iexplore.exe virus

Ive been having issues with this popping up in my task manager. sometimes it play random media files and other times it locks and freezes my pc i have ran OTL and RootRepeal but it would allow me to Run MaleWareBytes even after successfully installing it.

OTL

OTL logfile created on: 7/18/2009 8:53:25 PM - Run 1
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 546.46 Mb Available Physical Memory | 53.39% Memory free
2.40 Gb Paging File | 2.02 Gb Available in Paging File | 83.96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.15 Gb Total Space | 36.51 Gb Free Space | 25.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-9F5D26E315
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe
PRC - [2008/07/14 14:59:25 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006/06/30 21:56:08 | 00,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2008/03/16 02:48:34 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2005/11/04 16:35:51 | 00,090,112 | ---- | M] () -- C:\Program Files\Sound Card Recorder\service.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2006/11/07 17:08:40 | 00,547,840 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
PRC - [2006/11/07 17:34:26 | 00,053,248 | ---- | M] (Chicony) -- C:\WINDOWS\ModPS2Key.exe
PRC - [2008/03/16 03:27:02 | 16,132,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/12/06 21:37:40 | 00,069,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007/12/14 06:42:38 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
PRC - [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/10 12:29:08 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2006/09/25 19:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1229543546\ee\AOLSoftware.exe
PRC - [2008/12/10 04:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/19 18:26:22 | 03,561,720 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2007/08/16 20:17:56 | 02,342,912 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/02/05 10:14:10 | 09,256,165 | ---- | M] () -- C:\Program Files\Cricket\Cricket Broadband\Cricket Broadband.exe
PRC - [2009/07/12 21:39:46 | 00,469,504 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for RootRepeal.zip\RootRepeal.exe
PRC - [2008/11/05 21:59:00 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/07/05 17:01:50 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/18 20:52:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2004/08/04 14:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\Iexplore.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [Auto | Running])
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/04/13 06:20:52 | 00,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/04/13 06:21:18 | 00,068,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - File not found -- -- (gupdate1c9cfc7df6574f2 [Auto | Stopped])
SRV - File not found -- -- (gusvc [On_Demand | Stopped])
SRV - [2004/08/04 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006/10/30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe -- (npkcmsvc [Auto | Running])
SRV - [2008/07/14 14:59:25 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/10/26 22:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/06/30 21:56:08 | 00,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Auto | Running])
SRV - [2008/03/16 02:48:34 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2005/11/04 16:35:51 | 00,090,112 | ---- | M] () -- C:\Program Files\Sound Card Recorder\service.exe -- (SndRecA.1.3 [Auto | Running])
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Stopped])
SRV - [2006/10/18 23:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/default
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {42EE029C-1CB5-484B-9089-A61FE42FBA36}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:2.95

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/05 17:02:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/05 17:01:59 | 00,000,000 | ---D | M]

[2009/03/26 18:42:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions
[2008/12/11 00:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/26 18:42:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\[email protected]
[2009/07/17 02:22:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions
[2009/04/16 18:51:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/07/06 02:07:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2008/12/12 23:38:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/03/06 10:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions\[email protected]
[2009/07/06 02:05:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\lqk6ugf8.default\extensions\[email protected]
[2008/12/23 23:20:46 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\lqk6ugf8.default\searchplugins\daemon-search.xml
[2009/07/17 02:22:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/12/10 03:08:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{42EE029C-1CB5-484B-9089-A61FE42FBA36}
[2009/07/05 17:01:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/03 22:45:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/07/03 22:45:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/07/05 17:01:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/05 17:01:47 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/08/06 15:22:02 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/10/17 13:29:52 | 01,332,224 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2008/09/19 16:55:20 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/07/05 17:01:54 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/04/26 18:05:52 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2008/10/14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/11/08 14:07:28 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/11/08 14:07:28 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/11/08 14:07:28 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/11/08 14:07:28 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/11/08 14:07:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/11/08 14:07:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/11/08 14:07:29 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2007/03/09 18:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2009/07/05 17:01:55 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/05 17:01:55 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/05 17:01:55 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/05 17:01:55 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/05 17:01:55 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/10 02:52:09 | 00,002,401 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\keenfinder.xml
[2009/07/05 17:01:55 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/05 17:01:55 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\System32\BAE.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1229543546\ee\AOLSoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [ModPS2] C:\WINDOWS\ModPS2Key.exe (Chicony)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [RegGenie Scheduler] C:\Program Files\RegGenie\RegGenieScheduler.exe File not found
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk = C:\Program Files\BigFix\bigfix.exe (BigFix Inc.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: antimalwareguard.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: gomyhit.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - C:\Program Files\AlienGUIse\fastload.dll - C:\Program Files\AlienGUIse\fastload.dll (Stardock)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/06 19:38:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4766650e-424e-11de-93e6-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{4766650e-424e-11de-93e6-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4766650e-424e-11de-93e6-00038a000015}\Shell\AutoRun\command - "" = G:\start.exe -- File not found
O33 - MountPoints2\{b99c302f-329d-11de-93ce-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b99c302f-329d-11de-93ce-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b99c302f-329d-11de-93ce-00038a000015}\Shell\AutoRun\command - "" = G:\start.exe -- File not found
O33 - MountPoints2\{e344a7f8-c75e-11dd-9368-001e902e97dd}\Shell - "" = AutoRun
O33 - MountPoints2\{e344a7f8-c75e-11dd-9368-001e902e97dd}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e344a7f8-c75e-11dd-9368-001e902e97dd}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/07/18 20:52:53 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/07/18 20:44:45 | 00,462,508 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RootRepeal.zip
[2009/07/18 20:40:01 | 03,775,200 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/07/18 20:30:18 | 00,000,620 | ---- | C] () -- C:\WINDOWS\RegGenie.ini
[2009/07/18 20:28:18 | 00,161,816 | ---- | C] () -- C:\WINDOWS\RegGenieOnUninstall.exe
[2009/07/18 20:28:17 | 00,000,000 | ---D | C] -- C:\Program Files\RegGenie
[2009/07/18 20:26:59 | 03,243,624 | ---- | C] (RegGenie.com ) -- C:\Documents and Settings\Owner\Desktop\RegGenieSetup.exe
[2009/07/18 17:22:10 | 03,137,363 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2009/07/18 17:17:59 | 03,775,176 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/07/18 16:53:06 | 00,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/07/17 09:35:23 | 01,792,184 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MabinogiDownloaderV44R.exe
[2009/07/16 12:57:12 | 00,110,592 | ---- | C] (Software) -- C:\WINDOWS\System32\net.net
[2009/07/15 23:29:41 | 00,088,005 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\oblivion20060606163510324gd.jpg
[2009/07/15 23:27:55 | 00,060,576 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\oblivion_landscape_6200.jpg
[2009/07/15 23:23:17 | 00,003,758 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SC.jpg
[2009/07/15 16:55:02 | 00,652,366 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Man Rules.mht
[2009/07/14 07:59:25 | 00,001,469 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pangya.lnk
[2009/07/14 07:57:21 | 56,899,0873 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Pangya_Setup_GB.R4.500.Inst.exe
[2009/07/06 01:44:10 | 00,000,000 | ---D | C] -- C:\Program Files\Veoh Networks
[2009/07/06 01:39:52 | 10,216,240 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\VeohVideoCompassSetup_eng.exe
[2009/07/05 17:51:46 | 00,000,562 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Mabinogi.lnk

========== Files - Modified Within 14 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/07/18 20:52:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2009/07/18 20:51:46 | 09,228,003 | ---- | M] () -- C:\WINDOWS\xfire
[2009/07/18 20:44:49 | 00,462,508 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RootRepeal.zip
[2009/07/18 20:40:54 | 03,775,200 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2009/07/18 20:30:18 | 00,000,620 | ---- | M] () -- C:\WINDOWS\RegGenie.ini
[2009/07/18 20:27:34 | 03,243,624 | ---- | M] (RegGenie.com ) -- C:\Documents and Settings\Owner\Desktop\RegGenieSetup.exe
[2009/07/18 19:39:39 | 00,002,421 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cricket Broadband.lnk
[2009/07/18 19:33:40 | 00,000,689 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/07/18 19:33:29 | 00,188,689 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/07/18 19:32:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/18 19:32:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/18 19:32:20 | 10,732,66688 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/18 17:26:13 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/18 17:26:06 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/18 17:22:54 | 03,137,363 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2009/07/18 17:18:50 | 03,775,176 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/07/18 16:53:06 | 00,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/07/17 10:05:42 | 00,003,036 | ---- | M] () -- C:\WINDOWS\sms.db
[2009/07/17 09:36:02 | 01,792,184 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MabinogiDownloaderV44R.exe
[2009/07/16 18:14:13 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/16 12:59:49 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/07/16 12:57:12 | 00,110,592 | ---- | M] (Software) -- C:\WINDOWS\System32\net.net
[2009/07/15 23:29:42 | 00,088,005 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\oblivion20060606163510324gd.jpg
[2009/07/15 23:27:59 | 00,060,576 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\oblivion_landscape_6200.jpg
[2009/07/15 23:23:22 | 00,003,758 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SC.jpg
[2009/07/15 16:55:57 | 00,652,366 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Man Rules.mht
[2009/07/14 07:59:25 | 00,001,469 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pangya.lnk
[2009/07/14 07:33:28 | 56,899,0873 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Pangya_Setup_GB.R4.500.Inst.exe
[2009/07/06 01:42:48 | 10,216,240 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\VeohVideoCompassSetup_eng.exe
[2009/07/05 17:51:46 | 00,000,562 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Mabinogi.lnk

========== LOP Check ==========

[2009/07/18 13:26:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/10 18:16:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2008/12/11 14:45:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/12/11 14:24:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/01/10 11:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2008/12/20 05:08:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/12/23 23:20:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/01/03 06:00:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2008/12/16 19:04:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero
[2009/04/27 17:29:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009/04/26 18:12:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/12/10 17:38:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2008/12/12 23:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2008/12/11 14:24:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/27 17:05:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/07/02 13:39:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data
[2008/12/11 14:26:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2009/02/19 19:25:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ancient Quest of Saqqarah__reflexive
[2009/03/21 18:46:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CyberLink
[2008/12/23 23:21:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools
[2008/12/23 23:21:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2009/04/09 23:48:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Pro
[2009/03/24 14:50:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dev-Cpp
[2009/04/26 22:20:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire
[2009/07/02 15:22:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GSC 2.00
[2009/07/18 19:34:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2009/07/15 15:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mIRC
[2009/02/15 01:53:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Petroglyph
[2008/12/10 18:18:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2009/02/18 16:41:54 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2008/12/23 11:37:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SporeCreatureCreator
[2009/07/14 22:43:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\U3
[2009/07/18 12:37:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2008/12/17 14:58:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2009/07/16 12:59:49 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/07/18 17:26:13 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/07/18 17:26:06 | 00,000,886 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/07/18 19:32:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 7/18/2009 8:53:25 PM - Run 1
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 546.46 Mb Available Physical Memory | 53.39% Memory free
2.40 Gb Paging File | 2.02 Gb Available in Paging File | 83.96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.15 Gb Total Space | 36.51 Gb Free Space | 25.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-9F5D26E315
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56877:TCP" = 56877:TCP:*:Enabled:Pando Media Booster
"56877:UDP" = 56877:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- File not found
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1229543546\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1229543546\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (America Online, Inc.)
"C:\Program Files\AOL 9.0a\waol.exe" = C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe" = C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars™: Empire at War™ -- (Lucasfilm Entertainment Company, Ltd.)
"C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe" = C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:*:Enabled:Star Wars®: Empire at War™: Forces of Corruption™ -- (Lucasfilm Entertainment Company, Ltd.)
"C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade -- (THQ Canada Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Persona\Persona.exe" = C:\Program Files\Persona\Persona.exe:*:Enabled:Persona -- (CDNetworks Co.,Ltd)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9DBCF56A-CDF0-41bf-BE0F-E00A88B18F56}" = Cricket EVDO Modem
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1
"{C30B981C-77A3-4DDF-BD99-67773CC63CA8}" = Cricket Broadband
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DF86A72C-4585-4D75-B592-968C8C6604A1}" = eMachines Connect
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.62
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AIM_6" = AIM 6
"AlienGUIse Theme Manager" = AlienGUIse Theme Manager
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"ASIO4ALL" = ASIO4ALL
"Ask Toolbar_is1" = Ask Toolbar
"Cave Story Deluxe" = Cave Story Deluxe
"Collab" = Collab
"Combat Arms" = Combat Arms
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Fiddler2" = Fiddler2 (remove only)
"FL Studio 7" = FL Studio 7
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IL Download Manager" = IL Download Manager
"LimeWire" = LimeWire 5.1.2
"Logon Loader" = Logon Loader 3.0
"Luck Charm Deluxe_is1" = Luck Charm Deluxe
"Magic ISO Maker v5.5 (build 0272)" = Magic ISO Maker v5.5 (build 0272)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"mIRC" = mIRC
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Painkiller Special Edition" = Painkiller Special Edition
"Pangya" = Pangya (Ntreev USA)
"Persona" = Hybrid Downloader 1,0,2,6
"Soulseek2" = SoulSeek 157 NS 13c
"Sound Card Recorder" = Sound Card Recorder
"Starcraft" = Starcraft
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Styrateg_is1" = Styrateg
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Veoh Web Player Beta" = Veoh Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"WGA" = Windows Genuine Advantage Validation Tool
"WIC" = Windows Imaging Component
"Wildlife Tycoon Venture Africa_is1" = Wildlife Tycoon Venture Africa
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/18/2009 1:04:02 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application GoogleUpdate.exe, version 1.2.131.7, faulting
module GoogleUpdate.exe, version 1.2.131.7, fault address 0x00006eef.

Error - 7/18/2009 1:13:14 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application GoogleUpdate.exe, version 1.2.131.7, faulting
module GoogleUpdate.exe, version 1.2.131.7, fault address 0x00006eef.

Error - 7/18/2009 1:13:18 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 7/18/2009 1:13:28 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application GoogleUpdate.exe, version 1.2.131.7, faulting
module GoogleUpdate.exe, version 1.2.131.7, fault address 0x00006eef.

Error - 7/18/2009 1:13:33 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1004
Description = Faulting application GoogleUpdate.exe, version 1.2.131.7, faulting
module GoogleUpdate.exe, version 1.2.131.7, fault address 0x00006eef.

Error - 7/18/2009 1:13:51 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1004
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 7/18/2009 2:04:05 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application GoogleUpdate.exe, version 1.2.131.7, faulting
module GoogleUpdate.exe, version 1.2.131.7, fault address 0x00006eef.

Error - 7/18/2009 6:10:11 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application client.exe, version 0.0.0.0, faulting module
ehsvc.dll, version 5.1.47.721, fault address 0x00014626.

Error - 7/18/2009 8:32:37 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1000
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 7/18/2009 8:33:30 PM | Computer Name = YOUR-9F5D26E315 | Source = Application Error | ID = 1004
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

[ System Events ]
Error - 7/18/2009 2:27:49 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/18/2009 2:27:49 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/18/2009 2:27:49 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/18/2009 2:27:49 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/18/2009 2:27:49 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 7/18/2009 5:34:39 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7034
Description = The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/18/2009 8:32:36 PM | Computer Name = YOUR-9F5D26E315 | Source = Print | ID = 19
Description = Sharing printer failed + 1722, Printer Send To OneNote 2007 share
name Printer.

Error - 7/18/2009 8:34:07 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate1c9cfc7df6574f2) service failed
to start due to the following error: %%3

Error - 7/18/2009 8:34:07 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Viewpoint Manager Service
service to connect.

Error - 7/18/2009 8:34:07 PM | Computer Name = YOUR-9F5D26E315 | Source = Service Control Manager | ID = 7000
Description = The Viewpoint Manager Service service failed to start due to the following
error: %%1053

< End of report >

ROOT REPEAL

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/18 20:51
Program Version: Version 1.3.2.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF762B000 Size: 53248 File Visible: - Signed: -
Status: -

Name: ABP480N5.SYS
Image Path: ABP480N5.SYS
Address: 0xF78E3000 Size: 23552 File Visible: - Signed: -
Status: -

Name: ACEDRV06.sys
Image Path: C:\WINDOWS\system32\drivers\ACEDRV06.sys
Address: 0xBAF28000 Size: 393216 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF73D4000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2059392 File Visible: - Signed: -
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF7A37000 Size: 11648 File Visible: - Signed: -
Status: -

Name: adpu160m.sys
Image Path: adpu160m.sys
Address: 0xF727F000 Size: 101888 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xF3F7B000 Size: 138496 File Visible: - Signed: -
Status: -

Name: agp440.sys
Image Path: agp440.sys
Address: 0xF775B000 Size: 42368 File Visible: - Signed: -
Status: -

Name: agpCPQ.sys
Image Path: agpCPQ.sys
Address: 0xF776B000 Size: 44928 File Visible: - Signed: -
Status: -

Name: AGRSM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AGRSM.sys
Address: 0xF687C000 Size: 1094688 File Visible: - Signed: -
Status: -

Name: aha154x.sys
Image Path: aha154x.sys
Address: 0xF7A3F000 Size: 12800 File Visible: - Signed: -
Status: -

Name: aic78u2.sys
Image Path: aic78u2.sys
Address: 0xF769B000 Size: 55168 File Visible: - Signed: -
Status: -

Name: aic78xx.sys
Image Path: aic78xx.sys
Address: 0xF766B000 Size: 56960 File Visible: - Signed: -
Status: -

Name: ajwdbggb.SYS
Image Path: C:\WINDOWS\System32\Drivers\ajwdbggb.SYS
Address: 0xF680F000 Size: 221184 File Visible: - Signed: -
Status: -

Name: aliide.sys
Image Path: aliide.sys
Address: 0xF7B1F000 Size: 5248 File Visible: - Signed: -
Status: -

Name: alim1541.sys
Image Path: alim1541.sys
Address: 0xF773B000 Size: 42752 File Visible: - Signed: -
Status: -

Name: amdagp.sys
Image Path: amdagp.sys
Address: 0xF774B000 Size: 43008 File Visible: - Signed: -
Status: -

Name: amsint.sys
Image Path: amsint.sys
Address: 0xF7A4B000 Size: 12032 File Visible: - Signed: -
Status: -

Name: asc.sys
Image Path: asc.sys
Address: 0xF78B3000 Size: 26496 File Visible: - Signed: -
Status: -

Name: asc3350p.sys
Image Path: asc3350p.sys
Address: 0xF78EB000 Size: 22400 File Visible: - Signed: -
Status: -

Name: asc3550.sys
Image Path: asc3550.sys
Address: 0xF7A4F000 Size: 14848 File Visible: - Signed: -
Status: -

Name: asyncmac.sys
Image Path: C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Address: 0xBA585000 Size: 14336 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF7298000 Size: 98304 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -

Name: ATMFBUS.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ATMFBUS.sys
Address: 0xF70C5000 Size: 38528 File Visible: - Signed: -
Status: -

Name: ATMFCVsp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ATMFCVsp.sys
Address: 0xF70A5000 Size: 54656 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA9000 Size: 286720 File Visible: - Signed: -
Status: -

Name: ATMFMdm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ATMFMdm.sys
Address: 0xF70B5000 Size: 54528 File Visible: - Signed: -
Status: -

Name: ATMFNVsp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ATMFNVsp.sys
Address: 0xF7095000 Size: 54656 File Visible: - Signed: -
Status: -

Name: ATMFVsp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ATMFVsp.sys
Address: 0xF67FF000 Size: 54656 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7C1C000 Size: 3072 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF7A33000 Size: 16384 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7B4F000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7A2B000 Size: 12288 File Visible: - Signed: -
Status: -

Name: cbidf2k.sys
Image Path: cbidf2k.sys
Address: 0xF7A57000 Size: 13952 File Visible: - Signed: -
Status: -

Name: cd20xrnt.sys
Image Path: cd20xrnt.sys
Address: 0xF7B29000 Size: 7680 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF67AF000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF77DB000 Size: 49536 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF76FB000 Size: 53248 File Visible: - Signed: -
Status: -

Name: cmdide.sys
Image Path: cmdide.sys
Address: 0xF7B27000 Size: 6656 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF7A2F000 Size: 9344 File Visible: - Signed: -
Status: -

Name: cpqarray.sys
Image Path: cpqarray.sys
Address: 0xF7A3B000 Size: 14976 File Visible: - Signed: -
Status: -

Name: dac2w2k.sys
Image Path: dac2w2k.sys
Address: 0xF7253000 Size: 179584 File Visible: - Signed: -
Status: -

Name: dac960nt.sys
Image Path: dac960nt.sys
Address: 0xF7A47000 Size: 14720 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF76EB000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dpti2o.sys
Image Path: dpti2o.sys
Address: 0xF78F3000 Size: 20192 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF786B000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF3E01000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7B6F000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF6750000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7CE1000 Size: 4096 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF70E5000 Size: 34944 File Visible: - Signed: -
Status: -

Name: fltMgr.sys
Image Path: fltMgr.sys
Address: 0xF7233000 Size: 128896 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7B4B000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF7386000 Size: 125056 File Visible: - Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
Address: 0xF7B07000 Size: 9984 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806CE000 Size: 131968 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF69AB000 Size: 151552 File Visible: - Signed: -
Status: -

Name: hpn.sys
Image Path: hpn.sys
Address: 0xF7903000 Size: 25952 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xBA450000 Size: 262784 File Visible: - Signed: -
Status: -

Name: i2omgmt.SYS
Image Path: C:\WINDOWS\System32\Drivers\i2omgmt.SYS
Address: 0xF7B47000 Size: 8192 File Visible: - Signed: -
Status: -

Name: i2omp.sys
Image Path: i2omp.sys
Address: 0xF78C3000 Size: 18560 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF77BB000 Size: 52736 File Visible: - Signed: -
Status: -

Name: IASTOR.SYS
Image Path: IASTOR.SYS
Address: 0xF72B0000 Size: 876544 File Visible: - Signed: -
Status: -

Name: IASTOR.SYS
Image Path: IASTOR.SYS
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF77CB000 Size: 41856 File Visible: - Signed: -
Status: -

Name: ini910u.sys
Image Path: ini910u.sys
Address: 0xF7A53000 Size: 16000 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF7B21000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF779B000 Size: 36096 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xF3F9D000 Size: 134912 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xF4066000 Size: 74752 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF763B000 Size: 35840 File Visible: - Signed: -
Status: -

Name: ISODisk.SYS
Image Path: C:\WINDOWS\System32\Drivers\ISODisk.SYS
Address: 0xF66BA000 Size: 9600 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF79A3000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7B1B000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xB950F000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF6859000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF720A000 Size: 92032 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7B53000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF798B000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF799B000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF764B000 Size: 42240 File Visible: - Signed: -
Status: -

Name: mraid35x.sys
Image Path: mraid35x.sys
Address: 0xF78BB000 Size: 17280 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xBACCB000 Size: 181248 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xF3E41000 Size: 453120 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF79D3000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF782B000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7055000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF7135000 Size: 107904 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7150000 Size: 182912 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF7069000 Size: 9600 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xBAF0C000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF6758000 Size: 91776 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF784B000 Size: 38016 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF70F5000 Size: 34560 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xF3FBE000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF79E3000 Size: 30848 File Visible: - Signed: -
Status: -

Name: npkcrypt.sys
Image Path: C:\Nexon\Mabinogi\npkcrypt.sys
Address: 0xF40A6000 Size: 26944 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF717D000 Size: 574464 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2059392 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7C42000 Size: 2944 File Visible: - Signed: -
Status: -

Name: nv4_disp.dll
Image Path: C:\WINDOWS\System32\nv4_disp.dll
Address: 0xBF9D5000 Size: 6111232 File Visible: - Signed: -
Status: -

Name: nv4_mini.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Address: 0xF69E4000 Size: 6555168 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF761B000 Size: 61056 File Visible: - Signed: -
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7BE4000 Size: 4096 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xF6845000 Size: 80128 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF78A3000 Size: 18688 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF73C3000 Size: 68224 File Visible: - Signed: -
Status: -

Name: PCI_PNP2726
Image Path: \Driver\PCI_PNP2726
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7BE3000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF789B000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF73A5000 Size: 119936 File Visible: - Signed: -
Status: -

Name: perc2.sys
Image Path: perc2.sys
Address: 0xF78FB000 Size: 27296 File Visible: - Signed: -
Status: -

Name: perc2hib.sys
Image Path: perc2hib.sys
Address: 0xF7B2B000 Size: 5504 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2059392 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF4126000 Size: 139264 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF671F000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF793B000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF770B000 Size: 35712 File Visible: - Signed: -
Status: -

Name: ql1080.sys
Image Path: ql1080.sys
Address: 0xF76BB000 Size: 40320 File Visible: - Signed: -
Status: -

Name: ql10wnt.sys
Image Path: ql10wnt.sys
Address: 0xF767B000 Size: 33152 File Visible: - Signed: -
Status: -

Name: ql12160.sys
Image Path: ql12160.sys
Address: 0xF76DB000 Size: 45312 File Visible: - Signed: -
Status: -

Name: ql1240.sys
Image Path: ql1240.sys
Address: 0xF768B000 Size: 40448 File Visible: - Signed: -
Status: -

Name: ql1280.sys
Image Path: ql1280.sys
Address: 0xF76CB000 Size: 49024 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF6738000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF77FB000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF780B000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF781B000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF794B000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2059392 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xF3EB0000 Size: 174592 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7B57000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF77EB000 Size: 57472 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xBA400000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xF4148000 Size: 4546560 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF7402000 Size: 98304 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xF7AF7000 Size: 15488 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xF77AB000 Size: 64896 File Visible: - Signed: -
Status: -

Name: sisagp.sys
Image Path: sisagp.sys
Address: 0xF771B000 Size: 41088 File Visible: - Signed: -
Status: -

Name: sparrow.sys
Image Path: sparrow.sys
Address: 0xF78AB000 Size: 19072 File Visible: - Signed: -
Status: -

Name: splitter.sys
Image Path: C:\WINDOWS\system32\drivers\splitter.sys
Address: 0xF7B33000 Size: 6400 File Visible: - Signed: -
Status: -

Name: spos.sys
Image Path: spos.sys
Address: 0xF741A000 Size: 1048576 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF7221000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xBAB61000 Size: 332800 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF7B35000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sym_hi.sys
Image Path: sym_hi.sys
Address: 0xF78D3000 Size: 28384 File Visible: - Signed: -
Status: -

Name: sym_u3.sys
Image Path: sym_u3.sys
Address: 0xF78DB000 Size: 30688 File Visible: - Signed: -
Status: -

Name: symc810.sys
Image Path: symc810.sys
Address: 0xF7A43000 Size: 16256 File Visible: - Signed: -
Status: -

Name: symc8xx.sys
Image Path: symc8xx.sys
Address: 0xF78CB000 Size: 32640 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xBAC63000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xF400E000 Size: 360064 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF790B000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF783B000 Size: 40704 File Visible: - Signed: -
Status: -

Name: toside.sys
Image Path: toside.sys
Address: 0xF7B23000 Size: 4992 File Visible: - Signed: -
Status: -

Name: ultra.sys
Image Path: ultra.sys
Address: 0xF76AB000 Size: 36736 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF66C6000 Size: 364160 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF7B43000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF797B000 Size: 26624 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF788B000 Size: 57600 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF6988000 Size: 143360 File Visible: - Signed: -
Status: -

Name: USBSTOR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Address: 0xF7943000 Size: 26496 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF7973000 Size: 20480 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF79C3000 Size: 20992 File Visible: - Signed: -
Status: -

Name: viaagp.sys
Image Path: viaagp.sys
Address: 0xF772B000 Size: 42240 File Visible: - Signed: -
Status: -

Name: viaide.sys
Image Path: viaide.sys
Address: 0xF7B25000 Size: 5376 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF69D0000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF765B000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF7105000 Size: 34560 File Visible: - Signed: -
Status: -

Name: wanatw4.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanatw4.sys
Address: 0xF7953000 Size: 20512 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF79AB000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xBAA5C000 Size: 82944 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF7B1D000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2059392 File Visible: - Signed: -
Status: -

#1
Powerslay

Posted 18 July 2009 - 08:24 PM

Advertisements

#2
Powerslay

Posted 18 July 2009 - 08:40 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us