Can't connect to network after removing Antimalware Doctor
#31
Posted 04 November 2010 - 04:59 PM
#32
Posted 04 November 2010 - 05:08 PM
OTS logfile created on: 11/4/2010 7:01:09 PM - Run 3
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.74 Gb Free Space | 37.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 17:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 08:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 17:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 17:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 17:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 16:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 16:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 16:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 16:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 16:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 16:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 16:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 18:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 02:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 11:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 02:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 15:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 18:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 10:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 18:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 18:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 21:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 08:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 23:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 11:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 17:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 15:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 19:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 21:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 18:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 19:56:27 | 000,000,000 | --SD | C]
cmdcons -> C:\cmdcons -> [2010/10/27 15:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 18:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 18:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 18:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 18:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 18:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 18:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 17:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 20:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 20:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 20:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 20:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 20:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 19:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 22:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 22:10:07 | 000,000,000 | -H-D | C]
Temp -> C:\Documents and Settings\Owner\Local Settings\Application Data\Temp -> [2010/10/09 10:40:13 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google -> [2010/10/09 10:40:10 | 000,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/04 18:47:46 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/04 18:47:41 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/04 18:47:39 | 3210,780,672 | -HS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/04 18:45:37 | 000,000,978 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 15:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 21:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 15:25:05 | 000,000,327 | RHS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/10/26 17:56:58 | 000,445,472 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/10/26 17:56:58 | 000,072,824 | ---- | M] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 22:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 10:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 03:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 03:03:28 | 000,001,393 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/10/05 21:44:02 | 000,032,256 | ---- | M] ()
[Files - No Company Name]
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 19:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 15:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 15:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 18:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 18:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 18:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 18:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 18:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 19:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 19:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 01:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/20 00:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/10/09 10:40:12 | 000,000,978 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/09 10:40:12 | 000,000,926 | ---- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 21:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 20:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 20:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 22:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 22:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 16:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 16:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 10:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 17:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 17:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 16:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 15:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 15:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 15:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 15:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 15:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 07:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 11:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 11:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 18:05:08 | 000,002,695 | ---- | C] ()
[File - Lop Check]
pdf995 -> C:\Documents and Settings\All Users\Application Data\pdf995 -> [2010/07/13 20:35:54 | 000,000,000 | ---D | M]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | M]
Temp -> C:\Documents and Settings\All Users\Application Data\Temp -> [2009/07/21 16:26:43 | 000,000,000 | ---D | M]
Uninstall -> C:\Documents and Settings\All Users\Application Data\Uninstall -> [2009/07/21 15:55:23 | 000,000,000 | ---D | M]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/07 18:56:12 | 000,000,000 | ---D | M]
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009/10/06 09:37:45 | 000,000,000 | ---D | M]
com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> [2009/12/06 14:48:32 | 000,000,000 | ---D | M]
dBpoweramp -> C:\Documents and Settings\Owner\Application Data\dBpoweramp -> [2010/03/03 20:13:37 | 000,000,000 | ---D | M]
ICAClient -> C:\Documents and Settings\Owner\Application Data\ICAClient -> [2010/07/13 18:02:28 | 000,000,000 | ---D | M]
IObit -> C:\Documents and Settings\Owner\Application Data\IObit -> [2009/10/30 14:07:29 | 000,000,000 | ---D | M]
pdf995 -> C:\Documents and Settings\Owner\Application Data\pdf995 -> [2010/03/16 21:01:57 | 000,000,000 | ---D | M]
tmp -> C:\Documents and Settings\Owner\Application Data\tmp -> [2010/03/11 21:07:58 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\Tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
[File - Purity Scan]
[Custom Scans]
< netsvcs >
< MD5 Scans Start>
< %systemdrive%\NETBIOS.SYS /md5 /s >
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\dllcache\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\drivers\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
< %systemdrive%\TCPIP.SYS /md5 /s >
tcpip.sys : MD5=93EA8D04EC73A85DB02EB8805988F733 -> C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys -> [2008/04/14 08:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\dllcache\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\drivers\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=AD978A1B783B5719720CFF204B666C8E -> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys -> [2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< End of report >
#33
Posted 05 November 2010 - 01:42 PM
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:Files
C:\WINDOWS\system32\drivers\netbios.sys|C:\WINDOWS\system32\dllcache\netbios.sys /replace
C:\WINDOWS\system32\drivers\tcpip.sys|C:\WINDOWS\system32\dllcache\tcpip.sys /replace
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
Retry the internet
I will review the information when it comes back in.
#34
Posted 05 November 2010 - 02:46 PM
All Processes Killed
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbios.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbios.sys
File C:\WINDOWS\system32\drivers\tcpip.sys successfully replaced with C:\WINDOWS\system32\dllcache\tcpip.sys
[Empty Temp Folders]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Owner
->Temp folder emptied: 11997896 bytes
->Temporary Internet Files folder emptied: 217894 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3281936 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212992 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3397182 bytes
Total Files Cleaned = 18.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Owner
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTS Restore Point (0)
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11052010_164104
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
#35
Posted 05 November 2010 - 03:14 PM
#36
Posted 05 November 2010 - 03:14 PM
#37
Posted 06 November 2010 - 04:57 AM
Download OTS to your Desktop and double-click on it to run it
- Make sure you close all other programs and don't use the PC while the scan runs.
- Select All Users
- Under custom scans paste in the following
/md5start
netbt.sys
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt
- Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
- When the scan is complete Notepad will open with the report file loaded in it.
- Please attach the log in your next post.
#38
Posted 08 November 2010 - 04:58 PM
OTS logfile created on: 11/8/2010 5:49:21 PM - Run 5
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.75 Gb Free Space | 37.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
adobe_updater.exe -> C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe -> [2009/01/08 06:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 16:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 07:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 16:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 16:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 16:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 15:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 15:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 15:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 15:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 15:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 15:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 15:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 17:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 01:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 10:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 01:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 18:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 17:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 09:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 17:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 17:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 20:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 07:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 22:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 10:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 16:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 14:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 18:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 20:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 17:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 18:56:27 | 000,000,000 | --SD | C]
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 17:25:55 | 004,608,744 | ---- | C] (Microsoft Corporation)
cmdcons -> C:\cmdcons -> [2010/10/27 14:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 17:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 17:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 17:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 17:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 17:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 17:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 16:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 19:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 19:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 19:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 19:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 19:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 18:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 14:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 21:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 21:10:07 | 000,000,000 | -H-D | C]
[Files/Folders - Modified Within 30 Days]
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/05 19:45:05 | 000,000,978 | ---- | M] ()
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 17:32:22 | 000,779,711 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/05 15:43:50 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/05 15:42:28 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/05 15:42:23 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/05 15:42:21 | 3210,780,672 | -HS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/11/05 15:41:19 | 000,446,348 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/11/05 15:41:19 | 000,073,342 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 14:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 20:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 17:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 14:25:05 | 000,000,327 | RHS- | M] ()
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 14:20:44 | 004,608,744 | ---- | M] (Microsoft Corporation)
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 21:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 09:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 02:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 02:03:28 | 000,001,393 | ---- | M] ()
[Files - No Company Name]
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 19:04:20 | 000,779,711 | ---- | C] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 18:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 14:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 14:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 17:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 17:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 17:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 17:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 17:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 18:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 18:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 00:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/19 23:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 20:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 19:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 19:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 21:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 21:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 15:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 15:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 09:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 16:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 16:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 15:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 14:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 14:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 14:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 14:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 14:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 06:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 10:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 10:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 17:05:08 | 000,002,695 | ---- | C] ()
[Custom Scans]
< MD5 Scans Start>
< %systemdrive%\NETBT.SYS /md5 /s >
netbt.sys : MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -> C:\WINDOWS\system32\dllcache\netbt.sys -> [2008/04/14 07:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt >
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt\ not found. -> ->
< End of report >
#39
Posted 08 November 2010 - 05:07 PM
I can replace the file now - but as I am on windows 7 I will need to get the necessary reg data from an XP system. So lets put the file back - and I will get the data for the reg key in a bit
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:files
C:\WINDOWS\system32\drivers\netbt.sys|C:\WINDOWS\system32\dllcache\netbt.sys /replace
:end
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
#40
Posted 08 November 2010 - 05:20 PM
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbt.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbt.sys
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11082010_181945
#41
Posted 09 November 2010 - 03:52 AM
Extract the Netbt.reg file to your desktop
Right click the reg file and select merge
Accept the warning
Once done reboot and try the net
#42
Posted 09 November 2010 - 06:52 AM
---------------------------
Registry Editor
---------------------------
Cannot import C:\Documents and Settings\Owner\Desktop\Netbt.reg: Error accessing the registry.
---------------------------
OK
---------------------------
#43
Posted 09 November 2010 - 06:54 AM
#44
Posted 09 November 2010 - 07:43 AM
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls] [Custom Items] :reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT] "Type"=dword:00000001 "Start"=dword:00000001 "ErrorControl"=dword:00000001 "Tag"=dword:00000006 "ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\ 52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,\ 00,73,00,79,00,73,00,00,00 "DisplayName"="NetBios over Tcpip" "Group"="PNP_TDI" "DependOnService"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 "DependOnGroup"=hex(7):00,00 "Description"="NetBios over Tcpip" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage] "OtherDependencies"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 "Bind"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\ 00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,\ 37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,\ 00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,\ 30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,\ 00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,\ 39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,\ 00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,\ 41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,\ 00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,\ 7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,\ 00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,\ 31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,\ 00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\ 69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,\ 00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,\ 30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,\ 00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,\ 5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,\ 00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,\ 42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,\ 00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,\ 76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,\ 00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,\ 38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,\ 00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,\ 00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,\ 00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,\ 2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,\ 00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,\ 45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\ 00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,\ 33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,\ 00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,\ 36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,\ 00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,\ 36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,\ 00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,\ 39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,\ 00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,\ 70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,\ 00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,\ 32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,\ 00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\ 54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,\ 00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,\ 45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,\ 00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\ 69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,\ 00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,\ 34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,\ 00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,\ 44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,\ 00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,\ 35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,\ 00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,\ 7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\ 00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,\ 2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,\ 00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,\ 46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\ 00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,\ 35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,\ 00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,\ 37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,\ 00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,\ 36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,\ 00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,\ 38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,\ 00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,\ 7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,\ 00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,\ 46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,\ 00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\ 69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,\ 00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,\ 41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,\ 00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\ 54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,\ 00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,\ 2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,\ 00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,\ 63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,\ 00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,\ 38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,\ 00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,\ 65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,\ 00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,\ 35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,\ 00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,\ 00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,\ 00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,\ 42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,\ 00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,\ 44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,\ 00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,\ 41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,\ 00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,\ 44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\ 00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,\ 38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,\ 00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,\ 37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,\ 00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,\ 34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,\ 00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,\ 37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,\ 00,00,00 "Route"=hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,\ 34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,\ 00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,\ 37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,\ 00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,\ 38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,\ 00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,\ 32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,\ 00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,\ 34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,\ 00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,\ 38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,\ 00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,\ 45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,\ 00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,\ 46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,\ 00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,\ 35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,\ 00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,\ 41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,\ 00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\ 00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,\ 42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,\ 00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,\ 22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,44,\ 00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,\ 2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,\ 00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,\ 00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,45,\ 00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,\ 34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,\ 00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,\ 22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,\ 00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,\ 31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,\ 00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,\ 54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,\ 00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,\ 30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,\ 00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,\ 63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,\ 00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,\ 43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,\ 00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,\ 70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,\ 00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,\ 2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,\ 00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,\ 69,00,70,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,\ 00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,\ 38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,\ 00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,\ 70,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,\ 00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,\ 38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,\ 00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,\ 22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,\ 00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,\ 32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,\ 00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,\ 20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,\ 00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,\ 36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,\ 00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,\ 22,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,49,00,70,00,22,00,00,00,00,\ 00 "Export"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\ 00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,\ 30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,\ 00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,\ 46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,\ 00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\ 5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,\ 00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,\ 35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,\ 00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,\ 76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,\ 00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,\ 36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,\ 00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,\ 45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\ 00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\ 70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,\ 00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,\ 42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,\ 00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\ 4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,\ 00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,\ 33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,\ 00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,\ 7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\ 00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,\ 33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,\ 00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,\ 31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,\ 00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\ 5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,\ 00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,\ 37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,\ 00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,\ 76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,\ 00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,\ 46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,\ 00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,\ 44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\ 00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\ 70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,\ 00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,\ 43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,\ 00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\ 4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,\ 00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,\ 36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,\ 00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,\ 7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\ 00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,\ 39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,\ 00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,\ 32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,\ 00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\ 5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,\ 00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,\ 31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,\ 00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\ 69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,\ 00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,\ 2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,\ 00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,\ 31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\ 00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,\ 7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,\ 00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,\ 31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,\ 00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,\ 42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,\ 00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,\ 31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,\ 00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,\ 65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,\ 00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,\ 34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,\ 00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,\ 43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\ 00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\ 70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,\ 00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,\ 33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,\ 00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,\ 65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,\ 00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,\ 2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,\ 00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,\ 5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,\ 00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,\ 33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,\ 00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,\ 36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,\ 00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,\ 70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,\ 00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,\ 45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,\ 00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,\ 5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,\ 00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,\ 41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,\ 00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,\ 7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\ 00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,\ 32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,\ 00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,\ 36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,\ 00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,\ 54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,\ 00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,\ 2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,\ 00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,\ 63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,\ 00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,\ 42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,\ 00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,\ 42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,\ 00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,\ 34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,\ 00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,\ 37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,\ 00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] "NbProvider"="_tcp" "NameServerPort"=dword:00000089 "CacheTimeout"=dword:000927c0 "BcastNameQueryCount"=dword:00000003 "BcastQueryTimeout"=dword:000002ee "NameSrvQueryCount"=dword:00000003 "NameSrvQueryTimeout"=dword:000005dc "Size/Small/Medium/Large"=dword:00000001 "SessionKeepAlive"=dword:0036ee80 "TransportBindName"="\\Device\\" "EnableLMHOSTS"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}] "NameServerList"=hex(7):00,00 "RASFlags"=dword:00000001 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}] "NameServerList"=hex(7):00,00 "NetbiosOptions"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Security] "Security"=hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\ 05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\ 02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,\ 00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,\ 00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,\ 01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,\ 00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\ 00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum] "0"="Root\\LEGACY_NETBT\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000] "Service"="NetBT" "Legacy"=dword:00000001 "ConfigFlags"=dword:00000000 "Class"="LegacyDriver" "ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}" "DeviceDesc"="NetBios over Tcpip" "Capabilities"=dword:00000000 "Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0023" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\Control] "ActiveService"="NetBT" :end
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
#45
Posted 09 November 2010 - 07:00 PM
[Custom Items]
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Type"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Start"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Tag"|dword:00000006 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ImagePath"|hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,00,73,00,79,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DisplayName"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Group"|"PNP_TDI" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnService"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnGroup"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Description"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"OtherDependencies"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Bind"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Route"|hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,49,00,70,00,22,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Export"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NbProvider"|"_tcp" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameServerPort"|dword:00000089 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"CacheTimeout"|dword:000927c0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastNameQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastQueryTimeout"|dword:000002ee /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryTimeout"|dword:000005dc /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"Size/Small/Medium/Large"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"SessionKeepAlive"|dword:0036ee80 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"TransportBindName"|"\\Device\\" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"EnableLMHOSTS"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"RASFlags"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Security\\"Security"|hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"0"|"Root\\LEGACY_NETBT\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\\"NextInstance"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Service"|"NetBT" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Legacy"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ConfigFlags"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Class"|"LegacyDriver" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ClassGUID"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"DeviceDesc"|"NetBios over Tcpip" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Capabilities"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Driver"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0023" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\Control\\"ActiveService"|"NetBT" /E!
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11092010_195743
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users