HELP ! my desktop is super slow, it freezes before I can paste the
Started by
starla
, Jul 02 2010 06:01 PM
#1
Posted 02 July 2010 - 06:01 PM
starla
-
- Member
-
- 64 posts
Member
#2
Posted 03 July 2010 - 12:26 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
See if you can just run OTL. Step 5.
You might have better luck in Safe Mode:
http://www.computerh...sues/chsafe.htm
Ron
You might have better luck in Safe Mode:
http://www.computerh...sues/chsafe.htm
Ron
#3
Posted 14 July 2010 - 10:28 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
ok, I will try that and get you as many logs as I can ....on this desktop .
Now I have another HARD issue. MY LAPTOP *( EMACHINES) is now showing me a blue screen I have several things it has said on why windows has been stopped because of
unknown hard error/
systemroot/system32/ntdll.dll
Driver_IRQL_not_less_or_Equal
and so on, I now ALSO need help onto my laptop ....
~~ I did NOT download anything but some of your malware and otl onto it, and I opened a email with baby coupns when it stopped and now is in blue screen and windows WILL NOT work ...
THIS LAPTOP IS NOT A YEAR OLD, I AM LOOKING FOR THE RECIEPT AND I WILL CALL THIER COMPANY TODAY .. I REALLY DONT WANT TO HAVE TO SEND IT IN , ITS WINDOWS 7 , AND I DONT CARE IF I HAVE TO LOOSE PICTURES AND FAVORORITES, I JUST NEED IT WORKING , ITS FOR SCHOOL IN AUGEST , AND I HAVE FREE ADVAST ON IT, OBVIOUSLY I NEED THE BEST ANTIVIRUS, OR IS ANTIMALWARE THE SAME THING ? PLEASE TELL ME WHAT TO DO TO GET THAT WORKING AS WELL, AND I WILL SIOGN IN THERE AND SEND YOU LOGS FROM IT AS WELL, PLEASE HELP ME ... IM BEOKE AND A SINGLE MOM 2 BOYS, AND STARTING SCHOOL AGAIN IN AUGEST I APPRECIATE ANY AND ALL HELP !@!!!!!!
WILL BE BACK TONIGHT WITH LOGS FROM THIS HP DESKTOP IN MY TOPICS THIER ARE SOME FROM THIS ONE IN THOSE, BUT IT HAS BEEN AWILE AND I KNOW YOU NEED THESE NEW ONES. JUST LETTING YOU KNOW . THANK YOU VERY VERY MUCH !!! BE BACK TONIGHT .........
Now I have another HARD issue. MY LAPTOP *( EMACHINES) is now showing me a blue screen I have several things it has said on why windows has been stopped because of
unknown hard error/
systemroot/system32/ntdll.dll
Driver_IRQL_not_less_or_Equal
and so on, I now ALSO need help onto my laptop ....
~~ I did NOT download anything but some of your malware and otl onto it, and I opened a email with baby coupns when it stopped and now is in blue screen and windows WILL NOT work ...THIS LAPTOP IS NOT A YEAR OLD, I AM LOOKING FOR THE RECIEPT AND I WILL CALL THIER COMPANY TODAY .. I REALLY DONT WANT TO HAVE TO SEND IT IN , ITS WINDOWS 7 , AND I DONT CARE IF I HAVE TO LOOSE PICTURES AND FAVORORITES, I JUST NEED IT WORKING , ITS FOR SCHOOL IN AUGEST , AND I HAVE FREE ADVAST ON IT, OBVIOUSLY I NEED THE BEST ANTIVIRUS, OR IS ANTIMALWARE THE SAME THING ? PLEASE TELL ME WHAT TO DO TO GET THAT WORKING AS WELL, AND I WILL SIOGN IN THERE AND SEND YOU LOGS FROM IT AS WELL, PLEASE HELP ME ... IM BEOKE AND A SINGLE MOM 2 BOYS, AND STARTING SCHOOL AGAIN IN AUGEST I APPRECIATE ANY AND ALL HELP !@!!!!!!
WILL BE BACK TONIGHT WITH LOGS FROM THIS HP DESKTOP IN MY TOPICS THIER ARE SOME FROM THIS ONE IN THOSE, BUT IT HAS BEEN AWILE AND I KNOW YOU NEED THESE NEW ONES. JUST LETTING YOU KNOW . THANK YOU VERY VERY MUCH !!! BE BACK TONIGHT .........
#5
Posted 15 July 2010 - 11:00 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
I have tried that , IT WILL NOT let me in , it says windows has been stopped because of maliuos ... ? and I cant get it to let me in to that point ... also I dont have a windows 7 cd IT came with that on the laptop any help ???
#6
Posted 15 July 2010 - 11:04 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
when I press F8 it makes a loud beeping sound ....
#7
Posted 15 July 2010 - 11:11 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
just tried again ... it says stop unknown hard error (LAPTOP)
systemroot/systen32/ ntdll.dll
then some other times it says IRQL-NOT-LESS-OR-EQUAL
???????????????????????????? HELP
SHOULD i OPEN A DIFF TOPIC ON THE DESKTOP , AND LEAVE THIS ONE FOR MY LAPTOP / ? OR JUST PUT AT TOP OF EACH POST WHICH IS WHAT .. LOL
systemroot/systen32/ ntdll.dll
then some other times it says IRQL-NOT-LESS-OR-EQUAL
???????????????????????????? HELP
SHOULD i OPEN A DIFF TOPIC ON THE DESKTOP , AND LEAVE THIS ONE FOR MY LAPTOP / ? OR JUST PUT AT TOP OF EACH POST WHICH IS WHAT .. LOL
Edited by starla, 15 July 2010 - 11:13 AM.
#8
Posted 15 July 2010 - 11:44 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
~~~~~~~~~~~DESKTOP OTL ~ SCAN AND EXTRAS...
OTL logfile created on: 7/15/2010 1:27:56 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 46.13 Gb Free Space | 41.27% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 217.40 Gb Free Space | 93.37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-14EA5791F
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/12/08 21:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/11/24 19:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/29 09:36:13 | 001,506,544 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/10/03 22:39:54 | 000,554,264 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008/10/03 22:23:30 | 004,344,472 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008/09/08 17:48:16 | 000,539,160 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
PRC - [2008/09/08 17:48:14 | 001,378,840 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe
PRC - [2008/09/08 17:48:14 | 000,592,408 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe
PRC - [2008/09/08 17:48:12 | 004,910,104 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe
PRC - [2008/08/22 05:02:34 | 000,390,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
PRC - [2008/06/29 18:01:01 | 000,052,168 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2008/04/24 09:44:26 | 001,238,344 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\rserver3.exe
PRC - [2008/04/24 09:44:14 | 000,099,720 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\FamItrfc.Exe
PRC - [2008/04/24 04:32:30 | 000,598,016 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008/04/24 04:31:54 | 000,176,128 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008/04/13 23:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/11 23:10:10 | 000,506,344 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2008/03/31 21:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2008/01/29 22:19:32 | 000,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2007/09/13 21:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/06/27 20:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 20:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/03/21 15:23:30 | 006,485,528 | ---- | M] (3M) -- C:\Program Files\3M\PDNotes\PDNotes.exe
PRC - [2004/08/02 01:28:56 | 000,454,723 | ---- | M] (TotalRC.net) -- c:\totalrc\totalrc.exe
PRC - [2004/01/23 16:43:16 | 000,821,760 | ---- | M] (Ingmar Jorgensen Software) -- C:\Program Files\CD Drive Tool\CDDriveTool.exe
PRC - [2003/05/28 06:08:55 | 000,077,824 | ---- | M] (Jetico, Inc.) -- C:\Program Files\Jetico\BestCrypt\BCResident.exe
PRC - [2002/09/05 23:07:32 | 000,095,232 | ---- | M] () -- C:\Program Files\Customizer XP\RAM_2K.exe
========== Modules (SafeList) ==========
MOD - [2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2009/11/24 19:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008/04/13 23:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2001/07/31 06:12:04 | 000,049,152 | ---- | M] (Jetico, Inc.) -- C:\WINDOWS\system32\hplun.dll
MOD - [2001/03/09 12:35:14 | 000,142,848 | ---- | M] (Totalrc.net) -- c:\totalrc\hookagnt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/28 10:29:58 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/03 22:39:54 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/09/08 17:48:16 | 000,539,160 | R--- | M] (Symantec) [Auto | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe -- (SymantecAntiBotWatcher)
SRV - [2008/09/08 17:48:12 | 004,910,104 | R--- | M] (Symantec) [Auto | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe -- (SymantecAntiBotAgent)
SRV - [2008/04/24 09:44:26 | 001,238,344 | ---- | M] (Famatech International Corp.) [Auto | Running] -- C:\WINDOWS\System32\rserver30\RServer3.exe -- (RServer3)
SRV - [2008/04/24 04:32:30 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/04/24 04:31:54 | 000,176,128 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2007/08/24 16:53:16 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 16:53:14 | 000,072,176 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 16:52:48 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 16:52:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 16:52:38 | 001,083,888 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2004/08/02 01:28:56 | 000,454,723 | ---- | M] (TotalRC.net) [Auto | Running] -- c:\totalrc\totalrc.exe -- (TotalRC)
SRV - [2001/07/24 11:15:53 | 000,241,664 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\r_server.exe -- (r_server)
========== Driver Services (SafeList) ==========
DRV - [2009/11/24 19:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 19:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 19:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 19:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 19:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 19:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/09/01 02:27:23 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2008/10/29 10:27:03 | 000,971,168 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm140.sys -- (tdrpman140) Acronis Try&Decide and Restore Points filter (build 140)
DRV - [2008/10/29 10:27:01 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/10/29 10:27:01 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/10/29 10:26:58 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2008/09/08 17:48:42 | 000,161,304 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotDriver.sys -- (SymantecAntiBotDriver)
DRV - [2008/09/08 17:48:42 | 000,027,280 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotShim.sys -- (SymantecAntiBotShim)
DRV - [2008/09/08 17:48:40 | 000,029,720 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotFilter.sys -- (SymantecAntiBotFilter)
DRV - [2008/08/01 18:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 18:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/07/21 08:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/07/16 20:12:47 | 000,028,672 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008/06/04 21:43:14 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008/05/28 11:33:38 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/05/28 11:33:36 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/05/28 11:33:36 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/24 09:49:26 | 000,045,848 | ---- | M] (Famatech International Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2008/04/13 16:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/22 17:37:20 | 000,113,896 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2008/01/25 21:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2007/11/17 15:46:38 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2007/10/25 06:29:00 | 004,623,872 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/18 04:09:04 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/01/29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006/11/01 07:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/05/09 22:50:00 | 003,535,680 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 11:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 11:20:42 | 000,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 11:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2004/12/15 15:18:32 | 000,220,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 15:18:28 | 000,703,232 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 15:18:26 | 001,038,208 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/10/26 12:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [2003/11/04 17:30:54 | 000,015,915 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_SERPENT.sys -- (BC_SERPENT)
DRV - [2003/11/04 17:29:32 | 000,012,041 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_RC6.sys -- (BC_RC6)
DRV - [2003/10/31 12:49:42 | 000,043,101 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_rijn.sys -- (BC_RIJN)
DRV - [2003/10/31 12:46:46 | 000,016,025 | ---- | M] (Iarsn) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_IDEA.sys -- (BC_IDEA)
DRV - [2003/10/31 12:17:44 | 000,020,793 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_CAST.sys -- (BC_CAST)
DRV - [2003/10/31 12:15:12 | 000,012,779 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_BF448.sys -- (BC_BF448)
DRV - [2003/10/31 12:13:50 | 000,012,779 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_BF128.sys -- (BC_BF128)
DRV - [2003/10/31 12:08:28 | 000,018,249 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_3DES.sys -- (BC_3DES)
DRV - [2003/10/31 04:37:12 | 000,027,631 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bcbus.sys -- (bcbus)
DRV - [2003/10/31 02:51:22 | 000,031,639 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_tfish.sys -- (BC_TFISH)
DRV - [2003/10/31 02:46:16 | 000,014,013 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_gost.sys -- (BC_Gost)
DRV - [2003/10/31 02:19:02 | 000,017,991 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_des.sys -- (BC_DES)
DRV - [2003/10/31 02:17:00 | 000,012,747 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_bfish.sys -- (BC_BFish)
DRV - [2003/04/18 05:41:50 | 000,008,448 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fsh.sys -- (fsh)
DRV - [2002/09/11 02:09:48 | 000,083,456 | ---- | M] (Jetico, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\BCSwap.sys -- (BCSWAP)
DRV - [2002/09/11 02:08:52 | 000,003,328 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\moh.sys -- (moh)
DRV - [2002/09/11 02:01:16 | 000,006,272 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mhk.sys -- (mhk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.2
FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/05/07 22:18:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/05 23:01:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/19 12:13:10 | 000,000,000 | ---D | M]
[2008/10/28 01:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/12 13:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions
[2010/01/12 13:45:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/10/28 01:23:26 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/07/10 13:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/04/19 12:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/19 12:13:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/02/11 15:16:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2008/10/29 09:22:05 | 000,005,404 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 15 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Reactor.Net Toolbar) - {b23920f4-4c2f-412b-9450-1d7028d5454e} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Reactor.Net Toolbar) - {b23920f4-4c2f-412b-9450-1d7028d5454e} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Reactor.Net Toolbar) - {B23920F4-4C2F-412B-9450-1D7028D5454E} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CD Drive Tool] C:\Program Files\CD Drive Tool\CDDriveTool.exe (Ingmar Jorgensen Software)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [muBlinder] C:\PROGRAMS\Net & Comm\Microsoft Update Blinder V3.60\muBlinder.exe (KRX)
O4 - HKLM..\Run: [NortonAntiBot] C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe (Symantec)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BestCrypt Auto Open.lnk = C:\Program Files\Jetico\BestCrypt\BestCrypt.exe (Jetico, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Post-it® Digital Notes.lnk = C:\Program Files\3M\PDNotes\PDNotes.exe (3M)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.24\AMVConverter\grab.html ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} http://w4s2.work4sur...ge/w4sgeen9.exe (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1228543572781 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1251782170888 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (hplun.dll) - C:\WINDOWS\System32\hplun.dll (Jetico, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/17 10:56:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell - "" = AutoRun
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell - "" = AutoRun
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/07/15 13:26:44 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/06/30 00:41:12 | 000,000,000 | ---D | C] -- C:\unzipped
[2010/06/29 23:30:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/06/29 23:30:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/29 23:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/29 23:30:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/29 23:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:08 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/06/29 23:25:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/29 23:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/29 23:23:52 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2010/06/29 22:34:48 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/07/15 13:11:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/15 11:59:26 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{00BE951F-F700-412E-B292-75B4815F0D81}.job
[2010/07/14 23:11:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/13 22:39:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/07/13 22:39:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/13 22:39:03 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/13 22:38:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/30 00:34:26 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/06/29 23:47:01 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/06/29 23:46:35 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/06/29 23:30:25 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:29:08 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/06/29 23:25:17 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/06/29 23:25:17 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/06/29 23:23:57 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2010/06/29 22:34:49 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/06/30 00:34:25 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/06/29 23:30:25 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:25:17 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/06/29 23:25:17 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2008/11/13 16:19:40 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 11:30:20 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/10/29 09:28:00 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/10/28 10:03:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/28 07:06:53 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/28 07:06:50 | 000,573,440 | R--- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/10/28 07:06:50 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/10/28 06:28:20 | 000,000,156 | ---- | C] () -- C:\WINDOWS\WinDrvGhost.ini
[2008/10/28 05:56:23 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/21 06:22:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2004/05/12 01:31:54 | 000,005,729 | ---- | C] () -- C:\WINDOWS\PWRPLAY.INI
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
< End of report >
*(( WANT YOU TO KNOW A FEW YEARS AGO I HAD A GUY NAMED DOC' FIX' THIS PC AND EVER SINCE THEN, MY CARD READERS WILL NOT WORK, AND HE SAID I CANT HAVE GUEST ACCOUNTS', AND HE ALSO INSTALLED A XTRA 250 SATS HARD DRIVE THAT HE SAID I CAN ONLY USE AS A BACK UP STORAGE SPACE......) HE ADDED ALOT OF THESE PROGRAMS AND IF THEY ARE SLOWING ME DOWN I DONT USE' MANY OF THEM, AND THEY CAN GO !!! PLEASE HELP,
NOW HERE ARE OTL XTRAS ~~ ???
THIS IS THE XTRAS IT MIGHT BE THE SAME THING I DONT KNOW ....
OTL Extras logfile created on: 7/15/2010 1:27:56 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 46.13 Gb Free Space | 41.27% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 217.40 Gb Free Space | 93.37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-14EA5791F
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 10.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\WampEnq.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4898:TCP" = 4898:TCP:*:Enabled:R3 TCP
"4898:UDP" = 4898:UDP:*:Enabled:R3 UDP
"4899:TCP" = 4899:TCP:*:Enabled:R2 TCP
"4899:UDP" = 4899:UDP:*:Enabled:R2 UDP
"6699:TCP" = 6699:TCP:*:Enabled:WinMx TCP
"6257:UDP" = 6257:UDP:*:Enabled:WinMx UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" = C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe:*:Enabled:RoxioUPnPRenderer10 -- (Sonic Solutions)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\rserver30\rserver3.exe" = C:\WINDOWS\system32\rserver30\rserver3.exe:*:Enabled:Radmin Server 3 -- (Famatech International Corp.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\winmx v3.54 Beta 4\WinMX.exe" = C:\winmx v3.54 Beta 4\WinMX.exe:*:Enabled:winmx v3.54 Beta 4 -- (Frontcode Technologies)
"C:\Program Files\Trillian\trillian.exe" = C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe" = C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus -- (ALWIL Software)
"C:\totalrc\totalrc.exe" = C:\totalrc\totalrc.exe:*:Enabled:totalrc.exe -- (TotalRC.net)
"C:\WINDOWS\system32\r_server.exe" = C:\WINDOWS\system32\r_server.exe:*:Enabled:r_server.exe -- ()
"C:\Program Files\Microsoft Virtual PC\Virtual PC.exe" = C:\Program Files\Microsoft Virtual PC\Virtual PC.exe:*:Enabled:Virtual PC 2007 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" = C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe:*:Enabled:RoxioUPnPRenderer10 -- (Sonic Solutions)
"C:\Program Files\Roxio\Creator Classic 10\Creator10.exe" = C:\Program Files\Roxio\Creator Classic 10\Creator10.exe:*:Enabled:Creator10 -- (Sonic Solutions)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05B7B9BA-9EBC-4C5B-933D-49F372EFE7A1}" = Adobe Photoshop CS4
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0F99EAFA-4054-4ABC-A3D3-D2299210572F}" = Adobe Bridge CS4
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17FE8F8E-D8FA-440E-9ACF-3C51787E7225}" = FolderSizes 4
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 20
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.24
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1C9D1DA-7803-4586-B509-450009938312}" = Adobe Setup
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2DC6BC-F088-46DD-994B-07F6C5A32EC1}" = Post-it® Digital Notes
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_931" = Adobe Acrobat 9.3.1 - CPSID_50570
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B81247D5-C5A7-4552-A143-E957658C1957}" = CD Drive Tool
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4418DF9-5B57-4C5D-ACC2-D6B1338CCE09}" = Photoshop Camera Raw
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED87EE42-C14B-4119-8686-C3A630F2A463}" = Radmin Server 3.2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F75C5363-5988-4230-9D5A-567CEAE5D07F}" = Norton AntiBot
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Add/Remove Plus! 2004" = Add/Remove Plus! 2004
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_b741c3c52d3108664cedeb2b76f6d96" = Adobe Photoshop CS4
"Album List" = Album List for Winamp v2.06 (remove only)
"Allway Sync_is1" = Allway Sync version 9.0.1
"Ask Toolbar_is1" = Ask Toolbar
"avast!" = avast! Antivirus
"Belltech Business Card Designer Pro 3.0_is1" = Belltech Business Card Designer Pro 3.0
"Belltech Greeting Card Designer 3.0_is1" = Belltech Greeting Card Designer 3.0
"Belltech Label Maker With Data Merge 2.0_is1" = Belltech Label Maker With Data Merge 2.0
"Belltech Small Business Publisher 3.0_is1" = Belltech Small Business Publisher 3.0
"BestCrypt" = BestCrypt 7.0
"BurnInTest_is1" = BurnInTest v5.3 Pro
"Canon MP190 series User Registration" = Canon MP190 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"Collectorz.com Movie Collector" = Collectorz.com Movie Collector
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-05-17
"CoreAVC Professional Edition" = CoreAVC Professional Edition
"Customizer XP_is1" = Customizer XP
"DisplaySwitch Platinum_is1" = DisplaySwitch Platinum 1.0
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Driver Magician_is1" = Driver Magician 3.32
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FlashGet" = FlashGet 1.8.8.1010
"FolderSizes 4" = FolderSizes 4
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQ" = ICQ
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"KeyScrambler" = KeyScrambler
"Magnify" = Magnify
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MeaningData.com FolderIcon" = FolderIcon XP 1.0 - MeaningData.com
"MetaProducts StartUp Organizer" = MetaProducts StartUp Organizer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Winamp Remote
"Registry First Aid Platinum_is1" = Registry First Aid Platinum
"Registry Toolkit_is1" = Registry Toolkit 1.2.6
"StormPredator_3.10" = StormPredator 3.25 Trial Version
"The KMPlayer" = The KMPlayer
"TorrentReactor.Net Toolbar" = TorrentReactor.Net Toolbar
"Trillian" = Trillian
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Unlocker" = Unlocker 1.8.7
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VideoLAN VLC media player 0.8.6f
"VoptXP v7.21" = VoptXP v7.21
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Winamp PowerPlayer" = PowerPlayer II
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Windows Live Safety Scanner" = Windows Live Safety Scanner
"Windows Sidebar" = Windows Sidebar
"WinDriver Ghost Enterprise 2.06" = WinDriver Ghost Enterprise 2.06
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WinZip" = WinZip
"Wondershare YouTube Downloader_is1" = Wondershare YouTube Downloader(Build 1.2.0)
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Your Uninstaller! 2008_is1" = Your Uninstaller! 2008 Version 6.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"MXpie Patch" = MXpie Patch for WinMX Network/WPNP 3.6.3.6
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 5/24/2010 2:54:17 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 2:54:17 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:55:50 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:55:50 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:56:03 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:56:03 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:56:12 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:56:12 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:57:37 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:57:37 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
[ Application Events ]
Error - 7/1/2010 5:15:03 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/1/2010 6:55:54 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/1/2010 8:36:49 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/2/2010 1:45:15 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
Error - 7/11/2010 7:53:55 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/11/2010 7:53:56 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/11/2010 7:53:56 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
Error - 7/13/2010 10:40:06 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/13/2010 10:40:06 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/13/2010 10:40:07 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
[ System Events ]
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Remote Administrator
Service service to connect.
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7000
Description = The Remote Administrator Service service failed to start due to the
following error: %%1053
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7000
Description = The SessionLauncher service failed to start due to the following error:
%%3
< End of report >
OTL logfile created on: 7/15/2010 1:27:56 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 46.13 Gb Free Space | 41.27% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 217.40 Gb Free Space | 93.37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-14EA5791F
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/12/08 21:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/11/24 19:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/29 09:36:13 | 001,506,544 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/10/03 22:39:54 | 000,554,264 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008/10/03 22:23:30 | 004,344,472 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008/09/08 17:48:16 | 000,539,160 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
PRC - [2008/09/08 17:48:14 | 001,378,840 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe
PRC - [2008/09/08 17:48:14 | 000,592,408 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe
PRC - [2008/09/08 17:48:12 | 004,910,104 | R--- | M] (Symantec) -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe
PRC - [2008/08/22 05:02:34 | 000,390,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
PRC - [2008/06/29 18:01:01 | 000,052,168 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2008/04/24 09:44:26 | 001,238,344 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\rserver3.exe
PRC - [2008/04/24 09:44:14 | 000,099,720 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\FamItrfc.Exe
PRC - [2008/04/24 04:32:30 | 000,598,016 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008/04/24 04:31:54 | 000,176,128 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008/04/13 23:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/11 23:10:10 | 000,506,344 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2008/03/31 21:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2008/01/29 22:19:32 | 000,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2007/09/13 21:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/06/27 20:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 20:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/03/21 15:23:30 | 006,485,528 | ---- | M] (3M) -- C:\Program Files\3M\PDNotes\PDNotes.exe
PRC - [2004/08/02 01:28:56 | 000,454,723 | ---- | M] (TotalRC.net) -- c:\totalrc\totalrc.exe
PRC - [2004/01/23 16:43:16 | 000,821,760 | ---- | M] (Ingmar Jorgensen Software) -- C:\Program Files\CD Drive Tool\CDDriveTool.exe
PRC - [2003/05/28 06:08:55 | 000,077,824 | ---- | M] (Jetico, Inc.) -- C:\Program Files\Jetico\BestCrypt\BCResident.exe
PRC - [2002/09/05 23:07:32 | 000,095,232 | ---- | M] () -- C:\Program Files\Customizer XP\RAM_2K.exe
========== Modules (SafeList) ==========
MOD - [2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2009/11/24 19:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008/04/13 23:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2001/07/31 06:12:04 | 000,049,152 | ---- | M] (Jetico, Inc.) -- C:\WINDOWS\system32\hplun.dll
MOD - [2001/03/09 12:35:14 | 000,142,848 | ---- | M] (Totalrc.net) -- c:\totalrc\hookagnt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/28 10:29:58 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/03 22:39:54 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/09/08 17:48:16 | 000,539,160 | R--- | M] (Symantec) [Auto | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe -- (SymantecAntiBotWatcher)
SRV - [2008/09/08 17:48:12 | 004,910,104 | R--- | M] (Symantec) [Auto | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe -- (SymantecAntiBotAgent)
SRV - [2008/04/24 09:44:26 | 001,238,344 | ---- | M] (Famatech International Corp.) [Auto | Running] -- C:\WINDOWS\System32\rserver30\RServer3.exe -- (RServer3)
SRV - [2008/04/24 04:32:30 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/04/24 04:31:54 | 000,176,128 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2007/08/24 16:53:16 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 16:53:14 | 000,072,176 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 16:52:48 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 16:52:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 16:52:38 | 001,083,888 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2004/08/02 01:28:56 | 000,454,723 | ---- | M] (TotalRC.net) [Auto | Running] -- c:\totalrc\totalrc.exe -- (TotalRC)
SRV - [2001/07/24 11:15:53 | 000,241,664 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\r_server.exe -- (r_server)
========== Driver Services (SafeList) ==========
DRV - [2009/11/24 19:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 19:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 19:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 19:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 19:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 19:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/09/01 02:27:23 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2008/10/29 10:27:03 | 000,971,168 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm140.sys -- (tdrpman140) Acronis Try&Decide and Restore Points filter (build 140)
DRV - [2008/10/29 10:27:01 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/10/29 10:27:01 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/10/29 10:26:58 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2008/09/08 17:48:42 | 000,161,304 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotDriver.sys -- (SymantecAntiBotDriver)
DRV - [2008/09/08 17:48:42 | 000,027,280 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotShim.sys -- (SymantecAntiBotShim)
DRV - [2008/09/08 17:48:40 | 000,029,720 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\Norton AntiBot\agent\driver\AntiBotFilter.sys -- (SymantecAntiBotFilter)
DRV - [2008/08/01 18:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 18:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/07/21 08:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/07/16 20:12:47 | 000,028,672 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008/06/04 21:43:14 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008/05/28 11:33:38 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/05/28 11:33:36 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/05/28 11:33:36 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/24 09:49:26 | 000,045,848 | ---- | M] (Famatech International Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2008/04/13 16:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/22 17:37:20 | 000,113,896 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2008/01/25 21:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2007/11/17 15:46:38 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2007/10/25 06:29:00 | 004,623,872 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/18 04:09:04 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/01/29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006/11/01 07:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/05/09 22:50:00 | 003,535,680 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 11:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 11:20:42 | 000,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 11:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2004/12/15 15:18:32 | 000,220,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 15:18:28 | 000,703,232 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 15:18:26 | 001,038,208 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/10/26 12:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [2003/11/04 17:30:54 | 000,015,915 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_SERPENT.sys -- (BC_SERPENT)
DRV - [2003/11/04 17:29:32 | 000,012,041 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_RC6.sys -- (BC_RC6)
DRV - [2003/10/31 12:49:42 | 000,043,101 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_rijn.sys -- (BC_RIJN)
DRV - [2003/10/31 12:46:46 | 000,016,025 | ---- | M] (Iarsn) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_IDEA.sys -- (BC_IDEA)
DRV - [2003/10/31 12:17:44 | 000,020,793 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_CAST.sys -- (BC_CAST)
DRV - [2003/10/31 12:15:12 | 000,012,779 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_BF448.sys -- (BC_BF448)
DRV - [2003/10/31 12:13:50 | 000,012,779 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_BF128.sys -- (BC_BF128)
DRV - [2003/10/31 12:08:28 | 000,018,249 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BC_3DES.sys -- (BC_3DES)
DRV - [2003/10/31 04:37:12 | 000,027,631 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bcbus.sys -- (bcbus)
DRV - [2003/10/31 02:51:22 | 000,031,639 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_tfish.sys -- (BC_TFISH)
DRV - [2003/10/31 02:46:16 | 000,014,013 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_gost.sys -- (BC_Gost)
DRV - [2003/10/31 02:19:02 | 000,017,991 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_des.sys -- (BC_DES)
DRV - [2003/10/31 02:17:00 | 000,012,747 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\bc_bfish.sys -- (BC_BFish)
DRV - [2003/04/18 05:41:50 | 000,008,448 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fsh.sys -- (fsh)
DRV - [2002/09/11 02:09:48 | 000,083,456 | ---- | M] (Jetico, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\BCSwap.sys -- (BCSWAP)
DRV - [2002/09/11 02:08:52 | 000,003,328 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\moh.sys -- (moh)
DRV - [2002/09/11 02:01:16 | 000,006,272 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mhk.sys -- (mhk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.2
FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/05/07 22:18:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/05 23:01:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/19 12:13:10 | 000,000,000 | ---D | M]
[2008/10/28 01:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/12 13:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions
[2010/01/12 13:45:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/10/28 01:23:26 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/07/10 13:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3m9h1jm5.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/04/19 12:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/19 12:13:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/02/11 15:16:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2008/10/29 09:22:05 | 000,005,404 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 15 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Reactor.Net Toolbar) - {b23920f4-4c2f-412b-9450-1d7028d5454e} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Reactor.Net Toolbar) - {b23920f4-4c2f-412b-9450-1d7028d5454e} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Reactor.Net Toolbar) - {B23920F4-4C2F-412B-9450-1D7028D5454E} - C:\Program Files\TorrentReactor.Net\tbTor1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CD Drive Tool] C:\Program Files\CD Drive Tool\CDDriveTool.exe (Ingmar Jorgensen Software)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [muBlinder] C:\PROGRAMS\Net & Comm\Microsoft Update Blinder V3.60\muBlinder.exe (KRX)
O4 - HKLM..\Run: [NortonAntiBot] C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe (Symantec)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BestCrypt Auto Open.lnk = C:\Program Files\Jetico\BestCrypt\BestCrypt.exe (Jetico, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Post-it® Digital Notes.lnk = C:\Program Files\3M\PDNotes\PDNotes.exe (3M)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.24\AMVConverter\grab.html ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} http://w4s2.work4sur...ge/w4sgeen9.exe (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1228543572781 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1251782170888 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (hplun.dll) - C:\WINDOWS\System32\hplun.dll (Jetico, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/17 10:56:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell - "" = AutoRun
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6445ea8a-6e8a-11df-ac3a-0018f330373e}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell - "" = AutoRun
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{73c05a91-2a1a-11df-ac2e-0018f330373e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/07/15 13:26:44 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/06/30 00:41:12 | 000,000,000 | ---D | C] -- C:\unzipped
[2010/06/29 23:30:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/06/29 23:30:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/29 23:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/29 23:30:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/29 23:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:08 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/06/29 23:25:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/29 23:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/29 23:23:52 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2010/06/29 22:34:48 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/07/15 13:26:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/07/15 13:11:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/15 11:59:26 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{00BE951F-F700-412E-B292-75B4815F0D81}.job
[2010/07/14 23:11:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/13 22:39:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/07/13 22:39:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/13 22:39:03 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/13 22:38:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/30 00:34:26 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/06/29 23:47:01 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/06/29 23:46:35 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/06/29 23:30:25 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:29:08 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/06/29 23:25:17 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/06/29 23:25:17 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/06/29 23:23:57 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt_setup.exe
[2010/06/29 22:34:49 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/06/30 00:34:25 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/06/29 23:30:25 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:25:17 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/06/29 23:25:17 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2008/11/13 16:19:40 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 11:30:20 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/10/29 09:28:00 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/10/28 10:03:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/28 07:06:53 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/28 07:06:50 | 000,573,440 | R--- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/10/28 07:06:50 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/10/28 06:28:20 | 000,000,156 | ---- | C] () -- C:\WINDOWS\WinDrvGhost.ini
[2008/10/28 05:56:23 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/21 06:22:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2004/05/12 01:31:54 | 000,005,729 | ---- | C] () -- C:\WINDOWS\PWRPLAY.INI
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
< End of report >
*(( WANT YOU TO KNOW A FEW YEARS AGO I HAD A GUY NAMED DOC' FIX' THIS PC AND EVER SINCE THEN, MY CARD READERS WILL NOT WORK, AND HE SAID I CANT HAVE GUEST ACCOUNTS', AND HE ALSO INSTALLED A XTRA 250 SATS HARD DRIVE THAT HE SAID I CAN ONLY USE AS A BACK UP STORAGE SPACE......) HE ADDED ALOT OF THESE PROGRAMS AND IF THEY ARE SLOWING ME DOWN I DONT USE' MANY OF THEM, AND THEY CAN GO !!! PLEASE HELP,
NOW HERE ARE OTL XTRAS ~~ ???
THIS IS THE XTRAS IT MIGHT BE THE SAME THING I DONT KNOW ....
OTL Extras logfile created on: 7/15/2010 1:27:56 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 46.13 Gb Free Space | 41.27% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 217.40 Gb Free Space | 93.37% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-14EA5791F
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 10.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\WampEnq.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4898:TCP" = 4898:TCP:*:Enabled:R3 TCP
"4898:UDP" = 4898:UDP:*:Enabled:R3 UDP
"4899:TCP" = 4899:TCP:*:Enabled:R2 TCP
"4899:UDP" = 4899:UDP:*:Enabled:R2 UDP
"6699:TCP" = 6699:TCP:*:Enabled:WinMx TCP
"6257:UDP" = 6257:UDP:*:Enabled:WinMx UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" = C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe:*:Enabled:RoxioUPnPRenderer10 -- (Sonic Solutions)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\rserver30\rserver3.exe" = C:\WINDOWS\system32\rserver30\rserver3.exe:*:Enabled:Radmin Server 3 -- (Famatech International Corp.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\winmx v3.54 Beta 4\WinMX.exe" = C:\winmx v3.54 Beta 4\WinMX.exe:*:Enabled:winmx v3.54 Beta 4 -- (Frontcode Technologies)
"C:\Program Files\Trillian\trillian.exe" = C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe" = C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus -- (ALWIL Software)
"C:\totalrc\totalrc.exe" = C:\totalrc\totalrc.exe:*:Enabled:totalrc.exe -- (TotalRC.net)
"C:\WINDOWS\system32\r_server.exe" = C:\WINDOWS\system32\r_server.exe:*:Enabled:r_server.exe -- ()
"C:\Program Files\Microsoft Virtual PC\Virtual PC.exe" = C:\Program Files\Microsoft Virtual PC\Virtual PC.exe:*:Enabled:Virtual PC 2007 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" = C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe:*:Enabled:RoxioUPnPRenderer10 -- (Sonic Solutions)
"C:\Program Files\Roxio\Creator Classic 10\Creator10.exe" = C:\Program Files\Roxio\Creator Classic 10\Creator10.exe:*:Enabled:Creator10 -- (Sonic Solutions)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05B7B9BA-9EBC-4C5B-933D-49F372EFE7A1}" = Adobe Photoshop CS4
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0F99EAFA-4054-4ABC-A3D3-D2299210572F}" = Adobe Bridge CS4
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17FE8F8E-D8FA-440E-9ACF-3C51787E7225}" = FolderSizes 4
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 20
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.24
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1C9D1DA-7803-4586-B509-450009938312}" = Adobe Setup
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2DC6BC-F088-46DD-994B-07F6C5A32EC1}" = Post-it® Digital Notes
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_931" = Adobe Acrobat 9.3.1 - CPSID_50570
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B81247D5-C5A7-4552-A143-E957658C1957}" = CD Drive Tool
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4418DF9-5B57-4C5D-ACC2-D6B1338CCE09}" = Photoshop Camera Raw
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED87EE42-C14B-4119-8686-C3A630F2A463}" = Radmin Server 3.2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F75C5363-5988-4230-9D5A-567CEAE5D07F}" = Norton AntiBot
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Add/Remove Plus! 2004" = Add/Remove Plus! 2004
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_b741c3c52d3108664cedeb2b76f6d96" = Adobe Photoshop CS4
"Album List" = Album List for Winamp v2.06 (remove only)
"Allway Sync_is1" = Allway Sync version 9.0.1
"Ask Toolbar_is1" = Ask Toolbar
"avast!" = avast! Antivirus
"Belltech Business Card Designer Pro 3.0_is1" = Belltech Business Card Designer Pro 3.0
"Belltech Greeting Card Designer 3.0_is1" = Belltech Greeting Card Designer 3.0
"Belltech Label Maker With Data Merge 2.0_is1" = Belltech Label Maker With Data Merge 2.0
"Belltech Small Business Publisher 3.0_is1" = Belltech Small Business Publisher 3.0
"BestCrypt" = BestCrypt 7.0
"BurnInTest_is1" = BurnInTest v5.3 Pro
"Canon MP190 series User Registration" = Canon MP190 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"Collectorz.com Movie Collector" = Collectorz.com Movie Collector
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-05-17
"CoreAVC Professional Edition" = CoreAVC Professional Edition
"Customizer XP_is1" = Customizer XP
"DisplaySwitch Platinum_is1" = DisplaySwitch Platinum 1.0
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Driver Magician_is1" = Driver Magician 3.32
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FlashGet" = FlashGet 1.8.8.1010
"FolderSizes 4" = FolderSizes 4
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQ" = ICQ
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"KeyScrambler" = KeyScrambler
"Magnify" = Magnify
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MeaningData.com FolderIcon" = FolderIcon XP 1.0 - MeaningData.com
"MetaProducts StartUp Organizer" = MetaProducts StartUp Organizer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Winamp Remote
"Registry First Aid Platinum_is1" = Registry First Aid Platinum
"Registry Toolkit_is1" = Registry Toolkit 1.2.6
"StormPredator_3.10" = StormPredator 3.25 Trial Version
"The KMPlayer" = The KMPlayer
"TorrentReactor.Net Toolbar" = TorrentReactor.Net Toolbar
"Trillian" = Trillian
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Unlocker" = Unlocker 1.8.7
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VideoLAN VLC media player 0.8.6f
"VoptXP v7.21" = VoptXP v7.21
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Winamp PowerPlayer" = PowerPlayer II
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Windows Live Safety Scanner" = Windows Live Safety Scanner
"Windows Sidebar" = Windows Sidebar
"WinDriver Ghost Enterprise 2.06" = WinDriver Ghost Enterprise 2.06
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WinZip" = WinZip
"Wondershare YouTube Downloader_is1" = Wondershare YouTube Downloader(Build 1.2.0)
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Your Uninstaller! 2008_is1" = Your Uninstaller! 2008 Version 6.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"MXpie Patch" = MXpie Patch for WinMX Network/WPNP 3.6.3.6
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 5/24/2010 2:54:17 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 2:54:17 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:55:50 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:55:50 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:56:03 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:56:03 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:56:12 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:56:12 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
Error - 5/24/2010 9:57:37 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.
Error - 5/24/2010 9:57:37 AM | Computer Name = OWNER-14EA5791F | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.
[ Application Events ]
Error - 7/1/2010 5:15:03 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/1/2010 6:55:54 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/1/2010 8:36:49 PM | Computer Name = OWNER-14EA5791F | Source = Userenv | ID = 1007
Description = Windows cannot determine the associated site for this computer. (The
RPC server is too busy to complete this operation. ). Group Policy processing aborted.
Error - 7/2/2010 1:45:15 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
Error - 7/11/2010 7:53:55 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/11/2010 7:53:56 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/11/2010 7:53:56 AM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
Error - 7/13/2010 10:40:06 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/13/2010 10:40:06 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 7/13/2010 10:40:07 PM | Computer Name = OWNER-14EA5791F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established
[ System Events ]
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Remote Administrator
Service service to connect.
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7000
Description = The Remote Administrator Service service failed to start due to the
following error: %%1053
Error - 7/13/2010 10:41:16 PM | Computer Name = OWNER-14EA5791F | Source = Service Control Manager | ID = 7000
Description = The SessionLauncher service failed to start due to the following error:
%%3
< End of report >
#9
Posted 15 July 2010 - 12:04 PM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
AGAIN THIS WAS FROM MY DESKTOP . PLEASE TELL ME WHAT TO DO NEXT , ATLEAST IT WORKING , LOL
MY LAPTOP IS NOT IT WILL NOT ALLOW WINDOWS TO OPEN, IT IS ON WIFI THREW A NEIBORS ROUTER ..... I DONT THINK THAT HAS ANYTHING TO DO WITH IT , MY CELL PHONE SEEMS TO GET ONLINE FINE THREW THAT SAME WIFI ..........
PLEASE TELL ME WHAT BUTTONS TO HIT ON THE LAPTOP, AND WHAT TO DO HERE ON THE DESKTOP ... THANK YOU FOR ALL YOUR TIME AND EFFORT... VERY APPRECIATED !!!!
MY LAPTOP IS NOT IT WILL NOT ALLOW WINDOWS TO OPEN, IT IS ON WIFI THREW A NEIBORS ROUTER ..... I DONT THINK THAT HAS ANYTHING TO DO WITH IT , MY CELL PHONE SEEMS TO GET ONLINE FINE THREW THAT SAME WIFI ..........
PLEASE TELL ME WHAT BUTTONS TO HIT ON THE LAPTOP, AND WHAT TO DO HERE ON THE DESKTOP ... THANK YOU FOR ALL YOUR TIME AND EFFORT... VERY APPRECIATED !!!!
#10
Posted 15 July 2010 - 02:51 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
I guess as long as you clearly state whether this is the desktop or laptop we can use the same thread. For the Desktop:
Uninstall all of these unless it's something you can't live without. The first two are just obsolete Java version and must go. Ask is foistware that you often get with something else so they should go. The customizer and registry programs do more harm than good. The Torrent programs are dangerous to use since the files you get through P2P are often infected so your really should remove them for now. Everything else is optional. Keep it if you use it but if you don't know what it is get rid of it.
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"Ask Toolbar_is1" = Ask Toolbar
"Customizer XP_is1" = Customizer XP
"FlashGet" = FlashGet 1.8.8.1010
"ICQ" = ICQ
"KeyScrambler" = KeyScrambler
"Registry First Aid Platinum_is1" = Registry First Aid Platinum
"Registry Toolkit_is1" = Registry Toolkit 1.2.6
"TorrentReactor.Net Toolbar" = TorrentReactor.Net Toolbar
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"BitTorrent" = BitTorrent
"uTorrent" = µTorrent
"{F75C5363-5988-4230-9D5A-567CEAE5D07F}" = Norton AntiBot
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"Windows Live Safety Scanner" = Windows Live Safety Scanner
"Windows Sidebar" = Windows Sidebar
"WinLiveSuite_Wave3" = Windows Live Essentials
"Orb" = Winamp Remote
"Wondershare YouTube Downloader_is1" = Wondershare YouTube Downloader(Build 1.2.0)
"VirtualCloneDrive" = VirtualCloneDrive
"VoptXP v7.21" = VoptXP v7.21
This one I'm a little reluctant to uninstall:
"BestCrypt" = BestCrypt 7.0
I don't like it but it might make it impossible to see some of your files if we remove it.
Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Doubleclick on george to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Re-activate your protection programs at this time :!:
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. (In Vista, next select Windows Logs) Right click on System and Clear Log, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
Start, Run, sfc /scannow, OK
SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.
Start, Run, sigverif, OK
Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
On the Laptop it doesn't sound like the hard drive is healthy. If you can figure out who makes the drive you can usually download a drive test program, burn it to a cd then boot off the cd and run the extended drive test.
Dell's usually have a key to press at reboot which will take you into the hidden partition so you can restore to factory specs. If that is not working then the harddrive is probably sick.
Ron
Uninstall all of these unless it's something you can't live without. The first two are just obsolete Java version and must go. Ask is foistware that you often get with something else so they should go. The customizer and registry programs do more harm than good. The Torrent programs are dangerous to use since the files you get through P2P are often infected so your really should remove them for now. Everything else is optional. Keep it if you use it but if you don't know what it is get rid of it.
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"Ask Toolbar_is1" = Ask Toolbar
"Customizer XP_is1" = Customizer XP
"FlashGet" = FlashGet 1.8.8.1010
"ICQ" = ICQ
"KeyScrambler" = KeyScrambler
"Registry First Aid Platinum_is1" = Registry First Aid Platinum
"Registry Toolkit_is1" = Registry Toolkit 1.2.6
"TorrentReactor.Net Toolbar" = TorrentReactor.Net Toolbar
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"BitTorrent" = BitTorrent
"uTorrent" = µTorrent
"{F75C5363-5988-4230-9D5A-567CEAE5D07F}" = Norton AntiBot
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"Windows Live Safety Scanner" = Windows Live Safety Scanner
"Windows Sidebar" = Windows Sidebar
"WinLiveSuite_Wave3" = Windows Live Essentials
"Orb" = Winamp Remote
"Wondershare YouTube Downloader_is1" = Wondershare YouTube Downloader(Build 1.2.0)
"VirtualCloneDrive" = VirtualCloneDrive
"VoptXP v7.21" = VoptXP v7.21
This one I'm a little reluctant to uninstall:
"BestCrypt" = BestCrypt 7.0
I don't like it but it might make it impossible to see some of your files if we remove it.
Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Doubleclick on george to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Re-activate your protection programs at this time :!:
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. (In Vista, next select Windows Logs) Right click on System and Clear Log, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
Start, Run, sfc /scannow, OK
SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.
Start, Run, sigverif, OK
Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
On the Laptop it doesn't sound like the hard drive is healthy. If you can figure out who makes the drive you can usually download a drive test program, burn it to a cd then boot off the cd and run the extended drive test.
Dell's usually have a key to press at reboot which will take you into the hidden partition so you can restore to factory specs. If that is not working then the harddrive is probably sick.
Ron
#11
Posted 16 July 2010 - 09:45 AM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
ok, this will taje me awile . on the desktop I have already uninstaled both utorrent and bittorrent , I will uninstall the rest of what you wrote, alot of these were what the last guy who fixed' my pc added to it . like the virtual pc , I dont really care to use it, and i dont think i have ever used it ..
on the laptop , it is a EMACHINES , I bought it on sale at walmart less than 6 mths ago, I am looking now for my receipt and paperwork for it, I guess I will have to send it back to them for them to fix/and or replace.
on the laptop , it is a EMACHINES , I bought it on sale at walmart less than 6 mths ago, I am looking now for my receipt and paperwork for it, I guess I will have to send it back to them for them to fix/and or replace.
#12
Posted 09 August 2010 - 10:29 PM
starla
- Topic Starter
-
- Member
-
- 64 posts
Member
ok, this will taje me awile . on the desktop I have already uninstaled both utorrent and bittorrent , I will uninstall the rest of what you wrote, alot of these were what the last guy who fixed' my pc added to it . like the virtual pc , I dont really care to use it, and i dont think i have ever used it ..
on the laptop , it is a EMACHINES , I bought it on sale at walmart less than 6 mths ago, I am looking now for my receipt and paperwork for it, I guess I will have to send it back to them for them to fix/and or replace.
ok,. as for the LAPTOP ~~~ it was still under warrenty so I sent it in , they fixed 1 hard drive and 1 memory , *( so they' say) I got it back with no lost data , so all in all its working .
MY desktop , I have started working on it , I have to get you ALL these logs when I get up , I will try to get everything in for you just as you asked, I am NOT a guru, im novice at best ... So its a little hard for me , But I will try my bnest to get you everything and do as you say .. thank you for helping me, thier is DEF somthing wrong malware related to the desktop, it is way too slow and freezing up when more than 3 pages are open .. sometimes even one page . I DO leave it on alot, I was told that was fine ?? anyway be baqck topmorrow with more info and some logs you are asking for , thank you again for your time .
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
