Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Major performance drop.

Started by Starce* , Aug 21 2010 03:12 PM

  • Please log in to reply

#1
Starce*
Posted 21 August 2010 - 03:12 PM

Starce*

    New Member

  • Member
  • Pip
  • 8 posts
So for the past few days ive noticed my performance drop significantly. My computer idles at 45% memory usage with 4 gigs of ram installed. I have looked in the process list and I can't figure out what is using so much of my memory. My browser was once as fast as lightning and now it is slow as molasses. I also see this affecting my performance in most of the games I play. I know I can run these games because they used to run fine with no problems at all. This leads me to believe I have a virus. I'm currently using avast as my antivirus software. Any help I could get would be greatly appreciated! Thanks in advanced.

OTL logfile created on: 8/21/2010 15:55:13 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 74.23 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 620.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-PC
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2010/07/31 11:15:51 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/07/07 20:33:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010/07/07 20:27:16 | 001,268,224 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2010/06/30 20:34:27 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Steam\Steam.exe
PRC - [2010/06/28 15:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/21 22:37:54 | 001,619,272 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/09 15:32:20 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lycosa\razertra.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/22 22:11:32 | 001,675,776 | ---- | M] (Flagship Industries, Inc.) -- C:\Ventrilo\Ventrilo.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/21 13:10:30 | 000,610,816 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2008/10/16 18:07:40 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\Razer\Lycosa\razerhid.exe
PRC - [2008/08/06 16:31:44 | 000,233,576 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2007/12/16 23:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2005/12/12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe


========== Modules (SafeList) ==========

MOD - [2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2009/04/10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 02:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/21 22:37:54 | 001,619,272 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/05 18:17:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/02/09 22:35:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/02/09 22:23:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/02/04 16:20:33 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/30 14:17:30 | 003,407,412 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/06/18 19:10:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/04/02 13:27:26 | 000,090,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008/09/10 10:22:32 | 000,229,648 | ---- | M] (Uniblue) [On_Demand | Stopped] -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/16 23:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/12/12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2005/08/02 16:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\swlubtl.sys -- (swlubtl)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SWLD23U.sys -- (SWLD23U)
DRV - File not found [Kernel | Unknown | Running] -- -- (SASKUTIL)
DRV - File not found [Kernel | Unknown | Running] -- -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\nvflash.sys -- (NVR0FLASHDev)
DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Owner\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\AsInsHelp32.sys -- (ASInsHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AWRTPD.sys -- (Ad-Watch Real-Time Scanner)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2010/07/09 17:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/07/07 22:15:22 | 001,227,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x22k.sys -- (ha20x22k)
DRV - [2010/07/07 22:15:10 | 001,184,344 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/07/07 22:15:00 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/07/07 22:14:52 | 000,159,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/07/07 22:14:44 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/07/07 22:14:36 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/07/07 22:14:20 | 000,537,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/07/07 22:14:00 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/07/07 22:13:52 | 001,353,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2010/07/07 22:13:52 | 001,353,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/07/07 22:13:42 | 000,073,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2010/07/07 22:13:42 | 000,073,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/07/07 22:13:34 | 000,198,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2010/07/07 22:13:34 | 000,198,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/03 21:22:30 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/30 19:02:30 | 000,047,152 | ---- | M] (Prevx) [File_System | Auto | Running] -- C:\Windows\System32\drivers\pxrts.sys -- (pxrts)
DRV - [2009/11/30 19:02:30 | 000,030,280 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2009/11/30 19:02:29 | 000,024,496 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pxkbf.sys -- (pxkbf)
DRV - [2009/09/23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/04 18:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvrd32.sys -- (nvrd32)
DRV - [2009/08/04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009/04/10 21:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/02/03 14:54:52 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTVideo.sys -- (SndTVideo)
DRV - [2009/02/03 14:54:48 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2008/05/22 14:21:46 | 000,016,896 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2008/04/17 12:57:48 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MovRVDrv32.sys -- (MovRVDrv32)
DRV - [2008/04/17 12:57:46 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTDriverV32.sys -- (SndTDriverV32)
DRV - [2007/12/17 18:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/09/04 20:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\nvoclock.sys -- (NVR0Dev)
DRV - [2007/08/28 18:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/08/21 03:13:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2007/08/08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2007/01/15 16:35:18 | 001,032,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/01/05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA nForce™
DRV - [2007/01/05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:51:31 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/11/02 03:35:04 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/18 13:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005/12/21 12:23:26 | 000,014,592 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Usbicp.sys -- (uisp)
DRV - [2005/08/02 16:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2004/08/10 09:57:54 | 000,017,536 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NtpaSp50.sys -- (NTPASp50)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.myspace.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {2458abc0-f443-11dd-87af-0800200c9a66}:3.6.3.1.03.04.10
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.7
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/21 10:18:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 11:01:13 | 000,000,000 | ---D | M]

[2009/03/16 15:28:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2009/02/05 18:54:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/08/17 19:34:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions
[2010/05/01 12:52:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 19:09:03 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/07/31 23:17:46 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/08/05 17:59:46 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/07/31 23:17:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/05 17:12:56 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/10/17 10:11:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/08/05 18:04:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/07/31 23:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/08/05 17:41:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/08/05 17:07:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009/05/24 12:49:59 | 000,002,395 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\searchplugins\daemon-search.xml
[2008/12/12 13:23:54 | 000,002,158 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\searchplugins\MySpace.xml
[2010/08/17 19:04:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/29 23:03:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/17 19:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/08/21 12:13:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 71.15.32.8 71.15.32.9
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1998/12/13 02:43:32 | 000,000,040 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008/07/15 19:53:55 | 000,000,142 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co....thors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/08/21 15:40:00 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/21 12:29:15 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2010/08/21 12:13:43 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/21 12:12:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/21 12:12:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2010/08/21 11:59:58 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/21 11:59:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/21 11:59:42 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/21 11:39:30 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/08/21 01:38:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\O&O
[2010/08/21 01:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010/08/21 00:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/08/21 00:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/16 16:27:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\yabot-v1.1
[2010/08/13 20:07:53 | 000,000,000 | ---D | C] -- C:\HammerAutosave
[2010/08/11 19:24:20 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/08/11 19:24:20 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/08/11 19:24:20 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/08/11 19:24:20 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/08/11 19:24:19 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/08/11 19:23:35 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/08/11 19:23:35 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/08/11 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/08/11 19:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/08/05 17:41:00 | 000,028,672 | ---- | C] (6XGate Systems, Inc.) -- C:\Windows\System32\regclass.dll
[2010/08/05 17:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\FirefoxPreloader
[2010/08/05 17:28:39 | 000,453,000 | ---- | C] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/04 10:38:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Staygrey_by_lefty28
[2010/08/03 23:07:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\iTunes Videos
[2010/08/03 22:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\CodeGazer
[2010/08/03 17:45:24 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/28 20:01:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\StarCraft II
[2010/07/28 20:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/07 22:15:42 | 001,811,288 | ---- | C] (Creative) -- C:\Windows\System32\drivers\ct20xflt.sys
[2010/07/07 20:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2010/07/07 20:10:22 | 000,012,800 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe
[2010/07/01 13:13:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\NCSoft
[2010/06/21 22:38:22 | 001,254,728 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\ooscrsav.scr
[2010/06/21 22:37:28 | 000,200,008 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodbs.exe
[2010/06/21 22:33:16 | 000,546,120 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodssrs.dll
[2010/06/21 22:32:50 | 000,010,056 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodbsrs.dll
[2010/06/21 00:02:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ipod music
[2010/06/19 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 04:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/06/11 14:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtime Worlds
[2010/06/06 03:27:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Need for Speed World Online
[2010/06/06 03:27:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Need for Speed World
[2010/06/06 03:06:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Electronic_Arts_Inc
[2010/06/04 13:22:42 | 000,000,000 | ---D | C] -- C:\SRCDS
[2008/05/07 18:13:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Owner\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 90 Days ==========

[2010/08/21 15:54:14 | 012,845,056 | ---- | M] () -- C:\Users\Owner\ntuser.dat
[2010/08/21 15:41:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4051726148-2668874063-1496388572-1000UA.job
[2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/21 15:19:34 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 15:19:34 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 15:19:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/21 15:19:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/21 15:19:14 | 000,010,208 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2010/08/21 15:18:23 | 000,055,380 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:23 | 000,055,380 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:23 | 000,000,820 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:08 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\ntuser.dat{61c5b91a-2bc4-11df-b3d9-001a92569e01}.TMContainer00000000000000000001.regtrans-ms
[2010/08/21 15:18:08 | 000,065,536 | -HS- | M] () -- C:\Users\Owner\ntuser.dat{61c5b91a-2bc4-11df-b3d9-001a92569e01}.TM.blf
[2010/08/21 15:18:07 | 001,859,022 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2010/08/21 14:41:21 | 000,000,714 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/08/21 12:29:17 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2010/08/21 12:13:48 | 000,000,320 | ---- | M] () -- C:\Windows\system.ini
[2010/08/21 12:13:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/21 11:58:57 | 003,820,278 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/08/21 11:54:17 | 000,000,691 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\GetValue.vbs
[2010/08/21 11:54:17 | 000,000,035 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SetValue.bat
[2010/08/21 10:51:29 | 000,002,255 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/21 01:37:16 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/08/21 00:41:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4051726148-2668874063-1496388572-1000Core.job
[2010/08/20 16:09:15 | 000,137,256 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 16:09:06 | 000,218,808 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/16 18:58:36 | 000,723,876 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/16 18:58:36 | 000,606,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/16 18:58:36 | 000,106,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/11 19:24:21 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/11 19:24:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/11 19:18:00 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010/08/11 15:27:18 | 000,380,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/05 17:57:43 | 000,978,604 | ---- | M] () -- C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
[2010/08/05 17:41:42 | 000,001,748 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/05 17:28:43 | 000,453,000 | ---- | M] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/05 16:43:29 | 000,000,819 | ---- | M] () -- C:\Users\Owner\Desktop\StarCraft II Editor.lnk
[2010/08/05 14:34:03 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2010/08/05 14:34:03 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2010/08/05 14:23:24 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010/08/05 14:23:23 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010/08/04 13:18:21 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 13:15:38 | 000,000,703 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010/08/04 12:58:42 | 000,055,781 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/04 10:49:18 | 000,102,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/03 17:49:02 | 000,055,781 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/03 13:33:20 | 000,000,564 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ventrilo.lnk
[2010/08/01 00:40:17 | 000,000,804 | ---- | M] () -- C:\Users\Owner\Desktop\CCleaner.lnk
[2010/07/22 18:00:07 | 000,790,751 | ---- | M] () -- C:\Users\Owner\Desktop\aim_cod4_killhouse_compare.gif
[2010/07/09 17:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/09 17:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/07/07 22:15:42 | 001,811,288 | ---- | M] (Creative) -- C:\Windows\System32\drivers\ct20xflt.sys
[2010/07/07 21:23:10 | 000,017,868 | ---- | M] () -- C:\Windows\System32\instwdm.ini
[2010/07/07 21:23:06 | 000,000,054 | ---- | M] () -- C:\Windows\System32\ctzapxx.ini
[2010/07/07 20:40:00 | 000,011,776 | ---- | M] (Creative Technology Limited) -- C:\Windows\INRES.DLL
[2010/07/07 20:39:56 | 000,181,248 | ---- | M] (Creative Technology Limited) -- C:\Windows\System32\ctdvinst.dll
[2010/07/07 20:39:56 | 000,086,016 | ---- | M] (Creative Technology Limited) -- C:\Windows\System32\ctcoinst.dll
[2010/07/07 20:36:44 | 000,014,336 | ---- | M] ( ) -- C:\Windows\System32\a3d.dll
[2010/07/07 20:33:04 | 000,002,560 | ---- | M] () -- C:\Windows\System32\CtxfiRes.dll
[2010/07/07 20:14:30 | 000,016,384 | ---- | M] () -- C:\Windows\System32\regplib.exe
[2010/07/07 20:10:30 | 000,007,680 | ---- | M] () -- C:\Windows\System32\enlocstr.exe
[2010/07/07 20:10:22 | 000,012,800 | ---- | M] ( ) -- C:\Windows\System32\killapps.exe
[2010/06/29 23:29:11 | 000,000,099 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2010/06/29 23:27:56 | 000,000,046 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2010/06/29 20:30:41 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010/06/29 16:58:58 | 000,001,057 | ---- | M] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/28 15:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/21 22:38:22 | 001,254,728 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\ooscrsav.scr
[2010/06/21 22:37:28 | 000,200,008 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodbs.exe
[2010/06/21 22:33:16 | 000,546,120 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodssrs.dll
[2010/06/21 22:32:50 | 000,010,056 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodbsrs.dll
[2010/06/19 21:14:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/18 18:55:21 | 000,000,312 | ---- | M] () -- C:\Users\Owner\Desktop\Curse Client.appref-ms
[2010/06/12 06:37:12 | 000,138,056 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\PnkBstrK.sys
[2010/06/09 17:42:19 | 000,000,198 | ---- | M] () -- C:\Users\Owner\Documents\apb confirmation code.rtf
[2010/06/01 09:02:24 | 002,419,568 | ---- | M] () -- C:\Windows\System32\pbsvc_apb.exe

========== Files Created - No Company Name ==========

[2010/08/21 15:31:32 | 000,293,376 | ---- | C] () -- C:\Users\Owner\Desktop\gmer.exe
[2010/08/21 14:41:21 | 000,000,714 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/08/21 11:31:17 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2010/08/21 10:58:44 | 000,010,208 | ---- | C] () -- C:\Windows\System32\oodbs.lor
[2010/08/21 01:37:16 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/08/14 12:39:21 | 000,790,751 | ---- | C] () -- C:\Users\Owner\Desktop\aim_cod4_killhouse_compare.gif
[2010/08/11 19:24:21 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/05 17:57:40 | 000,978,604 | ---- | C] () -- C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
[2010/08/05 16:43:29 | 000,000,819 | ---- | C] () -- C:\Users\Owner\Desktop\StarCraft II Editor.lnk
[2010/08/05 14:34:03 | 000,055,380 | ---- | C] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/05 14:34:03 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settingsbkup.sfm
[2010/08/05 14:34:03 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settings.sfm
[2010/08/05 14:34:03 | 000,000,820 | ---- | C] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/04 13:22:01 | 000,002,255 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/04 13:18:21 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 13:15:38 | 000,000,703 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010/08/03 17:17:23 | 000,001,748 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/07 21:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2010/07/07 21:23:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2010/07/07 20:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2010/07/07 20:14:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\regplib.exe
[2010/07/07 20:10:30 | 000,007,680 | ---- | C] () -- C:\Windows\System32\enlocstr.exe
[2010/06/19 21:14:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/12 06:32:35 | 002,419,568 | ---- | C] () -- C:\Windows\System32\pbsvc_apb.exe
[2010/06/09 17:42:19 | 000,000,198 | ---- | C] () -- C:\Users\Owner\Documents\apb confirmation code.rtf
[2010/05/13 18:21:42 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[2010/05/11 13:37:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/04 01:12:03 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2010/02/21 13:10:49 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/02/21 13:10:49 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/02/21 13:10:49 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/02/11 21:19:35 | 000,000,248 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/02/09 22:18:07 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/02/09 22:18:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/02/04 17:15:53 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010/02/04 17:15:53 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2009/12/13 19:51:37 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2009/11/19 22:48:30 | 000,000,861 | ---- | C] () -- C:\Windows\CoD.INI
[2009/10/23 23:18:38 | 000,000,079 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\RSBot Accounts.ini
[2009/08/30 11:34:08 | 000,007,311 | ---- | C] () -- C:\Program Files\5362f30584883d01175a57752e4d547dba04a54e_full[1].jpg
[2009/08/26 20:39:35 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\prvlcl.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/23 13:38:00 | 000,055,781 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/23 13:29:14 | 000,055,781 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/14 01:28:04 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2009/06/29 04:21:10 | 000,000,691 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\GetValue.vbs
[2009/06/29 04:21:10 | 000,000,035 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\SetValue.bat
[2009/06/28 03:08:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/18 19:17:19 | 000,000,180 | ---- | C] () -- C:\ProgramData\Setup.log
[2009/05/29 03:17:38 | 000,000,254 | ---- | C] () -- C:\Windows\MP3trt.ini
[2009/05/28 03:43:55 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/05/26 13:12:38 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2009/05/24 11:33:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/03/07 13:47:50 | 000,076,407 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Smiley.ico
[2009/02/14 14:25:15 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008/12/17 16:44:41 | 000,006,048 | ---- | C] () -- C:\Windows\System32\MCC16.dll
[2008/12/17 16:44:06 | 000,040,448 | ---- | C] () -- C:\Windows\System32\BJAXSecurityManager.dll
[2008/12/17 16:44:04 | 000,086,016 | ---- | C] () -- C:\Windows\System32\BJInstaller.dll
[2008/09/07 11:48:29 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/08/13 15:29:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/05/07 18:14:33 | 000,000,034 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.log
[2008/05/07 18:13:41 | 000,007,887 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.cat
[2008/05/07 18:13:41 | 000,001,144 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.inf
[2008/05/01 21:57:10 | 000,002,776 | ---- | C] () -- C:\Windows\WoWEmuHackSettings.ini
[2008/05/01 21:57:10 | 000,000,106 | ---- | C] () -- C:\Windows\wininit.ini
[2008/05/01 21:57:10 | 000,000,028 | ---- | C] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2008/05/01 21:57:09 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/05/01 21:57:09 | 000,000,044 | ---- | C] () -- C:\Windows\EPSNX400.ini
[2008/04/25 16:23:24 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/04/18 17:29:56 | 000,000,063 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/04/15 15:21:28 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2008/02/10 11:59:16 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/12/26 17:55:56 | 000,138,056 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\PnkBstrK.sys
[2007/12/26 17:55:35 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2007/12/26 16:00:45 | 000,008,268 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2007/12/15 22:25:33 | 000,048,128 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/11 11:59:42 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2007/07/20 17:46:20 | 000,000,552 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d8caps.dat
[2007/06/19 20:11:56 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/06/19 20:11:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/06/19 20:11:54 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/06/18 09:17:04 | 000,000,097 | ---- | C] () -- C:\Windows\lexstat.ini
[2007/03/20 09:11:49 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2007/03/20 09:03:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2007/03/12 13:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/08/02 16:24:01 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2000/01/28 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/05/17 21:23:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Any Video Converter
[2010/03/03 21:32:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Astroburn Lite
[2008/06/19 23:47:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2008/03/16 18:06:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Beyond
[2010/02/14 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bioshock
[2010/06/29 17:12:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bioshock2
[2010/02/09 12:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitDefender
[2009/05/24 12:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools
[2009/05/24 12:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2009/12/19 18:54:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DMCache
[2009/12/08 22:48:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2008/08/04 14:22:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Electronic Arts
[2010/05/13 18:22:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeBurner
[2009/09/07 12:37:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2009/07/26 17:31:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GSC 2.00
[2009/05/16 22:40:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\id Software
[2010/03/08 00:07:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\InterTrust
[2008/09/07 20:05:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2010/06/21 04:21:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2009/03/12 21:50:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Megaupload
[2008/11/07 22:38:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MobMapUpdater
[2009/02/15 13:18:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicNet
[2010/06/06 03:27:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Need for Speed World
[2010/06/06 03:27:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Need for Speed World Online
[2010/01/23 18:02:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Octoshape
[2008/05/17 23:52:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010/02/18 11:51:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Razer
[2010/03/15 18:17:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\runic games
[2009/02/13 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\scar5
[2009/04/01 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Subversion
[2010/02/08 21:03:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
[2009/05/28 03:46:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Systweak
[2010/03/04 01:07:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\The Creative Assembly
[2009/02/16 16:29:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2008/05/05 20:58:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Touchstone
[2010/01/23 21:57:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2009/07/27 14:01:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tunngle
[2010/01/23 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ubi.com
[2010/03/04 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ubisoft
[2010/03/09 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2010/08/21 01:34:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/05/07 18:14:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vso
[2010/01/22 18:20:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ZombieDriver
[2010/08/21 15:18:11 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/05/28 16:47:19 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Uniblue DiskRescue 2009.job
[2008/06/15 13:24:16 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\Uniblue SpyEraser.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/05/01 21:57:10 | 000,084,974 | ---- | M] () -- C:\....jpg
[2010/02/01 16:28:57 | 000,076,040 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/03/14 21:02:11 | 000,284,983 | ---- | M] () -- C:\ava1.png
[2010/03/14 21:03:58 | 001,032,098 | ---- | M] () -- C:\ava2.jpg
[2010/08/11 19:18:01 | 000,091,903 | ---- | M] () -- C:\bdlog.txt
[2008/05/01 21:57:10 | 068,338,376 | ---- | M] () -- C:\BellSouthIW.reg
[2009/04/10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/03/01 21:41:32 | 000,001,319 | ---- | M] () -- C:\CD3rdPartyWrapper.log
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[1992/11/05 13:06:22 | 001,048,576 | ---- | M] () -- C:\Contra III - The Alien Wars.smc
[2010/03/19 15:47:50 | 000,010,569 | ---- | M] () -- C:\counterstrikespray.jpg
[2010/03/06 14:34:17 | 000,038,894 | ---- | M] () -- C:\don_frye_2.jpg
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/03/06 14:30:56 | 000,003,416 | ---- | M] () -- C:\images.jpg
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2007/06/18 09:12:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/29 20:35:10 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2007/06/18 09:12:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/21 15:19:22 | 3219,128,320 | -HS- | M] () -- C:\pagefile.sys
[2008/04/14 16:35:51 | 000,000,528 | RHS- | M] () -- C:\PCGWIN32.LI4
[2010/03/05 16:43:14 | 000,000,000 | ---- | M] () -- C:\pcversion.txt
[2010/08/21 11:55:04 | 000,001,705 | ---- | M] () -- C:\rapport.txt
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2010/08/21 11:39:30 | 000,000,101 | ---- | M] () -- C:\VundoFix.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >
[2007/02/28 18:16:00 | 000,010,991 | R--- | M] () -- C:\Windows\VELOCITY.PNG

< %systemroot%\*.scr >
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/08/30 11:33:56 | 000,007,311 | ---- | M] () -- C:\Program Files\5362f30584883d01175a57752e4d547dba04a54e_full[1].jpg
[2008/04/20 11:18:17 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/05/17 09:20:52 | 000,000,574 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2008/11/08 18:26:01 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Owner\Desktop\ATF-Cleaner.exe
[2010/08/21 11:58:57 | 003,820,278 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2009/12/15 11:24:48 | 000,293,376 | ---- | M] () -- C:\Users\Owner\Desktop\gmer.exe
[2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/05 17:28:43 | 000,453,000 | ---- | M] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/21 12:29:17 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-19 20:28:34

========== Alternate Data Streams ==========

@Alternate Data Stream - 507 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:EEFF768F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
OTL Extras logfile created on: 8/21/2010 15:55:13 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 74.23 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 620.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-PC
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00389648-5CCA-4CD6-A39C-D89A0AAE5593}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{026CD152-6116-4980-8FB4-7FB3F9E3453C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{176F66DB-714D-46F4-A07E-9BE4BA7B8A88}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{178F719D-8172-47CD-BDCE-E4943B1045F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23D9BF59-2410-4A7C-839C-F0A18E8283C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27925DDF-D32F-44A6-830B-84FA0060E49B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{28A37DAE-E2C4-4628-BCBA-095620CED11D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{291D383A-3DF0-453A-9B25-46E5CB02FC5A}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{3C78A4D5-9E99-4857-A0BC-A98CFBBDDD0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A6CC78E-BB61-40C6-B9C3-49138529E0C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{5EAF261D-77E0-45B8-83A3-F1E2E0A413A3}" = rport=138 | protocol=17 | dir=out | app=system |
"{658B6948-6035-4809-ADAF-BD306D161A56}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CF4E322-BED9-4F56-9E2C-9456A20E3BC6}" = rport=139 | protocol=6 | dir=out | app=system |
"{6F6EA153-1A95-487D-9667-FE4F716E6D6F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{758F03AA-B273-4ABC-8F37-6D7E87C9DD83}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77F072BB-C579-43A1-B800-7A9CB2326022}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7C747611-2049-4E0B-A156-89E1085F4185}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7CF4681F-66A7-43EE-B002-0C75B84A4E66}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82AC0F5E-516C-4CF0-978A-24589440A3E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{83E29E23-BC8F-4BE7-9951-508C9846B57B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8FE257C5-19AE-437C-AC34-CA3D8EF8FAF3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{91CC9B7B-CE9B-4013-991C-7A129F87E0FB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9742153F-171C-48CE-99ED-D4989D05819E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A21A6DAE-670D-4A17-B250-ACF8CCE7BEAE}" = lport=137 | protocol=17 | dir=in | app=system |
"{A7BDDB2D-F65C-451B-985D-97F9F3308AB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{B44359D2-3C96-40DE-8689-C0B1461BF0D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{B5709C54-22DF-4DD8-9B5D-54D4E2F74BCF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BF1BF2B8-9756-40AA-AF9F-0607418D8AAD}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA63EAAB-EEC3-4CBE-95A4-1EA2E592B008}" = rport=137 | protocol=17 | dir=out | app=system |
"{F56C8CBD-6744-459F-95FC-8680B24319BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6E1BB41-C434-4C05-B754-7450C1B498CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A6306D-D6F6-464F-B88C-341B0F8EEF6C}" = protocol=17 | dir=in | app=c:\world at war\codwawmp.exe |
"{0328132B-B2E1-444E-8F87-707E43A42AD4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0B28707F-F60A-4CD7-A10F-41A74BC64E58}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{109C1126-0DB0-45D1-8F08-D9B793716817}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{134C15D8-A70A-4475-83F1-FA8FCF2069B5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{13DB71B3-019B-4BA2-A9C5-DCF7C808C06C}" = protocol=6 | dir=in | app=c:\world at war\codwaw.exe |
"{14653A17-308C-4DAC-BB9F-6F467CE6F75F}" = protocol=1 | dir=in | [email protected],-26140 |
"{1593D625-85F5-467D-B50F-E930A6B82E48}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\alien swarm\srcds.exe |
"{16379163-0FA0-469F-90D3-362714D435EC}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\alien swarm\swarm.exe |
"{17A1D84C-9EF0-42E9-9251-FC7CFC7062D6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1CA988A0-7649-4B44-8F46-4C96C6C82BCE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E9401DF-5CFC-467A-8C17-BDC79BEF41E1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{1ED4752E-A5D2-4E05-9B29-E023FF970734}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-enus-ptr-downloader.exe |
"{2394F4D2-C10C-463D-80D2-F9C094C1F179}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{25500588-4331-41C3-A2BD-BD607A2650D8}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{27A05887-845C-4562-902E-196CF05ED869}" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\counter-strike source\hl2.exe |
"{2848D9A9-0D89-417F-AFB4-E9C35B66340E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2C86C1F6-BA25-4895-8994-934D3B4D9BCB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E762AF5-120B-49C6-BB32-441723C52792}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"{32E9F628-1F88-4C5C-AD26-A3512F0E96E9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{35AE1192-D313-4343-AA75-6A3BE664C017}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{390FA38B-B04F-41F9-BB71-B973C9909098}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3A7316A7-F4A0-44E8-836F-E30DBF91FE37}" = protocol=58 | dir=in | [email protected],-26142 |
"{3C65F57C-60BF-473C-9AE1-EDB1010C1320}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{3D12B1DD-181A-48A3-80B8-A57B087EF95F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F00B117-6D87-4010-A39C-839EEAA17920}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{44461EEB-AF68-4B39-8814-E9905BECEA5A}" = protocol=58 | dir=out | [email protected],-28546 |
"{446978BE-5543-441D-ABC0-8DD1E3AD73A7}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"{48DD6992-D957-4CE5-B779-B3FB747A7761}" = protocol=6 | dir=in | app=c:\world at war\codwawmp.exe |
"{4B43AAC9-A2C8-431C-9345-787A32E471E2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{4C379240-F726-490C-A02E-3DD3676B5F22}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{514FE498-580E-42F8-AA00-076533AF2CAF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{51BF5613-BF9A-4E03-80B5-34F33F04C092}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5227DBAE-9266-46A9-83B6-BF7EA58FD475}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10116-to-0.2.0.10128-enus-downloader.exe |
"{52347961-A304-4F39-9BAC-7D546ED27BAF}" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\garrysmod\hl2.exe |
"{55BD08CB-CFE3-49EB-BE6D-2996932A2406}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{58F7B520-3726-49CF-800F-318089E4B425}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{596DBDA6-040C-424E-AC08-0B143DDF8331}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\alien swarm\srcds.exe |
"{5B44F81B-E81B-49FB-B907-C04716D548E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5BB7D8D9-8AA9-40D1-8340-DA3BC0650C3B}" = protocol=58 | dir=in | [email protected],-28545 |
"{5DEC6305-812A-47E5-A443-CA78FB830021}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5E0AA768-1350-4BE7-ABBF-91EFB5E8761F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{5F016744-7AC2-40C1-9C61-3FDB6DD93A1B}" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\garrysmod\hl2.exe |
"{602DA524-A9E7-4754-B0B8-F79FE1D0DFEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60E7F658-CA7B-4C56-B00D-7A4F299944EA}" = protocol=6 | dir=out | app=system |
"{6349E790-E788-42E3-A203-1482956738EB}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{66F7AAA2-F54B-4461-B437-F177D311244D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-enus-downloader.exe |
"{675A8BC1-8743-4820-BA85-9FD89BE809BA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{697B722F-543F-4E41-A34E-51410262E0F4}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6DE0F767-014B-4CA9-AD16-4DD9C1A97428}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{6E35D761-3953-48CF-B0A7-3ED543C0A227}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\alien swarm\swarm.exe |
"{70F5FBA9-E1A0-48D7-B1FA-38E8DA14FEF4}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{723E926F-C9C7-45BA-9A83-B45461C04F03}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-enus-downloader.exe |
"{73665EC8-9299-4548-92A6-167F00554A90}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{73C36A1D-93F8-4319-A1D2-516B5896854C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{74D4B200-D856-48A7-AC3E-760A2FF98305}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-enus-downloader.exe |
"{75FD775D-4A5B-4D27-AB0E-82B2E3F79F2E}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{783AD40D-5532-4780-9D07-490F2A72109C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{7846F31A-3426-412F-B3A0-D51CA1579C68}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{78E3B811-5909-4FCF-BD43-27536390BFE5}" = protocol=17 | dir=in | app=c:\world at war\codwaw.exe |
"{796A411B-2E29-4AD9-A5EC-A17D88B21BD6}" = protocol=6 | dir=in | app=c:\program files\disktrix\ultimatedefrag2008\udefrag.exe |
"{7D1946D2-0557-4B01-8B1C-97AB1A969C13}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8268316B-D74E-49E2-856D-52AF489F962C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{854F963D-C287-449C-B21C-D4847159D7E4}" = protocol=1 | dir=in | [email protected],-28543 |
"{86AF1EB1-6CE5-484F-9C54-6BB00728A86B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-enus-downloader.exe |
"{8ACB911B-3353-489F-8EDF-A8B2DBB61C53}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8C6351D2-3D51-424A-8DAF-AA82923123D0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{8C8113AB-3E8D-4818-A821-9BF5B1DC1F14}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw.exe |
"{8CF36969-D98C-423F-B873-549B5FEDD9FE}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{8EA419D6-3212-426C-A31D-51C0471F31B7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8F9D7954-E5F0-46F7-863E-722C3515CDDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90EA8FDA-9464-4005-A26F-DC03BFE3D151}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{93540388-162B-4D2C-BF28-AF08C78C3D68}" = protocol=17 | dir=in | app=c:\steam\steam.exe |
"{93F2F6E9-1406-4496-B7A4-1415CCE6EB24}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{95EC9291-EB65-40CB-BACB-B7EA57EF8B37}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9615DF33-8D3E-48EF-AB80-E291455BC8A6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{9B747902-2EC4-4111-BEDF-5DFB7A9D4CAC}" = protocol=1 | dir=out | [email protected],-28544 |
"{9B8C04F7-190F-4B8C-BCF9-816E0A5C9BEF}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{9C854FD7-B2F5-41E6-99AA-D2298C2622B7}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9D815120-C859-4971-A497-AB56371A1220}" = protocol=6 | dir=in | app=c:\steam\steam.exe |
"{9EAE9AC5-A14C-4934-A3AE-05F902C25BDB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9EF8914D-4528-45CD-A884-51AADCB29935}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A20F7303-AF8C-4794-989A-5ADB780B5265}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-enus-downloader.exe |
"{A48272A8-B9F5-4E5E-924E-548AF1E02F8F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{A54EB43D-53DE-4018-A03B-A5561A4A27F9}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{AB745D96-326C-4E5E-A595-0C0D30872054}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{AC4686AB-F351-4B60-AE38-005BAB73B676}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{AD1D8E4A-4B9C-486F-A17A-1D15DB81D59E}" = protocol=17 | dir=in | app=c:\ventrilo\ventrilo.exe |
"{AED060CC-89D1-453E-987F-7C7C1C7C51FB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{AF572392-2DF5-47A7-880D-AAACE647AB25}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{B2DAA303-55CC-4543-9309-5E9A7DE8460F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{B36CDEDA-F14C-49E8-BB4C-9E908FD50E58}" = protocol=6 | dir=in | app=c:\ventrilo\ventrilo.exe |
"{B3DA051B-002F-4C2B-8F5E-8EA240780BA5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-enus-downloader.exe |
"{B4911B98-2882-4C42-8504-951D37A463B3}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{B49D5536-B9A5-4EB1-8D12-D03424CA68C5}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{B94EEA61-8408-486F-9A8A-F9E33B5CE747}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-to-0.2.2.10357-enus-ptr-downloader.exe |
"{BA7C9328-E6AA-4943-8A09-09A84116375D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BAC2030E-8280-4EEA-B09F-B407F730A6B1}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{BF74C26C-E056-4BD7-B2C3-DE591D999004}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw.exe |
"{C34F41FD-06B3-4BB1-9E17-9CC98BEE96B4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{C3C01F0C-E7B2-49FA-9792-F76734F3762A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C64F07AC-C4E0-4710-AF2E-56E18B94A23E}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{C93E15DE-E0B3-41D1-B9ED-F3418A01BC22}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9AC9471-BAA2-4566-A6F7-19A55D5271B2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CBFBC766-1C9F-413B-AA72-2FA42BDF4971}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{CC1C043A-A85A-459A-A7C0-F7C313175B72}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-enus-ptr-downloader.exe |
"{CCE5048D-10BE-4BD8-9931-418CAB186059}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CF6363C5-7D6C-4E9E-9DAE-79D215A5B6FF}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{D0A0F61D-2F71-4931-95A6-6BFE2BA15F3B}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{D1F1ED5A-63DD-4F54-854C-48180D1F365A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-enus-downloader.exe |
"{D51B0E56-5DC0-42CE-A0F3-EF3BCA173187}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{D5F1D22C-A984-43EB-9E57-88F2C4C93C48}" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\counter-strike source\hl2.exe |
"{D6820A91-20CC-40F9-9F47-E652588CAB70}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{D8D0A3A4-EFF1-427F-9452-49BA0CCAB15D}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{DC222AEA-4ADE-4573-A974-492765DAF33A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10116-to-0.2.0.10128-enus-downloader.exe |
"{DFE929A5-5433-4A51-A913-F2B643A39B88}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E070DB33-DCC4-4C7B-8881-18571BFA2DC8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-enus-downloader.exe |
"{E26C05FB-0D4A-4710-A503-EA7AA2DEAAE4}" = protocol=17 | dir=in | app=c:\program files\disktrix\ultimatedefrag2008\udefrag.exe |
"{E29179E8-F991-4220-B666-383642B84E2B}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{E540CD0E-2B53-44D5-9547-C86DDFFEAEEE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E7715670-2839-4A71-9DA1-21802B930B73}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EFE64DC9-0277-4572-86C8-D697842DC4D1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{F2CFE8C8-ADFD-40DA-B18A-F0AFC041BC0C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F57E87DB-B816-4DEA-B5B1-FE48746938B2}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-to-0.2.2.10357-enus-ptr-downloader.exe |
"{F6B0A444-57CF-43F9-87D3-4E3939B7768A}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{FA629C74-1281-47DA-B657-E97ECBCFE561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD41BFB1-5D75-4B78-B287-7D1EC0EB348F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"TCP Query User{069A0E94-390F-42C7-B507-B734E7305A3E}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{09A6AB0B-89D0-45E0-99CD-321196BDD465}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{09B5D3A7-0D68-4B8C-9317-3AAA2920D8F7}C:\program files\modernrcon\pbucon\pbucon.exe" = protocol=6 | dir=in | app=c:\program files\modernrcon\pbucon\pbucon.exe |
"TCP Query User{0B0F4BB7-5BA5-409A-BE8E-D03FB6C90E24}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{175C817D-D3CC-4E19-AC4B-2781477DC351}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"TCP Query User{19389D7F-D306-4451-8BE1-BF3B378C9801}C:\program files\starcraft ii beta\versions\base14133\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base14133\sc2.exe |
"TCP Query User{248D8220-C917-48CD-9233-670FF24FDA75}C:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\eve online\bin\exefile.exe |
"TCP Query User{2BFB00CA-439C-4BA7-80E5-5F6A22FEC650}C:\steam\steamapps\bobo70461\source dedicated server\srcds.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\source dedicated server\srcds.exe |
"TCP Query User{30122C7C-3C28-405D-991E-61B610E5A159}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{330575B7-2D71-454B-AB8E-BA8730A1491A}C:\program files\tortun\gui.exe" = protocol=6 | dir=in | app=c:\program files\tortun\gui.exe |
"TCP Query User{336583F1-9755-4A4D-AB52-BB6F58CFC732}C:\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"TCP Query User{365D7FC5-91F2-4B93-89DD-F4E728186D47}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{391EAF69-76CF-4C2E-98A2-A765B13DC18D}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{3C39649A-779A-4A7D-8E0E-0FC16BE9C6F2}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{3F7BE297-E2EF-480A-91C1-0D69300DF204}C:\programdata\electronic arts\need for speed world\data\nfswo.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfswo.exe |
"TCP Query User{4BF65F3A-522D-4BA6-AF79-88F9A226897D}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{4E5B9470-5A45-4F8A-988F-D1AE1F38E35C}C:\program files\starcraft ii beta\versions\base14093\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base14093\sc2.exe |
"TCP Query User{4EAC7975-8AEB-4FD6-9F4A-2ADD773902AD}C:\steam\steamapps\bobo70461\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\insurgency\hl2.exe |
"TCP Query User{53B6F4BA-8B5C-4E85-8010-690907A4F52A}C:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe |
"TCP Query User{54339EA3-B388-4B72-B30B-6B1D9B1805E1}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{59C0B39C-5548-4702-B1DE-811A116660FB}C:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe |
"TCP Query User{674DC28B-8335-43DD-A99A-79FF9FC93CFC}C:\program files\modernrcon\modernrcon_v0.5.exe" = protocol=6 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.5.exe |
"TCP Query User{74AA0562-FFD2-4C62-B751-5B4703A8C103}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"TCP Query User{7A6DF0CC-B50C-478C-B2C7-D6E4770B3CDD}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"TCP Query User{8273E9DC-4621-4641-BB83-C4D6716CB534}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{842EC773-F59D-43A1-81D1-B66614412DA8}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{88517F6B-22CE-472F-AF46-9AD4406171D7}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8DFEB373-1CD1-4EE3-B059-FBC7913B7CF3}C:\users\owner\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"TCP Query User{93EF92C0-137B-4DF1-BB14-4FC1D64D3C88}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"TCP Query User{98D2E523-2E65-4A59-92D6-EC802F276202}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"TCP Query User{9CC0630F-4E71-405F-A77A-9B274563C7AD}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A50AC8E6-44F1-4A08-A5BC-85477210F11D}C:\steam\steamapps\bobo70461\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\team fortress 2\hl2.exe |
"TCP Query User{B86C52C7-CD8A-48F7-B600-380321D0E821}C:\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=c:\resident evil 5\re5dx9.exe |
"TCP Query User{B9446D96-078A-4850-970F-016E900B1C2E}C:\users\owner\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"TCP Query User{BA9E2890-88A1-4CC0-9922-E8996BE4FC09}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{CF2AC870-E613-4542-8A24-0F25909AA1CC}C:\steam\steamapps\common\rome total war alexander\testappa.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war alexander\testappa.exe |
"TCP Query User{D16488E3-2796-4338-B127-3CD48F1FA495}C:\steam\steamapps\common\all points bulletin\binaries\apb.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\all points bulletin\binaries\apb.exe |
"TCP Query User{D6949C84-0D99-4D24-81FE-39948806FA2F}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"TCP Query User{D9563ABC-01CF-4774-ADE2-25260DB8A094}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"TCP Query User{DB3AB051-CB8F-4370-A35C-283628306708}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{DEE032FD-2AD3-46BF-A5CD-92B44FE0CEB0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E0CAFABC-649F-478B-B97D-B7FA9A9B40F0}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{E15E1053-C81D-439E-8E1C-A1990A3E48F9}C:\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"TCP Query User{E4DEB1C5-C94C-44D1-B346-74F9F59122BA}C:\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=c:\resident evil 5\re5dx10.exe |
"UDP Query User{026207C5-04A1-4ED5-B603-34E0842D5F65}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{04DAA899-B734-450F-A0FC-2FAD472733A4}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"UDP Query User{05A05406-EBAE-464A-B82F-38780F38FDFC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{072168F8-5D1A-438A-93C3-ECB346C55A23}C:\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=c:\resident evil 5\re5dx9.exe |
"UDP Query User{134F78DE-DB2F-401A-B200-B090530C68F7}C:\program files\tortun\gui.exe" = protocol=17 | dir=in | app=c:\program files\tortun\gui.exe |
"UDP Query User{173AAE3C-44DE-404E-9D91-47AC10C73222}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1B16506A-92C3-4975-B39D-1377DEAA308E}C:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe |
"UDP Query User{219A39C7-AE2B-40F1-B6EB-124927C633F5}C:\program files\starcraft ii beta\versions\base14093\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base14093\sc2.exe |
"UDP Query User{24A4FBE4-1A70-4CEB-A415-29E7906F52EA}C:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe |
"UDP Query User{2C2B9285-C8F9-4B61-8BCD-6CE984ADADAB}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{2FDA6D6C-A86A-4184-92F3-C28FEA44040A}C:\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"UDP Query User{3267B6BC-108E-4271-A7A4-E6FA6D9F195E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{360A7D7B-A585-42CC-9D08-A9AE4D2A7935}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{3E4478F4-D0DE-44A9-9872-EFE066E9EC59}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"UDP Query User{3F08A55C-9553-4472-A62B-D3BC1AC280FF}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{4099C35F-2C9D-4254-BD4A-B42A45966B12}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{5539B1CF-1E10-4211-8A40-4EB0F806F226}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{5BF06A9A-B6A2-49CE-A79D-B0B9A6B5BD60}C:\program files\modernrcon\modernrcon_v0.5.exe" = protocol=17 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.5.exe |
"UDP Query User{60D054C6-FB11-429A-B14C-209DDD9F7986}C:\steam\steamapps\bobo70461\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\insurgency\hl2.exe |
"UDP Query User{6340F78F-8136-4D3B-A0F8-C300F2D3C7C0}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{6491CBEF-B0D1-4F6F-91EB-26D61966C525}C:\steam\steamapps\common\rome total war alexander\testappa.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war alexander\testappa.exe |
"UDP Query User{67ACFE4B-40AA-4247-98D7-8311859BD5EB}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{69164F87-3CBD-4B90-9F83-D4E6428384BA}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{6B56CB38-ED45-4686-B3FC-EFE1FD95E7A4}C:\steam\steamapps\common\all points bulletin\binaries\apb.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\all points bulletin\binaries\apb.exe |
"UDP Query User{7F4CA58F-5BBB-4627-9705-F6CD311CF79C}C:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\eve online\bin\exefile.exe |
"UDP Query User{90C123DB-42F2-494D-A091-99AEFBE05053}C:\steam\steamapps\bobo70461\source dedicated server\srcds.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\source dedicated server\srcds.exe |
"UDP Query User{93045011-BF5C-410A-905A-BA4537010A14}C:\steam\steamapps\bobo70461\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\team fortress 2\hl2.exe |
"UDP Query User{94A5AEB8-5EC0-4542-8B6B-432D5B430A57}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"UDP Query User{98063431-9F12-46B3-9456-9A95D9EF0CD0}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A87C4E92-5C77-4CDD-B943-F8D743ADBA50}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B72CD9F6-04F2-4B02-B87B-7A31379E222A}C:\program files\starcraft ii beta\versions\base14133\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base14133\sc2.exe |
"UDP Query User{BC843199-9834-42EA-94F2-2620288757F5}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{BDE723AA-8DA3-4CF3-8B5A-315CE0DEE399}C:\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=c:\resident evil 5\re5dx10.exe |
"UDP Query User{BFE4C389-162D-419C-B284-7BAB24EF97BE}C:\users\owner\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"UDP Query User{D46A22E6-AFFE-4A56-8668-04025BB57408}C:\programdata\electronic arts\need for speed world\data\nfswo.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfswo.exe |
"UDP Query User{DA6E081C-3716-4AE6-93A3-9535D7C18BA5}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"UDP Query User{DB47EC05-89FB-4CAF-93FC-5E9A03036E97}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"UDP Query User{DEADB917-9559-4AE0-B366-D7A8EC832387}C:\users\owner\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"UDP Query User{E39D3EEE-73C8-4977-9AEC-A6ED0466E0ED}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"UDP Query User{E3C90703-4F73-4041-BFAE-F54A54CD68C6}C:\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"UDP Query User{EDDD7DC7-FD7D-4A02-9FC2-173F9FB343A5}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{F2415DA2-DC40-496B-9509-EEB4BE0A2472}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{F6896ED1-6E14-4A2D-ACED-B71441A0E59A}C:\program files\modernrcon\pbucon\pbucon.exe" = protocol=17 | dir=in | app=c:\program files\modernrcon\pbucon\pbucon.exe |
"UDP Query User{FC32940B-393C-41DD-99FC-93EB093AE677}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r320)
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{036778E0-D3CE-40AC-94E7-F5AF42F3245D}" = System Requirements Lab
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War™ 1.6 Patch
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0C35EAE4-A535-46B7-B4BF-68952BD94E68}" = Uniblue DiskRescue 2009
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War™ 1.3 Patch
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A127AE-2DAF-40B7-8374-34C3E629521C}" = Far Cry (Patch 1.3)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 21
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War™ 1.2 Patch
"{30349EFD-29C6-471B-B720-10D805B2D9F3}" = NCsoft Launcher
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java™ SE Development Kit 6 Update 13
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java™ SE Development Kit 6 Update 18
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java™ SE Development Kit 6 Update 20
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3AFC29CB-DB12-43CC-A92A-E0AE4F78D901}" = Battlefield 2 Remote Server Admin
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{519FCD20-AB3E-4A4F-AA30-2AAED80513A8}" = Lightscribe Extended Label Contrast Utility
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A6DCB18-3ECB-46DC-894B-5EFE08C0BD9B}" = Mega Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373184D-8E8F-4308-912A-3901071FA1AD}" = LightScribe Applications
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty® - World at War™ 1.7 Patch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare™ 1.5 Patch
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8681B1E6-CD96-46EF-9065-CE0D1085ED99}" = Star Wars JK II Jedi Outcast
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90C1F682-9F40-42EC-BBE0-D2A1A4987E1B}" = LightScribe Diagnostic Utility
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War™ 1.4 Patch
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AE6FB4CD-554F-4560-9A99-F8AE602414DB}" = TortoiseSVN 1.6.0.15855 (32 bit)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War™ 1.5 Patch
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa
"{E47BA573-BBC4-40C1-8A7D-B25F2F2B0DAE}" = Far Cry (Patch 1.32)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9E3EE81-6E7F-47A3-8D38-3470256704DB}_is1" = Tortun 0.8
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}" = O&O Defrag Professional
"{EE8592F6-FC2B-4AFD-B527-109D127C039F}" = Far Cry (Patch 1.31)
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"3DMIDI" = Creative 3DMIDI Player
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALchemy" = Creative ALchemy
"Astroburn Lite" = Astroburn Lite
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio Control Panel
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"CoD RconTool 10" = CoD RconTool 10
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"Creative Volume Panel" = Volume Panel
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diagnostics 4_5" = Creative Diagnostics
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Download Manager" = Download Manager 2.3.9
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON Stylus NX400 Series" = EPSON Stylus NX400 Series Printer Uninstall
"ERUNT_is1" = ERUNT 1.1j
"Firefox Preloader_is1" = Firefox Preloader
"Fraps" = Fraps
"Free Easy Burner_is1" = Free Easy Burner V 4.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.8.0
"Free Studio_is1" = Free Studio version 4.1
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.1
"GSC 2.00" = GSC 2.00
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"HijackThis" = HijackThis 2.0.2
"Image Merger .EXE_is1" = Image Merger .EXE 1.0.0.19
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War™ 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War™ 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War™ 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty® - World at War™ 1.7 Patch
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War™ 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War™ 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.0 Full
"LimeWire" = LimeWire 5.5.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MobMap_is1" = MobMap 3.46
"ModernRcon v0.5" = ModernRcon v0.5
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MS Access 97 SP2" = MS Access 97 SP2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PFPortChecker" = PFPortChecker 1.0.32
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.89
"Runic Games Torchlight" = Torchlight
"SereneScreen Aquarium" = SereneScreen Aquarium
"SFBM" = SoundFont Bank Manager
"Silent Package Run-Time Sample" = EPSON NX400 User's Guide
"SpyEraser_is1" = Uniblue SpyEraser
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 17020" = Global Agenda
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 4760" = Rome: Total War Gold Edition
"Steam App 550" = Left 4 Dead 2
"Steam App 630" = Alien Swarm
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"UltimateDefrag 2008 Trial" = UltimateDefrag 2008 Trial
"Uniblue DiskRescue 2009" = Uniblue DiskRescue 2009
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VistaGlazz_is1" = VistaGlazz 2.1
"VTFEdit_is1" = VTFEdit 1.2.5
"Warcraft III" = Warcraft III
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = WinRAR archiver
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"WOLAPI" = Westwood Shared Internet Components
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/21/2010 12:32:14 | Computer Name = User-PC | Source = IS360service | ID = 0
Description =

Error - 8/21/2010 12:34:13 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/21/2010 12:38:42 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/21/2010 12:55:10 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/21/2010 12:57:56 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/21/2010 13:11:40 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/21/2010 15:43:41 | Computer Name = User-PC | Source = VSS | ID = 8194
Description =

Error - 8/21/2010 16:23:43 | Computer Name = User-PC | Source = VSS | ID = 8194
Description =

Error - 8/21/2010 16:35:22 | Computer Name = User-PC | Source = Perflib | ID = 1008
Description =

Error - 8/21/2010 16:35:22 | Computer Name = User-PC | Source = Perflib | ID = 1010
Description =

[ Media Center Events ]
Error - 10/14/2007 01:49:25 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/15/2007 17:49:44 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/26/2007 15:55:22 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/16/2007 18:50:20 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/16/2007 20:49:14 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/21/2007 22:45:29 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/30/2008 04:42:55 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/11/2008 01:42:54 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/3/2009 17:34:57 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/1/2009 23:31:55 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 2/10/2009 23:50:18 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1211
seconds with 900 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/21/2010 15:48:45 | Computer Name = User-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 8/21/2010 15:49:36 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/21/2010 15:49:36 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/21/2010 16:19:04 | Computer Name = User-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/21/2010 16:19:22 | Computer Name = User-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/21/2010 16:19:46 | Computer Name = User-PC | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =


< End of report >

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-21 15:53:53
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kxldapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwAssignProcessToJobObject [0x8C5ED1CC]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwCreateThread [0x8C5ED206]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenProcess [0x8C5ED51A]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenThread [0x8C5ED3F6]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwProtectVirtualMemory [0x8C5ED292]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwSetContextThread [0x8C5ED18E]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateProcess [0x8C5ED64E]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateThread [0x8C5ED316]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwWriteVirtualMemory [0x8C5ED34E]

INT 0x52 ? 8635CBF8
INT 0x62 ? 8635DBF8
INT 0x63 ? 886A1BF8
INT 0x72 ? 8635DBF8
INT 0x73 ? 8635CBF8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x96548B9C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x965489C0]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0x96548AFA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 191 832F48F4 4 Bytes [CC, D1, 5E, 8C] {INT 3 ; RCR DWORD [ESI-0x74], 0x1}
.text ntkrnlpa.exe!KeSetEvent + 221 832F4984 4 Bytes [06, D2, 5E, 8C] {PUSH ES; RCR BYTE [ESI-0x74], CL}
.text ntkrnlpa.exe!KeSetEvent + 3F1 832F4B54 4 Bytes [1A, D5, 5E, 8C]
.text ntkrnlpa.exe!KeSetEvent + 40D 832F4B70 4 Bytes [F6, D3, 5E, 8C]
.text ntkrnlpa.exe!KeSetEvent + 431 832F4B94 4 Bytes [92, D2, 5E, 8C] {XCHG EDX, EAX; RCR BYTE [ESI-0x74], CL}
.text ...
PAGE ntkrnlpa.exe!ZwLoadDriver 833B3DF0 7 Bytes JMP 96548AFE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8341F28F 5 Bytes JMP 965445B4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObInsertObject 83478063 5 Bytes JMP 96545F6C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!NtCreateSection 83479905 7 Bytes JMP 965489C4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 834D990A 7 Bytes JMP 96548BA0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
? System32\Drivers\speh.sys The system cannot find the path specified. !
PAGE ataport.SYS!DllUnload 83D3EB2E 5 Bytes JMP 8635D1D8
.text USBPORT.SYS!DllUnload 9105541B 5 Bytes JMP 886A11D8
.text ao1vzsfe.SYS 91508000 22 Bytes [82, C3, 21, 83, 6C, C2, 21, ...]
.text ao1vzsfe.SYS 91508017 84 Bytes [00, 32, A7, 78, 80, 3D, A5, ...]
.text ao1vzsfe.SYS 9150806C 96 Bytes [90, EE, 28, 83, 98, EE, 2E, ...]
.text ao1vzsfe.SYS 915080CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text ao1vzsfe.SYS 915080DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...
PAGE spsys.sys!?SPVersion@@3PADA + 1ABF A645103F 110 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F A64510AF 1 Byte [16]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F A64510AF 128 Bytes [16, 3B, C8, 75, E2, B0, 01, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB0 A6451130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB7 A6451137 2298 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE ...
? C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS The system cannot find the file specified. !
? C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\OO Software\Defrag\oodag.exe[3228] kernel32.dll!SetUnhandledExceptionFilter 75E6A84F 5 Bytes JMP 00401280 C:\Program Files\OO Software\Defrag\oodag.exe (O&O Defrag Agent (Win32)/O&O Software GmbH)
.text C:\Program Files\Mozilla Firefox\firefox.exe[4584] ntdll.dll!LdrLoadDll 77519390 5 Bytes JMP 00C113F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
Device \FileSystem\Ntfs \Ntfs 86CF41F8
Device \FileSystem\udfs \UdfsCdRom 8A7E91F8
Device \FileSystem\udfs \UdfsDisk 8A7E91F8
Device \Driver\volmgr \Device\VolMgrControl 8635F1F8
Device \Driver\usbohci \Device\USBPDO-0 8875E1F8
Device \Driver\usbehci \Device\USBPDO-1 8875F1F8

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\volmgr \Device\HarddiskVolume1 8635F1F8
Device \Driver\cdrom \Device\CdRom0 887601F8
Device \Driver\cdrom \Device\CdRom1 887601F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 86CF11F8
Device \Driver\atapi \Device\Ide\IdePort0 86CF11F8
Device \Driver\atapi \Device\Ide\IdePort1 86CF11F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2 86CF11F8
Device \Driver\sptd \Device\356469049 speh.sys
Device \Driver\cdrom \Device\CdRom2 887601F8
Device \Driver\cdrom \Device\CdRom3 887601F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8A7A9500
Device \Driver\Smb \Device\NetbiosSmb 8A3C81F8
Device \Driver\nvstor32 \Device\RaidPort0 86CF31F8

AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\nvstor32 \Device\RaidPort1 86CF31F8
Device \Driver\PCI_PNP1041 \Device\0000005e speh.sys
Device \Driver\iScsiPrt \Device\RaidPort2 888911F8
Device \Driver\usbohci \Device\USBFDO-0 8875E1F8
Device \Driver\usbehci \Device\USBFDO-1 8875F1F8
Device \Driver\nvstor32 \Device\0000006e 86CF31F8
Device \Driver\netbt \Device\NetBT_Tcpip_{F7807230-7B87-4252-B9F6-416C5DF1300E} 8A7A9500
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1 8889A1F8
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1Port6Path0Target0Lun0 8889A1F8
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1Port6Path0Target1Lun0 8889A1F8
Device \FileSystem\cdfs \Cdfs 886C41F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -2090808924
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 343200403
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x88 0x10 0x4C 0xAD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1F 0xB8 0xFC 0xCE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0xC0 0x63 0x6A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x2A 0x1F 0xB7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2D 0x30 0x79 0x18 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB2 0x8B 0x36 0x42 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0x2D 0x81 0x46 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x88 0x10 0x4C 0xAD ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1F 0xB8 0xFC 0xCE ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0xC0 0x63 0x6A ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x2A 0x1F 0xB7 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2D 0x30 0x79 0x18 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB2 0x8B 0x36 0x42 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0x2D 0x81 0x46 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\[email protected] 819D035DC69383A6BE1501533224B4562A2A899D093F2FF91C0EBCA64461C8371AC7D9BD364D0B76FE25586A1BD6E52FF8473C4880ADBC54D940D579F6C43DCAAD39329E1CC307EFABAFF9EAE589262C6DBF06C2D03ED89E057DD9E44DF32B51CDDFDBAD095E5E7EA1BD6CE5018F9F6AD1D2C09C65CC9245735F191BCFF329A7FC513B6046694C92B2FCC8AD111CD20A62685BACDF19CE3CF027F5133B2C20323445C7EBCB16DD1FA3BCBBDCED4994B05288560BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6A0AC4980AC79335D575E7D6A3B98086BA1F1DA35CF11B9C2F15CF31F30D376E92F3B90B20C920AF8F8779F99F269B56F87BA1F6710B5424A71A97110327CDB64FC6A433CE692022D027BFEDBA3A3892E5B5FDA1F03002560EC15E9A78D3D09CB32DC429993289480E2D6B5F99982955A276419D8D015931355E618CDA312302C48441B43CDC1931C40BF431889086DD75727E906C72D80A780C1BC61FA08C5C61E25E0A4F465945E9FC0294ECA4E67C33BD3618A5617251428191D34BCC1048F75D6279B892773586E376E28D8019FEC88EE15C014B37D84E8B2820D38746630F58709FB35B34CCE79D49DA555DFF5D2564D23F43778C8D744AC38255DECAF8329B7A28CC0C904BCF61FC

---- EOF - GMER 1.0.15 ----

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4458

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

8/21/2010 16:12:00
mbam-log-2010-08-21 (16-12-00).txt

Scan type: Quick scan
Objects scanned: 163436
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP