2DF FreePlay Client.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [10/16/2007 10:23 AM 15424]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/1/2008 6:58 PM 24652]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [10/18/2008 7:45 PM 33792]
S3 FXDRV;FXDRV;c:\program files\SuperUtilities\Fxdrv.sys [7/20/2007 1:26 AM 13440]
S3 XDva190;XDva190;\??\c:\windows\system32\XDva190.sys --> c:\windows\system32\XDva190.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-06-22 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
2009-06-22 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Mouse Suite 98 Daemon - ICO.EXE
HKLM-Run-LexStart - (no file)
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
LSP: c:\windows\system32\imon.dll
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-22 20:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-343818398-1035525444-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-343818398-1035525444-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:37,31,84,2c,26,4d,07,4d,a4,2f,ea,49,32,42,05,74,eb,82,60,ff,b7,84,c5,
8e,60,db,3f,70,25,75,7b,15,55,30,65,9b,fa,22,fc,ea,2a,79,cd,28,cc,76,b4,5d,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
[HKEY_USERS\S-1-5-21-343818398-1035525444-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,f7,b7,19,cc,1a,6c,fe,98,8d,58,d9,be,69,48,ff,71,64,43,8e,6d,
47,ef,6e,37,39,aa,77,a6,20,6e,97,f2,f5,96,55,2e,05,67,ac,b8,6b,95,8f,85,b6,\
"rkeysecu"=hex:9c,2e,56,f2,d3,3e,46,03,3b,7a,7b,eb,2e,df,cd,b3
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="64C39457168C047FD8452DF4D1D134B1FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74
CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CA2D97226D213B5559DB7CE019D40AA5C32F
D
9E9F6817EA2313877B1D31E13B2237F57009E3EB35065394599D5E693A24FDE08983C21E9466A121839F91761DDA4B0E8AEA
2
13BAED5BF077DDC56CCEDA864587FE5BCF0D6E17712F9FDE034A91C9A6E66B884559967A6CB6B721EC7D236D9AB498D273D4
F
61CD5115374347FB3E4061C64A2987AA3AA79D96AF63E7DB14A3A8A560E870CB1930DC7F6DF522DD7BAC33621A3DE2CC33BA
3
B60876C81AF6FDE1D44EC79C1519C7E345665C4F8D1F1A7B66548853E1B97A866A192912CA8D9775C4AE4E7A696E5EADC2D8
A
13450B24C6C06D16D8B469150EE6260C3EC1D445303F511BD3DD07D100DF0869D5C3F3F779AA0EEB22A3BC38DF862ED4F361
F
70CA2A0E58A7265422217C862B3997626387E54CE53E1AC4D7761946E6FC46F876A38E0094E8E821C7D61292A41FAA175136
B
1D2A7C2A370A28AC638D84DA13AD7EAE6330A805BC1CEA6194400AAC4F631CA7EA0FB9A1EC148630C9A861F137CA50998FC3
7
EC5DF7ED870257B2D75CCAA48F228E00205BB41B02D234FF2DA096EC560D121D7577E301AB8F5276B2FA9B6F15BC176EE23D
4
9AAB3ACC06CF797EE22C3D1819E152E85761BBA87EAB48BC28D8472B9A41DE305DDE402AC3AEC44D1FB3BDD7F0EC643B4BC9
C
B62B5F6421E549DEE570CDBB007FA94FC21F56ACB7054704709E16F4FCE95D012CAF27C34ABC2C8DEC17F4422579AFC029D7
B
052CA8635B8E251902674477D7098DCD8D4885304378E71AA65364142CB60EA8A19BF664509EAC37609601E42301DE579F3D
1
20EDA6FCBF85277B2769753E3450862231F115624D0EB5AAC83DD1DEE8FCCE47A7F444D71A838568D029B66168EA35BB9944
0
E9136FA943B2B014577AED53A42BDD14EE63ADEF4B832C77D020B305F8097766DD0490C277C37AB778BBDA947855354585AF
7
E3544651FCFC880D85FBDA32CF18F082484AED3269D2273B5966DEDC6B5156886E64649382AD839168B43E04FB0AB32105EB
7
1BA90048E64F83A52F86A8F5A1A407678B09F3DDD1F605B45C2FD8B5192DE67396B0FB315FEE2AD7941EC3D5F5ABBDD24756
7
A8AD37B6C52754C81035A485557051B92F9A74EF94FE06812350363D3C7619B72644F988372CD5FA8C114A2086CEAFCA9121
2
9A8A6818F601E8EA06BA9B7E0373C35635B47ACED2AD6DEA717FCE111D0A3D72F69696048DE31AD1C204B28872F7577E2E0A
6
8A1C3555A855DDFB283F6E29222F8F96032A5F144E23DE50AAEFB5FA163D3354CB68546AE9083F25A123B437F7CAAB8DFF2E
A
C3BACB0BBCB0626AED78256987C9409E10"
"OODEFRAG11.00.00.01WORKSTATION"="63EF655666571035BE41F80822FE9C47A1A51846EE61FDDBB3E5C784FA5783773DABEB647CEA80C910DA5099066A891
FBB70075F1B15EC5C0FF3898124D588127000B672A68F6516FECC98EF50F1AB3488D7FD3D59ECE16E4F146162A922FE441CA
E
238CDC75C61D25E0126C09A2002CC04FC2AF5BEE7073E90139880C5A2FD1945EDF448EF2C42356C651EC2AAA9CE9D2AFF088
4
C404393095B52D63FBEF8C2E016712D9D8312B0948E3F5AA25BA6986033741F47AD14B90DA6BCB4ADB2CA63BDC4AF605F437
3
139930199C552ED9A63FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C
F
EBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407BA7FD869164D67948EDD5E5BE2F6E6673B4CEB80E87D3A91ABF3B
D
FA2D6A54A1F2ECB31D5C3F3CFE4E13EFC3FE85FE0BD9390FFAE301C5F5246AC40878A37DAA4F081EC737CF941BC12FBC5B9E
6
550CD6F75B323BF242547A267ED8A53DAA6BBE670A128E9EC8A16F5735A28A01A2DC9BECF8B86F2A4BB777422391E8CC359E
3
B1DEB1873CDEE3BAAB3D4D3E65A03EA4F36D492796D6B2284D202ED196A4DDE20BE0C49F19812D8785401EA8F30A713C9A45
2
8FAEA20F8354340D5A88AD942AEB35A55221347B4AF8C81D661727D749EA424626C4F79BFA8CF33BC1A20D059F04C7EE1B15
C
B18E17AEDD88DC2FB1BD11E62939594AF2F944D2FBF40FB70FB987DDD7ECE74C5A105B3A03C57D9BF604099BC6F11486AE63
7
C0D7695E8D42ABC04D4457D505FEDD64AE574A69DCAABC2B2DFC75561D0E1F6F926CC36FA1DCD012B7FF71EEA362BC064478
8
C78977C5BB6DB4452FFC1C57F6982880F6895D3A677790745DAA94E870625D694782FCCFF2CD00305094FEECE8E881E676D1
8
2C01894A096CE78E08C4E2F07974A3D5EE6AF9A0B4B8E483117152F05285D029F4AFBE7AA8A87B1291404E689E37664BEBA7
D
4F04B041B092598865E74153BEECD241820ED2A2A31B1002DD8BF57814E7912F9BFA494557234E15374583061DC4675BB00D
4
53F940DA37B999BC881DBC5C4D66366D67B380B2650049C92A828A52C7E6F518A803C7407E656A92A43426A414CBC1E6C48C
7
922112E24E68EEE0B2592670E5A20DC4EE877E00893EF44088892D756172956B2897781AA2CF1437B2B81018B85D0D503C06
4
33C74FB5443FC31588B5024CD7BDCF16527C16C559590AB3E019DE032F13FF4F7DE85AC202A4162723271906348E7AEFBBAB
C
B074545BA3F6F74C282E32015CA2F3BDEE9B4D775A64D22D9DCA92A261A53984E7B544C528447FDF7E360DACDA103902B78E
7
2646A5907D1807B918BAF113A6F2CE4A72754744C590907F1129ECDA19A4B44597078C19E0FC6F36D43D22F0B386E4EB4FAD
8
99C799BADEC4A5EC30D3B2478D312A7BD1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(876)
c:\windows\system32\imon.dll
.
Completion time: 2009-06-23 20:24
ComboFix-quarantined-files.txt 2009-06-23 00:24
Pre-Run: 14,173,356,032 bytes free
Post-Run: 14,931,030,016 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
291
Edited by ViciousBoss, 22 June 2009 - 07:34 PM.
Sign In
Create Account
