Ok, so, let's get these logs up for you.
(The stars represent the start of the log block.)
*****
OTL.Txt --:
OTL logfile created on: 23/06/2010 11:37:41 AM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Dale\Desktop\NO MALWARE
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 28.94 Gb Free Space | 19.42% Space Free | Partition Type: NTFS
Drive D: | 591.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 149.05 Gb Total Space | 124.26 Gb Free Space | 83.37% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 149.05 Gb Total Space | 102.97 Gb Free Space | 69.08% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: DALE-PC
Current User Name: Dale
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/06/23 10:31:14 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Dale\Desktop\NO MALWARE\OTL.exe
PRC - [2010/06/15 17:13:58 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/05 22:29:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009/12/17 17:04:18 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009/09/21 23:45:40 | 001,273,856 | ---- | M] (Don HO [email protected]) -- E:\NPP\notepad++.exe
PRC - [2009/09/10 15:58:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/08/14 03:15:56 | 000,356,352 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/14 03:15:28 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/08/13 19:02:34 | 000,357,384 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2009/08/13 18:59:22 | 003,161,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2009/08/13 18:37:56 | 001,573,384 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2009/08/07 13:55:03 | 000,535,552 | ---- | M] (TeamSpeak Systems) -- C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
PRC - [2009/06/27 19:23:11 | 000,288,368 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2009/06/27 19:23:11 | 000,124,536 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2009/06/25 22:04:37 | 007,547,424 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/06/20 12:27:54 | 000,615,176 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008/01/19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 08:33:40 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
PRC - [2007/10/16 11:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2007/10/16 11:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007/08/30 19:13:06 | 000,319,488 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint II\SetPointII.exe
PRC - [2007/08/27 13:52:28 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\KHAL2\KHALMNPR.exe
PRC - [2007/04/24 19:24:16 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbfcoms.exe
========== Modules (SafeList) ==========
MOD - [2010/06/23 10:31:14 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Dale\Desktop\NO MALWARE\OTL.exe
MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/12/17 17:04:18 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/10/31 12:40:24 | 000,320,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/19 19:46:00 | 003,474,384 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/14 03:15:28 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/31 22:59:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/06/27 19:23:11 | 000,288,368 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/16 11:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2007/10/16 11:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007/04/24 19:24:16 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbfcoms.exe -- (lxbf_device)
SRV - [2007/01/25 18:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
========== Driver Services (SafeList) ==========
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/11/16 04:13:14 | 000,216,576 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/11/10 15:54:18 | 000,095,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009/11/10 15:53:54 | 000,032,016 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2009/11/04 20:01:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/11/04 20:01:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/16 15:25:07 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/08/16 15:25:05 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/08/14 05:29:28 | 005,172,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/24 07:45:00 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/14 16:35:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/06/27 13:08:09 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/06/25 22:04:38 | 002,375,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/28 00:03:00 | 007,738,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008/10/17 09:50:00 | 000,131,072 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2008/10/17 09:50:00 | 000,079,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/05/16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/01/19 06:55:21 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/17 18:40:20 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/07/17 18:40:14 | 000,034,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/25 02:19:10 | 000,325,656 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/06/25 02:18:52 | 000,132,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/06/25 02:18:46 | 000,278,040 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/05/11 17:31:36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 5000(UVC)
DRV - [2007/05/11 17:30:04 | 001,921,184 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/04/03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007/01/25 18:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2006/12/31 15:38:18 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2005/01/19 12:14:38 | 000,211,712 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Labtec WebCam(PID_0928)
DRV - [2005/01/19 12:11:16 | 000,022,016 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/26 11:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.3
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 22:29:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/18 20:40:54 | 000,000,000 | ---D | M]
[2009/10/06 22:43:03 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Mozilla\Extensions
[2009/07/30 17:56:39 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/23 10:39:13 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions
[2009/10/06 22:50:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/08 19:16:35 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/11/01 13:05:20 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/02/09 23:01:43 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2010/03/19 12:54:57 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Mozilla\Firefox\Profiles\x8r7xqby.default\extensions\[email protected]
[2009/10/06 22:40:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/31 10:05:32 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files\Mozilla Firefox\plugins\npbyond.dll
[2009/07/03 01:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010/03/12 22:58:05 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/12 22:58:05 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/12 22:58:05 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/12 22:58:05 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/05/25 15:25:32 | 000,000,895 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 84.246.123.71 l2authd.lineage2.com
O1 - Hosts: 216.107.250.194 nProtect.lineage2.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AsioReg] File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download &All by FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx2.htm ()
O8 - Extra context menu item: Download with &FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: FreshDownload - {15697B7E-3594-4C7B-90E5-52FA0174C3BB} - C:\Program Files\FreshDevices\FreshDownload\fd.exe File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamesp...nch/alaunch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {B8A48F42-30E1-48f8-AE87-7BD7C75DB8AA} http://www.systemreq...reqlab_test.cab (System Requirements Lab Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dale\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dale\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/05/30 16:25:37 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O32 - AutoRun File - [2010/05/30 16:22:36 | 000,595,499 | ---- | M] () - C:\Autoruns.zip -- [ NTFS ]
O32 - AutoRun File - [2005/08/01 16:44:27 | 000,000,225 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2005/09/16 20:51:12 | 000,999,424 | R--- | M] (Microsoft Corporation) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/05/26 20:54:55 | 000,002,146 | ---- | M] () - E:\autorestart.smx -- [ NTFS ]
O33 - MountPoints2\{305506df-64f0-11de-bd6c-001c25349b08}\Shell\AutoRun\command - "" = G:\StartPortableApps.exe -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe -- [2005/09/16 20:51:12 | 000,999,424 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\directx\command - "" = D:\directx9\DXSETUP.exe -- [2005/05/26 23:34:41 | 000,482,000 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\setup\command - "" = D:\setup.exe -- [2005/09/19 23:04:52 | 000,253,952 | R--- | M] (Microsoft Game Studios )
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\automenu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/04 21:14:37 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Labtec Inc.)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 90 Days ==========
[2010/06/23 10:16:50 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/23 10:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/23 10:03:16 | 000,000,000 | ---D | C] -- C:\Users\Dale\Desktop\NO MALWARE
[2010/06/14 20:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/06/13 01:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/05 03:46:44 | 000,000,000 | ---D | C] -- C:\Users\Dale\Desktop\profiles
[2010/06/04 18:14:23 | 000,000,000 | ---D | C] -- C:\Users\Dale\Desktop\MTA-Lua
[2010/06/04 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Roaming\InfraRecorder
[2010/06/04 11:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\InfraRecorder
[2010/06/02 17:00:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\profiles
[2010/05/31 15:28:03 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Local\LogMeIn Hamachi
[2010/05/31 15:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010/05/30 16:25:37 | 000,000,000 | ---D | C] -- C:\Autoruns
[2010/05/27 18:00:23 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Local\Vitalwerks
[2010/05/27 17:58:38 | 000,000,000 | ---D | C] -- C:\Program Files\No-IP
[2010/05/27 16:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dale\Desktop\HACKS
[2010/05/26 14:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\TS Admin-Client 2
[2010/05/25 16:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010/05/24 17:56:30 | 000,000,000 | ---D | C] -- C:\Users\Dale\.sshterm
[2010/05/24 17:56:30 | 000,000,000 | ---D | C] -- C:\Users\Dale\.ssh
[2010/05/24 00:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Schmads Inc
[2010/05/18 20:42:29 | 000,000,000 | ---D | C] -- C:\Users\Dale\Documents\BYOND
[2010/05/18 20:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\BYOND
[2010/04/26 23:42:55 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Roaming\OpenOffice.org
[2010/04/26 23:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/04/20 08:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\SecondLifeViewer2
[2010/04/14 23:42:32 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010/03/29 16:20:32 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2010/03/29 09:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2010/03/28 11:54:19 | 000,000,000 | ---D | C] -- C:\Users\Dale\Perl
[2010/03/28 01:38:13 | 000,000,000 | ---D | C] -- C:\strawberry
[2010/03/27 15:38:41 | 000,000,000 | ---D | C] -- C:\MinGW
[2010/03/27 14:58:46 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Local\ActiveState
[2010/03/25 20:03:17 | 000,000,000 | ---D | C] -- C:\Users\Dale\AppData\Roaming\Malwarebytes
[2010/03/25 20:03:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/25 20:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/25 20:03:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/25 20:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/21 22:13:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\A3D.DLL
[2009/07/31 19:44:14 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbfserv.dll
[2009/07/31 19:44:14 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbfusb1.dll
[2009/07/31 19:44:14 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbfinpa.dll
[2009/07/31 19:44:14 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbfiesc.dll
[2009/07/31 19:44:14 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBFhcp.dll
[2009/07/31 19:44:13 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbfhbn3.dll
[2009/07/31 19:44:13 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbfcomc.dll
[2009/07/31 19:44:13 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbfpmui.dll
[2009/07/31 19:44:13 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbflmpm.dll
[2009/07/31 19:44:13 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbfcomm.dll
[2009/07/31 19:44:13 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbfprox.dll
[2009/07/31 19:44:13 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbfpplc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/06/23 11:40:41 | 008,388,608 | -HS- | M] () -- C:\Users\Dale\ntuser.dat
[2010/06/23 11:19:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/23 11:18:45 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9FBFB0A4-B2C3-4DE6-A4C4-C5C98FC53CDA}.job
[2010/06/23 11:16:19 | 000,003,775 | ---- | M] () -- C:\Users\Dale\Desktop\archetype.xml
[2010/06/23 10:34:27 | 000,729,668 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/23 10:34:27 | 000,631,284 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/23 10:34:27 | 000,111,974 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/23 10:30:35 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/06/23 10:28:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/23 10:27:54 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/23 10:27:54 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/23 10:27:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/23 10:27:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/23 10:27:26 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/23 10:25:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/23 10:25:25 | 000,524,288 | -HS- | M] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000001.regtrans-ms
[2010/06/23 10:25:25 | 000,065,536 | -HS- | M] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TM.blf
[2010/06/23 10:25:22 | 002,503,153 | -H-- | M] () -- C:\Users\Dale\AppData\Local\IconCache.db
[2010/06/23 10:25:09 | 000,000,857 | ---- | M] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/22 23:05:18 | 000,075,809 | ---- | M] () -- C:\Users\Dale\Desktop\nsgbannerad.jpg
[2010/06/22 23:04:58 | 000,559,893 | ---- | M] () -- C:\Users\Dale\Desktop\nsgbanner.psd
[2010/06/22 17:10:51 | 000,000,600 | ---- | M] () -- C:\Users\Dale\AppData\Local\PUTTY.RND
[2010/06/22 14:25:36 | 000,100,115 | ---- | M] () -- C:\Users\Dale\Desktop\SlavehackNCPsoftwarelist.html
[2010/06/21 16:07:31 | 000,000,218 | ---- | M] () -- C:\Windows\scrantic.ini
[2010/06/21 01:25:01 | 000,009,138 | ---- | M] () -- C:\Users\Dale\Desktop\commands.xml
[2010/06/19 17:46:43 | 000,001,874 | ---- | M] () -- C:\Users\Dale\Desktop\MTA San Andreas.lnk
[2010/06/19 13:16:02 | 000,000,032 | ---- | M] () -- C:\Windows\Gunzlauncher.INI
[2010/06/19 13:03:56 | 000,000,613 | ---- | M] () -- C:\Users\Dale\Desktop\Launch Trinity.lnk
[2010/06/14 20:39:48 | 000,138,056 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/06/14 20:39:48 | 000,138,056 | ---- | M] () -- C:\Users\Dale\AppData\Roaming\PnkBstrK.sys
[2010/06/14 00:11:52 | 000,000,406 | ---- | M] () -- C:\Users\Dale\Desktop\settings.Conf
[2010/06/13 13:36:15 | 000,001,774 | -H-- | M] () -- C:\Users\Dale\Documents\Default.rdp
[2010/06/10 12:04:09 | 002,210,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/09 23:20:01 | 000,013,807 | ---- | M] () -- C:\Users\Dale\Desktop\nsg.png
[2010/06/09 23:19:11 | 000,034,304 | ---- | M] () -- C:\Users\Dale\Documents\Blank.doc
[2010/06/07 02:17:58 | 000,524,288 | -HS- | M] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000002.regtrans-ms
[2010/06/07 02:00:20 | 000,524,288 | -HS- | M] () -- C:\Users\Dale\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/07 02:00:20 | 000,065,536 | -HS- | M] () -- C:\Users\Dale\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/04 12:15:11 | 733,419,520 | ---- | M] () -- C:\Users\Dale\Desktop\ubuntu-10.04-desktop-i386.iso
[2010/06/04 11:51:58 | 000,000,921 | ---- | M] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk
[2010/06/04 11:51:58 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\InfraRecorder.lnk
[2010/06/02 17:02:56 | 000,000,419 | ---- | M] () -- C:\Windows\System32\settings.Conf
[2010/06/01 15:02:24 | 002,419,568 | ---- | M] () -- C:\Windows\System32\pbsvc_apb.exe
[2010/05/31 15:27:08 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010/05/30 16:22:36 | 000,595,499 | ---- | M] () -- C:\Autoruns.zip
[2010/05/28 19:22:17 | 000,002,930 | ---- | M] () -- C:\Users\Dale\Desktop\aliases.smx
[2010/05/28 19:17:18 | 000,001,248 | ---- | M] () -- C:\Users\Dale\Desktop\aliases.sp
[2010/05/28 01:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010/05/26 14:15:27 | 000,000,817 | ---- | M] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\TS Admin-Client 2.lnk
[2010/05/26 14:15:27 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\TS Admin-Client 2.lnk
[2010/05/25 16:27:37 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/05/24 17:34:52 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/05/23 21:50:48 | 001,541,120 | ---- | M] () -- C:\Users\Dale\Desktop\Rank Structure.doc
[2010/05/23 17:53:32 | 000,000,579 | ---- | M] () -- C:\Users\Dale\Desktop\SAM Broadcaster.lnk
[2010/05/23 17:53:32 | 000,000,579 | ---- | M] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\SAM Broadcaster.lnk
[2010/05/13 21:27:02 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/27 00:20:33 | 000,063,216 | ---- | M] () -- C:\Users\Dale\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/17 18:26:53 | 000,000,075 | ---- | M] () -- C:\Users\Dale\jagex_runescape_preferences2.dat
[2010/04/17 18:26:38 | 000,000,341 | ---- | M] () -- C:\Users\Public\Desktop\Lineage II.lnk
[2010/04/17 17:56:26 | 000,000,041 | ---- | M] () -- C:\Users\Dale\jagex_runescape_preferences.dat
[2010/04/16 00:57:46 | 000,000,000 | ---- | M] () -- C:\Users\Dale\jagex__preferences3.dat
[2010/04/02 00:51:05 | 000,002,121 | ---- | M] () -- C:\Windows\System32\msexcr.ini
[2010/04/01 17:39:14 | 000,038,573 | ---- | M] () -- C:\Users\Dale\Documents\CancellationConfirmation.pdf
[2010/04/01 17:00:56 | 000,000,420 | ---- | M] () -- C:\Windows\lexstat.ini
[2010/03/28 14:40:08 | 000,001,631 | ---- | M] () -- C:\Users\Dale\Desktop\MapleStory.lnk
[2010/03/28 13:43:16 | 000,000,600 | ---- | M] () -- C:\Users\Dale\AppData\Roaming\winscp.rnd
[2010/03/28 12:30:54 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/03/27 23:40:44 | 000,001,475 | ---- | M] () -- C:\test.html
[2010/03/27 17:30:48 | 000,000,557 | ---- | M] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\MapleStory.lnk
[2010/03/27 17:30:48 | 000,000,557 | ---- | M] () -- C:\Users\Dale\Desktop\MapleStory Europe.lnk
[2010/03/25 19:59:40 | 000,204,800 | -HS- | M] () -- C:\Users\Dale\AppData\Local\3292048846.dll
[2010/03/25 19:56:07 | 000,002,296 | -HS- | M] () -- C:\Users\Dale\AppData\Local\2Q757bFxJ7S
[2010/03/25 19:56:07 | 000,002,296 | -HS- | M] () -- C:\ProgramData\2Q757bFxJ7S
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/06/22 23:01:17 | 000,003,775 | ---- | C] () -- C:\Users\Dale\Desktop\archetype.xml
[2010/06/22 14:25:33 | 000,100,115 | ---- | C] () -- C:\Users\Dale\Desktop\SlavehackNCPsoftwarelist.html
[2010/06/22 00:00:49 | 000,075,809 | ---- | C] () -- C:\Users\Dale\Desktop\nsgbannerad.jpg
[2010/06/22 00:00:17 | 000,559,893 | ---- | C] () -- C:\Users\Dale\Desktop\nsgbanner.psd
[2010/06/21 00:49:37 | 000,009,138 | ---- | C] () -- C:\Users\Dale\Desktop\commands.xml
[2010/06/19 13:03:56 | 000,000,613 | ---- | C] () -- C:\Users\Dale\Desktop\Launch Trinity.lnk
[2010/06/14 20:39:31 | 002,419,568 | ---- | C] () -- C:\Windows\System32\pbsvc_apb.exe
[2010/06/09 23:20:01 | 000,013,807 | ---- | C] () -- C:\Users\Dale\Desktop\nsg.png
[2010/06/09 23:19:01 | 000,034,304 | ---- | C] () -- C:\Users\Dale\Documents\Blank.doc
[2010/06/07 02:09:08 | 000,524,288 | -HS- | C] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000002.regtrans-ms
[2010/06/07 02:09:08 | 000,524,288 | -HS- | C] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000001.regtrans-ms
[2010/06/07 02:09:07 | 000,065,536 | -HS- | C] () -- C:\Users\Dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TM.blf
[2010/06/05 03:46:44 | 000,000,406 | ---- | C] () -- C:\Users\Dale\Desktop\settings.Conf
[2010/06/04 11:58:12 | 733,419,520 | ---- | C] () -- C:\Users\Dale\Desktop\ubuntu-10.04-desktop-i386.iso
[2010/06/04 11:51:58 | 000,000,921 | ---- | C] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk
[2010/06/04 11:51:58 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\InfraRecorder.lnk
[2010/06/04 10:40:20 | 000,001,874 | ---- | C] () -- C:\Users\Dale\Desktop\MTA San Andreas.lnk
[2010/06/02 17:00:50 | 000,000,419 | ---- | C] () -- C:\Windows\System32\settings.Conf
[2010/05/31 15:27:08 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010/05/30 16:43:06 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/30 16:22:28 | 000,595,499 | ---- | C] () -- C:\Autoruns.zip
[2010/05/28 19:02:11 | 000,001,248 | ---- | C] () -- C:\Users\Dale\Desktop\aliases.sp
[2010/05/28 18:57:58 | 000,002,930 | ---- | C] () -- C:\Users\Dale\Desktop\aliases.smx
[2010/05/28 01:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/05/26 14:15:27 | 000,000,817 | ---- | C] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\TS Admin-Client 2.lnk
[2010/05/26 14:15:27 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\TS Admin-Client 2.lnk
[2010/05/25 16:27:37 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/05/24 17:34:52 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/05/23 21:40:40 | 001,541,120 | ---- | C] () -- C:\Users\Dale\Desktop\Rank Structure.doc
[2010/05/23 17:53:32 | 000,000,579 | ---- | C] () -- C:\Users\Dale\Desktop\SAM Broadcaster.lnk
[2010/05/23 17:53:32 | 000,000,579 | ---- | C] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\SAM Broadcaster.lnk
[2010/04/20 08:54:22 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk
[2010/04/17 18:26:38 | 000,000,341 | ---- | C] () -- C:\Users\Public\Desktop\Lineage II.lnk
[2010/04/16 00:57:46 | 000,000,075 | ---- | C] () -- C:\Users\Dale\jagex_runescape_preferences2.dat
[2010/04/16 00:57:46 | 000,000,000 | ---- | C] () -- C:\Users\Dale\jagex__preferences3.dat
[2010/04/16 00:56:38 | 000,000,041 | ---- | C] () -- C:\Users\Dale\jagex_runescape_preferences.dat
[2010/04/02 00:51:04 | 000,002,121 | ---- | C] () -- C:\Windows\System32\msexcr.ini
[2010/04/01 17:39:14 | 000,038,573 | ---- | C] () -- C:\Users\Dale\Documents\CancellationConfirmation.pdf
[2010/03/29 09:20:54 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\vrtaucbl.sys
[2010/03/28 14:40:08 | 000,001,631 | ---- | C] () -- C:\Users\Dale\Desktop\MapleStory.lnk
[2010/03/28 13:43:16 | 000,000,600 | ---- | C] () -- C:\Users\Dale\AppData\Roaming\winscp.rnd
[2010/03/27 23:22:46 | 000,001,475 | ---- | C] () -- C:\test.html
[2010/03/27 17:30:48 | 000,000,557 | ---- | C] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\MapleStory.lnk
[2010/03/27 17:30:48 | 000,000,557 | ---- | C] () -- C:\Users\Dale\Desktop\MapleStory Europe.lnk
[2010/03/25 20:03:13 | 000,000,857 | ---- | C] () -- C:\Users\Dale\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/03/25 19:59:40 | 000,204,800 | -HS- | C] () -- C:\Users\Dale\AppData\Local\3292048846.dll
[2010/03/25 19:54:34 | 000,002,296 | -HS- | C] () -- C:\Users\Dale\AppData\Local\2Q757bFxJ7S
[2010/03/25 19:54:34 | 000,002,296 | -HS- | C] () -- C:\ProgramData\2Q757bFxJ7S
[2009/11/29 13:06:22 | 000,000,032 | ---- | C] () -- C:\Windows\Gunzlauncher.INI
[2009/11/22 10:40:57 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/11/19 20:09:34 | 000,000,208 | ---- | C] () -- C:\Windows\DBMANA~1.INI
[2009/11/09 20:33:28 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009/10/26 12:32:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/21 22:14:32 | 000,000,218 | ---- | C] () -- C:\Windows\scrantic.ini
[2009/10/15 18:50:36 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/10/15 18:50:36 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/10/04 00:35:29 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/09/21 22:06:40 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009/08/21 22:14:23 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2009/08/21 22:13:59 | 000,061,318 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009/08/21 22:13:59 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009/08/16 15:40:36 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/16 15:25:07 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/08/16 15:25:05 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/07/31 19:46:46 | 000,000,420 | ---- | C] () -- C:\Windows\lexstat.ini
[2009/07/31 19:44:14 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbfutil.dll
[2009/07/31 19:44:14 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBFinst.dll
[2009/06/27 13:08:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/06/26 12:21:05 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/02/22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbfcoin.dll
[2007/01/25 18:31:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/01/12 10:24:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbfvs.dll
[2005/09/13 17:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbfcnv4.dll
[2005/01/19 10:30:54 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
========== LOP Check ==========
[2010/02/17 16:09:20 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\1&1
[2009/12/23 11:40:20 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Azureus
[2010/05/27 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\BitTorrent
[2009/06/27 16:55:04 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\DAEMON Tools Lite
[2010/03/13 12:40:28 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Desktopicon
[2009/09/28 21:20:37 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\DMCache
[2010/05/24 20:11:44 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\DNA
[2010/06/22 18:54:54 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\FileZilla
[2009/08/16 15:16:36 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\FreshDiagnose
[2009/08/17 13:40:26 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Games
[2010/02/17 18:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Hippo_OpenSim_Viewer
[2010/01/02 18:05:21 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\HLSW
[2009/11/28 21:16:02 | 000,000,000 | -H-D | M] -- C:\Users\Dale\AppData\Roaming\ijjigame
[2009/08/25 16:18:07 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\ImgBurn
[2010/06/04 12:51:55 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\InfraRecorder
[2009/10/23 18:31:22 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\JAM Software
[2009/08/01 23:53:25 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\JGoodies
[2009/08/16 14:53:41 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\KeyText
[2009/12/26 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Leadertech
[2010/03/12 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\LimeWire
[2009/07/24 22:57:17 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Nexon
[2009/07/29 19:06:27 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Nonoh
[2009/10/04 13:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Notepad++
[2010/04/26 23:42:55 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\OpenOffice.org
[2009/10/15 18:59:07 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\PC Suite
[2009/11/04 21:57:47 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\PKWARE
[2009/10/15 18:50:17 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Samsung
[2010/01/09 21:53:54 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\SecondLife
[2010/02/04 22:59:52 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Spotify
[2009/07/26 01:20:11 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\springlobby
[2009/07/26 01:18:27 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\springsettings
[2009/07/27 21:13:35 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Subversion
[2010/01/06 00:30:15 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\SystemRequirementsLab
[2009/07/23 00:57:49 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\TeamViewer
[2009/12/28 21:05:46 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\TS3Client
[2009/07/29 18:59:16 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Voipwise
[2009/08/15 13:51:07 | 000,000,000 | ---D | M] -- C:\Users\Dale\AppData\Roaming\Warsow
[2010/06/23 10:25:27 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/23 11:18:45 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9FBFB0A4-B2C3-4DE6-A4C4-C5C98FC53CDA}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/05/30 16:22:36 | 000,595,499 | ---- | M] () -- C:\Autoruns.zip
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/06/26 04:50:19 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/12/05 21:10:08 | 000,000,010 | RHS- | M] () -- C:\config.sys
[2010/06/23 10:27:26 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/16 19:26:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/08/16 19:26:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/06/23 10:27:24 | 2147,483,648 | -HS- | M] () -- C:\pagefile.sys
[2010/03/27 23:40:44 | 000,001,475 | ---- | M] () -- C:\test.html
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2007/03/26 08:59:36 | 000,102,400 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\lxbfpp5c.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/08/14 03:16:22 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:24051EFF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D48F2BA9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
Extras.Txt --:
OTL Extras logfile created on: 23/06/2010 11:37:41 AM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Dale\Desktop\NO MALWARE
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 28.94 Gb Free Space | 19.42% Space Free | Partition Type: NTFS
Drive D: | 591.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 149.05 Gb Total Space | 124.26 Gb Free Space | 83.37% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 149.05 Gb Total Space | 102.97 Gb Free Space | 69.08% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: DALE-PC
Current User Name: Dale
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2792143457-1836989674-3981329361-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09115A59-0C2A-477E-A1D2-3EC644E522C5}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{0AB15C63-4599-4197-8F63-79B14468D981}" = rport=137 | protocol=17 | dir=out | app=system |
"{0DC094BD-778B-4E93-8EEE-248E7D465BE3}" = lport=139 | protocol=6 | dir=in | app=system |
"{176BD5C8-D592-4143-8145-EEF6F9A838CC}" = lport=445 | protocol=6 | dir=in | app=system |
"{2209BD58-E523-4D58-96A6-E54822326835}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2821040A-4FE6-4A38-8980-BEDA685D231C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2D9C294D-B678-4D01-AD8E-639D1C0A9D52}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{3502DCFE-A049-40C9-B365-058811AF2D7D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3CE4F226-F6A0-41C2-BF59-B43F2B39534B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{43E734DF-EE57-4A21-8A55-2012476B07BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4590EF03-2EAF-4117-A24B-98F7A0BD599B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4E29FCA8-4359-4CF2-A7D0-8565F26D1DE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{722DB617-D297-4461-8AEC-9D7775B42939}" = lport=138 | protocol=17 | dir=in | app=system |
"{74839627-A617-4A02-830B-F32B36E16D8E}" = rport=138 | protocol=17 | dir=out | app=system |
"{7F7ACA8C-4E89-4EBD-B00A-74CF0A30BD65}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{8055678B-E4D5-42C1-B9A2-4B98F8F6C2C9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A0CAB28-645A-423E-A14D-401255034A23}" = rport=445 | protocol=6 | dir=out | app=system |
"{9377DA2C-6671-492D-B99A-1D355701A5E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB94206F-E9D5-4F06-95FC-42A3857A32B5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B2122026-8294-432B-9370-3CF4BDFCB2B3}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B3263782-CB7D-47B7-8E4B-B500B455C611}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7B0CF06-E307-4EBC-927F-7E34D328A4D3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9863A2B-6E9E-425B-B154-3CE35E62ACE7}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E543C730-A4E3-4608-95C4-55ED59A34666}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA905A5B-4DF2-4592-809F-3A87860EBA2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBBE52B2-BE4B-42B6-9374-568388A0DF51}" = lport=137 | protocol=17 | dir=in | app=system |
"{FE0929B7-1142-4F56-8FF9-F154F84287FF}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D4EF0C-DA14-4960-9010-00AA2D602CA4}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{0201C83E-B307-4F53-9C87-E2E02CA93044}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{06743E3E-2E61-4687-B545-C97A9BB735A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0B191B30-0702-4BCF-8E3F-9B1E917DEA11}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0C2300C7-5F21-45D0-8F5A-4382A51DE52D}" = protocol=17 | dir=in | app=e:\call of duty - world at war\codwaw.exe |
"{0F5B37E6-6346-4A9D-ADD2-14450F2DB3C3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\garrysmod\hl2.exe |
"{12EC3DFF-835F-4600-9EAD-FA3AFB74A67C}" = protocol=6 | dir=in | app=h:\bf2\bf2.exe |
"{13418D00-E186-4923-BC1F-6F42B09E61CF}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{137CB04E-111F-4D9B-B32F-5CEE80E0D30E}" = protocol=17 | dir=in | app=e:\samsung\pc studio\npsasvr.exe |
"{150C6143-EA7F-49C9-8126-C7B8A7CC9401}" = protocol=17 | dir=in | app=j:\opera1010usb_en\opera1010usb\operausb.exe |
"{16A34CB6-5C1C-4812-960F-B851A3DCFD25}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{183239B5-EB58-483E-A92D-31B083FFE5CE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{19768CF0-C52D-46F3-871F-C68861485DD6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A2A006B-25BC-4BAF-85F9-D394B31A8650}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{1B90DEBC-56D4-4C36-A646-B89FFE6FE487}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1D4156B7-8EF1-4A1F-B96A-22F374DBC3EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DBC8B32-E646-41B3-8644-B55400AF0D9D}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1E5A0F38-70AB-448F-AA44-10D17467930F}" = protocol=58 | dir=out | [email protected],-28546 |
"{29F0F4E9-0D3E-47E9-9834-8357CC6D7FF0}" = protocol=17 | dir=in | app=h:\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{3478E0D3-A907-45AB-ACD0-19C73F5E885D}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{39B37937-F826-4932-855F-D5B6E8199A87}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{3D49D7B5-9C4F-46AA-86A3-C27F36B5B814}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{4319F177-B876-483E-9F6A-F508C6AD18DA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{449FC305-A67F-4EB2-8813-0F30D76E0756}" = protocol=17 | dir=in | app=e:\call of duty - world at war\codwawmp.exe |
"{46AFCE2D-252F-4FCF-ABA6-93E926D78250}" = protocol=6 | dir=in | app=e:\samsung\pc studio\npsvsvr.exe |
"{49F08E1C-4F56-463C-8DC6-CA9DAAB1C7AA}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4D3A2F9B-2B4C-48AA-92B4-230A83F42DEC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4D833354-BAD3-4652-ABA8-EE0E4858A7E4}" = protocol=6 | dir=in | app=j:\opera1010usb_en\opera1010usb\operausb.exe |
"{5009A6D4-D647-488B-BB34-561B946A7E73}" = protocol=1 | dir=in | [email protected],-28543 |
"{519203B8-5D15-4773-97EF-0489F6F643B6}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{5240BF07-E233-4F06-9DDC-BF69F4AFB70B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{57670A19-271C-4805-9A45-911F1D3C7A35}" = protocol=6 | dir=in | app=e:\call of duty - world at war\codwawmp.exe |
"{5B9D5B72-7103-483E-A676-B9453BB511B6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5EDC49BE-97FF-48CD-9511-28047A52B649}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60E9BBB8-5230-4B44-BE0A-C497CE38E2D1}" = protocol=17 | dir=in | app=e:\samsung\pc studio\npsvsvr.exe |
"{625148C6-5DC7-4FA6-AFBA-0AB2AC77C9A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64CEA944-B3DB-4B48-9B9B-2CA40C4C3A87}" = protocol=6 | dir=out | app=system |
"{650B3505-EEDB-44AB-9ED2-4AFE689A7A32}" = protocol=6 | dir=in | app=h:\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{6541B83B-05FC-4D6F-9593-BEA8020355BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6B1A99BD-E829-4533-B2DD-25DC6AB924CA}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{6F8DFEEC-904C-45C9-84AE-C67C966623A2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{70235FF1-34C2-4EB8-930D-8FF42FEB5162}" = protocol=17 | dir=in | app=h:\bf2\bf2.exe |
"{7411BFB5-6C48-4FBF-B318-95AC0CDC0441}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82DF3528-1253-4048-97CD-17143E3F0207}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{86E3DCAB-7349-4208-9E28-0584887094F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{88583679-60B7-4FD3-A796-28B1A1C60414}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{8AF626D9-E36B-4C00-B73F-3A8E3BB626CA}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8B946E53-7960-4FDA-A248-F4E894F9DC4C}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{8D29424B-4250-4A8A-906E-3CE32FD0B601}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E564C5A-30F5-4A5D-9C3E-505A18A4CED2}" = protocol=6 | dir=in | app=e:\samsung\pc studio\npsasvr.exe |
"{8ED01021-966D-48BE-9756-D1E3E14845DF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{921AB7DA-9A24-46AC-96DB-BA5B65496DB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9835C05F-0784-4BA7-8463-B0F3A1C7E67A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbfpswx.exe |
"{9B6D8EF7-69D4-4EEF-A344-1492CC9B768B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A72E9459-6B5B-4B1F-BEA6-DD837179006F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A7AE83EC-A90C-4AE7-BCD3-FB985B512D36}" = protocol=6 | dir=in | app=c:\windows\system32\lxbfcoms.exe |
"{A922523E-4929-4F56-AFEC-2C266A0F5347}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{A93B72FA-FBD8-4AA6-A0C7-8D60A6734E24}" = protocol=17 | dir=in | app=c:\windows\system32\lxbfcoms.exe |
"{AB16CEDD-7316-47C7-8AA1-EDAE416EC55C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{AB6064E0-2701-4608-B6E4-15B1EB37BD20}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{ABD3AA09-3E5D-49B1-B38D-18DB16215118}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B0A773C9-4C2B-4097-9C3F-DA19337ED092}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B46A18D3-450D-4AF5-A4C2-83AC3C5A4F94}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B6861831-28BC-4D63-A9C2-006DA693F90A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA9E798F-F54E-49BD-8FE3-6B4EFBE86095}" = protocol=6 | dir=in | app=e:\call of duty - world at war\codwaw.exe |
"{BD521AD4-6667-4FAE-8810-89CEC7D92353}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDB4DF5A-DB89-4B54-8D2A-39BBE7DCAE19}" = protocol=58 | dir=in | [email protected],-28545 |
"{C02AB96F-3AD3-4EFE-9C42-506F4D4EC290}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C39EE8BB-86EA-49E9-9ED5-22D4D039FE26}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C42E43DF-1F61-4B05-B2B9-84E2D8FAA07A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\garrysmod\hl2.exe |
"{C79CCA47-0D7B-43B8-BC80-0090328752FF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\garrysmod\hl2.exe |
"{C8BD6D08-4271-456D-9FA6-499DE5AA0700}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CBDC2228-FFEC-460D-BCB2-35BF7AE44F9E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CE4F9CAF-CE1F-4E11-9D91-4EE3900219E6}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{CFA07B9A-7877-42D6-8247-AC27C29BFCC4}" = protocol=1 | dir=out | [email protected],-28544 |
"{D1D036A1-3D43-4BC3-930E-8A3103A8B95A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbfpswx.exe |
"{D3451C13-8766-48E9-AB66-3B8083691107}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5919B72-5315-4A02-BAD0-5CE57F8E5292}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EBFC5D03-CA06-4DC0-BA28-21130EE41D67}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\garrysmod\hl2.exe |
"{EE8DE837-CAC3-48ED-B5A9-B9BE6A044E85}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F853E3C1-3C97-455E-A0C8-95D54EE12FB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB63F800-D09C-4860-8401-9D953FF408B0}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{0A80D228-6521-4B13-A53F-D57AD9538077}C:\program files\turkojan\client.exe" = protocol=6 | dir=in | app=c:\program files\turkojan\client.exe |
"TCP Query User{0FF94F67-4DDF-4830-B071-09B27C7FC5CF}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{2D1532AE-9B70-49C7-A5A1-75208AB7F756}C:\program files\voipwise.com\voipwise\voipwise.exe" = protocol=6 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |
"TCP Query User{32D3526E-D567-4F13-A149-7101C4119CDA}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{33C5673E-8A7D-4F85-8B1F-23F047665279}C:\users\dale\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\dale\program files\dna\btdna.exe |
"TCP Query User{35E0B3EC-B185-4A87-B645-10C078D7A490}C:\program files\steam\steamapps\dsdale\dystopia\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\dystopia\hl2.exe |
"TCP Query User{41699311-EA66-4C93-8AE0-74BCDE2D7E63}C:\program files\spring\springlobby.exe" = protocol=6 | dir=in | app=c:\program files\spring\springlobby.exe |
"TCP Query User{43B4B7A5-23D9-40AE-9023-EBCB675D5714}C:\program files\spring\springdownloader.exe" = protocol=6 | dir=in | app=c:\program files\spring\springdownloader.exe |
"TCP Query User{48A61F53-C8C4-4578-A625-85081B392FF4}C:\users\dale\desktop\hacks\biozombie\biozombie\client\biozombie 1.5.exe" = protocol=6 | dir=in | app=c:\users\dale\desktop\hacks\biozombie\biozombie\client\biozombie 1.5.exe |
"TCP Query User{503CD36A-C476-44E2-8CBD-0B77DA406EB6}H:\apb\apb europe\binaries\apb.exe" = protocol=6 | dir=in | app=h:\apb\apb europe\binaries\apb.exe |
"TCP Query User{53809510-9509-405C-B090-1B1378DBDA38}C:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe |
"TCP Query User{5808F7C9-B90E-47F9-A852-112FA20B1694}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{5A403982-45B7-40F8-B3B7-22F68A30BF96}C:\users\dale\desktop\hacks\turkojan_4__gold_\turkojan 4\client.exe" = protocol=6 | dir=in | app=c:\users\dale\desktop\hacks\turkojan_4__gold_\turkojan 4\client.exe |
"TCP Query User{5B7D5616-990D-4421-95A8-AEBC88817C97}E:\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=e:\unrealtournament\system\unrealtournament.exe |
"TCP Query User{695D5287-5095-44A6-BB6D-B75F967CD88E}C:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe |
"TCP Query User{6FE13C71-48F3-481A-8ABD-511CC52A3F2A}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{77589549-3425-48D1-9FF8-75A807708F71}C:\program files\nonoh.net\nonoh\nonoh.exe" = protocol=6 | dir=in | app=c:\program files\nonoh.net\nonoh\nonoh.exe |
"TCP Query User{78297981-59BE-4D33-904D-6B496D260C9C}C:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe |
"TCP Query User{7895BC54-DEF9-4E42-9E7E-934E9739B906}C:\program files\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files\dap\dap.exe |
"TCP Query User{83305F34-BEA4-4BD6-A09D-F8AEC840C588}H:\tg\trinity gunz\gunz.exe" = protocol=6 | dir=in | app=h:\tg\trinity gunz\gunz.exe |
"TCP Query User{8ABD9BB9-33C5-46F7-93A4-9A61F98BE98F}C:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe |
"TCP Query User{8E4C6015-DD44-47EA-94C8-3CDF5FEF6B59}C:\users\dale\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\dale\program files\dna\btdna.exe |
"TCP Query User{A18A17D1-CB2E-4089-A1EA-B78FCD56B6CB}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"TCP Query User{A3CF680F-4F9D-41BC-8F09-DDDE0EA92C6C}C:\program files\steam\steamapps\dsdale\source sdk base\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\source sdk base\hl2.exe |
"TCP Query User{B68DEF09-9B01-420D-AF8B-2DFB8427EF5F}C:\program files\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\gta san andreas\gta_sa.exe |
"TCP Query User{B9773840-9765-443C-860F-D059846FB964}C:\program files\steam\steamapps\dsdale\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dsdale\insurgency\hl2.exe |
"TCP Query User{C761568B-1678-45A5-AF42-FF2B3FEA09EE}C:\program files\turkojan\client.exe" = protocol=6 | dir=in | app=c:\program files\turkojan\client.exe |
"TCP Query User{CEB85145-0A9F-471C-BBE8-4469B0C5055C}H:\aoe3\age3_bladeartist.exe" = protocol=6 | dir=in | app=h:\aoe3\age3_bladeartist.exe |
"TCP Query User{D3AFF963-C52F-4592-BCC6-843AE61FD3BD}E:\xfire\xfire.exe" = protocol=6 | dir=in | app=e:\xfire\xfire.exe |
"TCP Query User{D49DCA6E-0720-4756-9CD5-52FE9BD866DB}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{D6203D8A-B32E-48CB-968C-0B05D1E4890A}C:\users\dale\desktop\hacks\spynet__rat_\spynet [rat]\spynet.exe" = protocol=6 | dir=in | app=c:\users\dale\desktop\hacks\spynet__rat_\spynet [rat]\spynet.exe |
"TCP Query User{DF2933E9-5BFC-49BE-B619-4EB72051625B}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0271F025-0FB1-4FC8-9622-246FA0B62AC5}C:\program files\turkojan\client.exe" = protocol=17 | dir=in | app=c:\program files\turkojan\client.exe |
"UDP Query User{0AECDF15-96EB-4C4C-B63C-0AAC2553E876}C:\program files\steam\steamapps\dsdale\source sdk base\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\source sdk base\hl2.exe |
"UDP Query User{111D7893-CA65-45E7-A8CC-B30E8035268C}C:\program files\voipwise.com\voipwise\voipwise.exe" = protocol=17 | dir=in | app=c:\program files\voipwise.com\voipwise\voipwise.exe |
"UDP Query User{130CFAC3-3113-44A5-A7F7-2EE265214B7D}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"UDP Query User{149941A4-BBE3-435A-9DA6-AB9442246A34}C:\program files\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\gta san andreas\gta_sa.exe |
"UDP Query User{1AB85C3F-BA44-4490-B59E-5B8528D5FEE1}H:\tg\trinity gunz\gunz.exe" = protocol=17 | dir=in | app=h:\tg\trinity gunz\gunz.exe |
"UDP Query User{2CAF0EE0-DB20-483C-AAA9-CB5574B47CDA}C:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe |
"UDP Query User{34BC9507-D222-4253-957A-175413EDD455}C:\users\dale\desktop\hacks\turkojan_4__gold_\turkojan 4\client.exe" = protocol=17 | dir=in | app=c:\users\dale\desktop\hacks\turkojan_4__gold_\turkojan 4\client.exe |
"UDP Query User{34C86C05-A7AE-4B2D-8A4A-1AF567C45150}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{353EE42C-4F59-4078-A558-A42FA83EF2F5}C:\users\dale\desktop\hacks\biozombie\biozombie\client\biozombie 1.5.exe" = protocol=17 | dir=in | app=c:\users\dale\desktop\hacks\biozombie\biozombie\client\biozombie 1.5.exe |
"UDP Query User{365ECACE-0605-4DEB-87E1-3961B8B7B0B4}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{36F5406C-F26F-4150-A615-AF95FFFC79A0}C:\program files\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files\dap\dap.exe |
"UDP Query User{59500972-E1C6-4B2B-B5B4-0CBF2F7EB133}H:\aoe3\age3_bladeartist.exe" = protocol=17 | dir=in | app=h:\aoe3\age3_bladeartist.exe |
"UDP Query User{5ECC8C06-2FFC-4E47-9C0F-6157288D619A}C:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe |
"UDP Query User{6501E468-9F91-443C-871B-9A5AE30EB27C}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{895AFE92-8243-41CA-8459-15512A0D4BEA}E:\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=e:\unrealtournament\system\unrealtournament.exe |
"UDP Query User{91A055EE-C71F-469B-9EF9-B249CCC4A2E4}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{95D1411F-CF7D-48BB-BB47-3A63884CC63E}C:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\counter-strike source\hl2.exe |
"UDP Query User{97C4398D-7E8B-41F4-B9FE-9B55B0EB505F}C:\users\dale\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\dale\program files\dna\btdna.exe |
"UDP Query User{A041D639-5650-4092-B0A6-B0B12CBAF1E0}H:\apb\apb europe\binaries\apb.exe" = protocol=17 | dir=in | app=h:\apb\apb europe\binaries\apb.exe |
"UDP Query User{AEE1E829-4ADC-4D3D-BDD0-B88A5223CEF8}C:\users\dale\desktop\hacks\spynet__rat_\spynet [rat]\spynet.exe" = protocol=17 | dir=in | app=c:\users\dale\desktop\hacks\spynet__rat_\spynet [rat]\spynet.exe |
"UDP Query User{BB9B026A-58F3-4AD5-A543-F1192BF29C95}C:\users\dale\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\dale\program files\dna\btdna.exe |
"UDP Query User{C1F26445-DAC2-4BA4-933A-5AB3BE743A5A}C:\program files\spring\springlobby.exe" = protocol=17 | dir=in | app=c:\program files\spring\springlobby.exe |
"UDP Query User{C6850D01-4B93-40D6-8BCC-66E42D0DAAC5}C:\program files\steam\steamapps\dsdale\dystopia\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\dystopia\hl2.exe |
"UDP Query User{D194419C-0653-4FA3-9B23-ED0C7FC2C533}C:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\half-life 2 deathmatch\hl2.exe |
"UDP Query User{D6790BE4-A8DB-4093-B452-B325163E2F4E}E:\xfire\xfire.exe" = protocol=17 | dir=in | app=e:\xfire\xfire.exe |
"UDP Query User{E50B6575-A5BD-46BB-AA2F-A68ED287BEE3}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{E91D9A37-F57D-4457-8BDE-318B6849BE3D}C:\program files\steam\steamapps\dsdale\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dsdale\insurgency\hl2.exe |
"UDP Query User{F029BFE1-178D-47D0-86B0-E2148EC1DA17}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{F36F720C-C8C5-43FB-89E0-82D5FF2E7C30}C:\program files\nonoh.net\nonoh\nonoh.exe" = protocol=17 | dir=in | app=c:\program files\nonoh.net\nonoh\nonoh.exe |
"UDP Query User{F44F9C01-D1E6-4DF2-A30B-EEEFC61CB46E}C:\program files\spring\springdownloader.exe" = protocol=17 | dir=in | app=c:\program files\spring\springdownloader.exe |
"UDP Query User{F7EBF394-672B-40BA-93FE-39886B80D370}C:\program files\turkojan\client.exe" = protocol=17 | dir=in | app=c:\program files\turkojan\client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0117713F-9BB5-E61B-686F-D63C156E63F6}" = Catalyst Control Center Core Implementation
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{041FE46C-4EEA-06AE-4562-00A899F5A0FB}" = CCC Help English
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{204D48C5-6231-4955-83EC-623DCB437FD9}_is1" = Emerald Viewer 1.23.5.1101
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.42
"{25668C6A-4ECB-3842-B85F-6F663B4E3A38}" = Strawberry Perl
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 5.009.00
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3BC1954F-F5C9-4ED2-BB2A-BAEEF4DAC74D}" = TortoiseSVN 1.6.3.16613 (32 bit)
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5934808D-F536-2B3F-A488-F53372854C69}" = ccc-core-static
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{610E64BA-F306-6C12-F882-F76CD244A3C2}" = Catalyst Control Center Graphics Light
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68BC06A7-FC85-D463-48BE-3EBFD9747C7E}" = Catalyst Control Center HydraVision Full
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133
"{6F9B9AEB-00D8-4000-AD5B-7E97E85571DE}" = ScopeUserGuide
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D5B8F9D-00F6-4F71-87E0-C43C043A018E}" = Logitech Motion Detector Gadget
"{8DE98D27-6F65-90E4-0F46-A0FCAEEB8D5B}" = Catalyst Control Center Graphics Previews Common
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96B784E2-F4D7-38A5-E9DD-6CC093B07C58}" = Catalyst Control Center Graphics Full New
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A62892A7-9D90-4A58-8FFF-78FC5A2BC3C5}" = OpenOffice.org 3.2
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A7E110EF-3B05-4CCD-3CB7-3D373325D43A}" = Catalyst Control Center InstallProxy
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3A0347D-6F37-40E3-AC66-85529088649F}_is1" = Mz Vista Force v2.2
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BCDD3356-B5B2-9D0F-3776-8D5E28893F82}" = ccc-utility
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C19AB6C4-BBD0-49EF-927D-9C7CB80BC0B0}" = MapleStory
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6B29F03-4D97-3B4E-D906-70958E6B1448}" = HydraVision
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}" = Catalyst Control Center - Branding
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}" = VGA Utility
"{D2D15362-27A7-9D88-35B2-C04697E4CD94}" = Catalyst Control Center Graphics Previews Vista
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.00
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"{D85EE6FC-1263-3A84-CEB7-A53E97B6A835}" = ATI Catalyst Install Manager
"{DDD9BB0C-C116-91D3-A45B-FA3291781BB0}" = Catalyst Control Center Graphics Full Existing
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2EC3CA2-1136-45C1-B5AE-AB03DED6E98C}" = Logitech QuickCapture Gadget
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Age of Mythology 1.0" = Age of Mythology
"AhnLab Online Security" = AhnLab Online Security
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"APB Europe" = APB Europe
"AutoHotkey" = AutoHotkey 1.0.48.05
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Build Your Own Net Dream" = Build Your Own Net Dream (remove only)
"CCleaner" = CCleaner
"CoD RconTool" = CoD RconTool
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DBManager Standard_is1" = DBManager 3.2.4
"D-Day" = D-Day
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ERUNT_is1" = ERUNT 1.1j
"Europe MapleStory_is1" = Europe MapleStory
"FBDBServer_2_0_is1" = Firebird 2.1.0.16780 (Win32)
"File Recover_is1" = File Recover 7.5
"FileZilla Client" = FileZilla Client 3.3.2.1
"Fraps" = Fraps (remove only)
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"FreshDevices - FreshUI_is1" = FreshUI
"G15_TeamSpeak" = G15_TeamSpeak (NSIS)
"Game Booster_is1" = Game Booster
"Google Updater" = Google Updater
"Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 2.2.0.1
"HashTab" = HashTab 2.3.0
"HLSW_is1" = HLSW v1.3.2.1
"Hospital" = Theme Hospital
"ImgBurn" = ImgBurn
"InfraRecorder" = InfraRecorder
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InterActual Player" = InterActual Player
"KeyText_is1" = KeyText v3
"Lexmark X6100 Series" = Lexmark X6100 Series
"LimeWire" = LimeWire 5.4.6
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MTA:SA" = MTA:SA v1.0.4-rc-1783
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Recuva" = Recuva
"SAM3" = SAM3 (remove only)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Silent Hunter II" = Silent Hunter II
"SourceForts" = SourceForts
"Speccy" = Speccy
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"Spotify" = Spotify
"Spring" = Spring 0.80.5.1
"Spring 1944" = Spring 1944 Lyuban (1.07)
"Steam App 17580" = Dystopia
"Steam App 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 4000" = Garry's Mod
"Steam App 500" = Left 4 Dead
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"TreeSize Free_is1" = TreeSize Free V2.3.3
"Trinity GunZ 6.4.0" = Trinity GunZ 6.4.0
"TS Admin-Client 2_is1" = TS Admin-Client 2.2.3-alpha [Build: 1485]
"Turkojan_is1" = Turkojan 4.0
"Unlocker" = Unlocker 1.8.7
"Update Service" = Update Service
"Virtual Audio Cable 4.04" = Virtual Audio Cable 4.04
"VistaGlazz_is1" = VistaGlazz 2.0
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VLC media player" = VLC media player 0.9.9
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
ark.txt --:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-23 11:36:39
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Dale\AppData\Local\Temp\kwldapog.sys
---- System - GMER 1.0.15 ----
INT 0x52 ? 869EEF00
INT 0x62 ? 869EEF00
INT 0x72 ? 85085BF8
INT 0x82 ? 85085BF8
INT 0x82 ? 85085BF8
INT 0x82 ? 869EEF00
INT 0x82 ? 85085BF8
---- Kernel code sections - GMER 1.0.15 ----
? System32\Drivers\spgl.sys The system cannot find the path specified. !
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8C60B000, 0x2DE45A, 0xE8000020]
.text USBPORT.SYS!DllUnload 8CC3741B 5 Bytes JMP 869EE4E0
.text avvam9cm.SYS 8CCC8000 22 Bytes [82, 83, 80, 82, 6C, 82, 80, ...]
.text avvam9cm.SYS 8CCC8017 106 Bytes [00, 32, D7, 79, 80, 3D, D5, ...]
.text avvam9cm.SYS 8CCC8082 74 Bytes [84, 82, E7, 20, 84, 82, C6, ...]
.text avvam9cm.SYS 8CCC80CE 10 Bytes [00, 00, 00, 00, 00, 00, 02, ...]
.text avvam9cm.SYS 8CCC80DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x98CF7300, 0x3ACC8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x98D3A300, 0x1B7E, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\explorer.exe[544] ntdll.dll!NtProtectVirtualMemory 77484D34 5 Bytes JMP 0017000A
.text C:\Windows\explorer.exe[544] ntdll.dll!NtWriteVirtualMemory 77485674 5 Bytes JMP 0018000A
.text C:\Windows\explorer.exe[544] ntdll.dll!KiUserExceptionDispatcher 77485DC8 5 Bytes JMP 0016000A
.text C:\Windows\Explorer.EXE[852] ntdll.dll!NtProtectVirtualMemory 77484D34 5 Bytes JMP 016A000A
.text C:\Windows\Explorer.EXE[852] ntdll.dll!NtWriteVirtualMemory 77485674 5 Bytes JMP 016B000A
.text C:\Windows\Explorer.EXE[852] ntdll.dll!KiUserExceptionDispatcher 77485DC8 5 Bytes JMP 007C000A
.text C:\Windows\system32\svchost.exe[1152] ntdll.dll!NtProtectVirtualMemory 77484D34 5 Bytes JMP 001B000A
.text C:\Windows\system32\svchost.exe[1152] ntdll.dll!NtWriteVirtualMemory 77485674 5 Bytes JMP 001C000A
.text C:\Windows\system32\svchost.exe[1152] ntdll.dll!KiUserExceptionDispatcher 77485DC8 5 Bytes JMP 001A000A
.text C:\Windows\system32\svchost.exe[1152] ole32.dll!CoCreateInstance 76819EA6 5 Bytes JMP 0022000A
.text C:\Windows\system32\svchost.exe[1152] USER32.dll!GetCursorPos 76740B88 5 Bytes JMP 00C5000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3660] ntdll.dll!NtProtectVirtualMemory 77484D34 5 Bytes JMP 01B9000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3660] ntdll.dll!NtWriteVirtualMemory 77485674 5 Bytes JMP 01BA000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3660] ntdll.dll!KiUserExceptionDispatcher 77485DC8 5 Bytes JMP 009F000A
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 85A1D1F8
Device \Driver\volmgr \Device\VolMgrControl 850871F8
Device \Driver\usbuhci \Device\USBPDO-0 86AAB1F8
Device \Driver\usbuhci \Device\USBPDO-1 86AAB1F8
Device \Driver\usbuhci \Device\USBPDO-2 86AAB1F8
Device \Driver\usbuhci \Device\USBPDO-3 86AAB1F8
Device \Driver\usbehci \Device\USBPDO-4 86AAC1F8
Device \Driver\PCI_PNP5250 \Device\00000061 spgl.sys
Device \Driver\netbt \Device\NetBT_Tcpip_{D7E79CEE-6FB3-488C-9B11-4DE437A3827C} 86FF81F8
Device \Driver\sptd \Device\1073597262 spgl.sys
Device \Driver\volmgr \Device\HarddiskVolume1 850871F8
Device \Driver\volmgr \Device\HarddiskVolume2 850871F8
Device \Driver\cdrom \Device\CdRom0 86AAD1F8
Device \Driver\volmgr \Device\HarddiskVolume3 850871F8
Device \Driver\cdrom \Device\CdRom1 86AAD1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 85A1C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 85A1C1F8
Device \Driver\atapi \Device\Ide\IdePort0 85A1C1F8
Device \Driver\atapi \Device\Ide\IdePort1 85A1C1F8
Device \Driver\atapi \Device\Ide\IdePort2 85A1C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 85A1C1F8
Device \Driver\cdrom \Device\CdRom2 86AAD1F8
Device \Driver\netbt \Device\NetBt_Wins_Export 86FF81F8
Device \Driver\Smb \Device\NetbiosSmb 8718B1F8
Device \Driver\iScsiPrt \Device\RaidPort0 86B191F8
Device \Driver\usbuhci \Device\USBFDO-0 86AAB1F8
Device \Driver\usbuhci \Device\USBFDO-1 86AAB1F8
Device \Driver\usbuhci \Device\USBFDO-2 86AAB1F8
Device \Driver\usbuhci \Device\USBFDO-3 86AAB1F8
Device \Driver\usbehci \Device\USBFDO-4 86AAC1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{7A64FDB6-90DA-4704-9669-117D1F15F651} 86FF81F8
Device \Driver\avvam9cm \Device\Scsi\avvam9cm1 86B001F8
Device \Driver\avvam9cm \Device\Scsi\avvam9cm1Port4Path0Target1Lun0 86B001F8
Device \Driver\avvam9cm \Device\Scsi\avvam9cm1Port4Path0Target0Lun0 86B001F8
Device \FileSystem\cdfs \Cdfs 870E61F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158304a73b
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158304a73b@60d0a9a6c10c 0x11 0xFF 0x67 0xDE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7F 0x61 0x6A 0x60 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x61 0x51 0xA2 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0xD4 0x6D 0x77 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xB2 0xE7 0xF9 0xFE ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158304a73b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158304a73b@60d0a9a6c10c 0x11 0xFF 0x67 0xDE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7F 0x61 0x6A 0x60 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x61 0x51 0xA2 0x13 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0xD4 0x6D 0x77 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xB2 0xE7 0xF9 0xFE ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04214C08-E6D0-01C1-7F15-386B1C93CA38}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04214C08-E6D0-01C1-7F15-386B1C93CA38}@hahjcdldnodjfhjf 0x6A 0x61 0x63 0x65 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04214C08-E6D0-01C1-7F15-386B1C93CA38}@iabkmojmpdghkdonjb 0x63 0x61 0x6F 0x65 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04214C08-E6D0-01C1-7F15-386B1C93CA38}@ianjmlclfgiahoiifa 0x6A 0x61 0x63 0x65 ...
---- EOF - GMER 1.0.15 ----
mbam-log-2010-06-23 (10-37-08).txt --:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
23/06/2010 10:37:08 AM
mbam-log-2010-06-23 (10-37-08).txt
Scan type: Quick scan
Objects scanned: 120231
Time elapsed: 7 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
*****
(The stars represent the end of the logs block.)
Hope somebody can help me out, as I'm totally lost as to what's going on here!
NOTE: I was previously infected by a file called "sysctrls.exe" but I got rid of that myself (don't quite remember how I did it though...)
NOTE2: I have posted this from my laptop as it wouldn't post on the infected computer, I got connection reset everytime I tried to post it.
Edited by JustFKNUniqu3, 23 June 2010 - 05:08 AM.