Can't connect to network after removing Antimalware Doctor
Started by
togatown
, Oct 25 2010 02:39 PM
This topic is locked
#31
Posted 04 November 2010 - 04:59 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
#32
Posted 04 November 2010 - 05:08 PM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
It only opened one notepad window after the scan. OTS.txt. It did not open the extras log and I can't seem to find it either. here is the OTS.txt log
OTS logfile created on: 11/4/2010 7:01:09 PM - Run 3
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.74 Gb Free Space | 37.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 17:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 08:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 17:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 17:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 17:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 16:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 16:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 16:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 16:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 16:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 16:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 16:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 18:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 02:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 11:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 02:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 15:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 18:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 10:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 18:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 18:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 21:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 08:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 23:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 11:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 17:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 15:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 19:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 21:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 18:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 19:56:27 | 000,000,000 | --SD | C]
cmdcons -> C:\cmdcons -> [2010/10/27 15:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 18:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 18:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 18:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 18:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 18:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 18:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 17:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 20:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 20:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 20:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 20:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 20:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 19:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 22:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 22:10:07 | 000,000,000 | -H-D | C]
Temp -> C:\Documents and Settings\Owner\Local Settings\Application Data\Temp -> [2010/10/09 10:40:13 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google -> [2010/10/09 10:40:10 | 000,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/04 18:47:46 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/04 18:47:41 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/04 18:47:39 | 3210,780,672 | -HS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/04 18:45:37 | 000,000,978 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 15:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 21:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 15:25:05 | 000,000,327 | RHS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/10/26 17:56:58 | 000,445,472 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/10/26 17:56:58 | 000,072,824 | ---- | M] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 22:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 10:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 03:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 03:03:28 | 000,001,393 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/10/05 21:44:02 | 000,032,256 | ---- | M] ()
[Files - No Company Name]
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 19:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 15:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 15:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 18:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 18:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 18:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 18:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 18:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 19:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 19:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 01:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/20 00:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/10/09 10:40:12 | 000,000,978 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/09 10:40:12 | 000,000,926 | ---- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 21:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 20:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 20:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 22:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 22:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 16:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 16:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 10:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 17:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 17:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 16:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 15:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 15:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 15:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 15:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 15:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 07:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 11:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 11:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 18:05:08 | 000,002,695 | ---- | C] ()
[File - Lop Check]
pdf995 -> C:\Documents and Settings\All Users\Application Data\pdf995 -> [2010/07/13 20:35:54 | 000,000,000 | ---D | M]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | M]
Temp -> C:\Documents and Settings\All Users\Application Data\Temp -> [2009/07/21 16:26:43 | 000,000,000 | ---D | M]
Uninstall -> C:\Documents and Settings\All Users\Application Data\Uninstall -> [2009/07/21 15:55:23 | 000,000,000 | ---D | M]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/07 18:56:12 | 000,000,000 | ---D | M]
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009/10/06 09:37:45 | 000,000,000 | ---D | M]
com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> [2009/12/06 14:48:32 | 000,000,000 | ---D | M]
dBpoweramp -> C:\Documents and Settings\Owner\Application Data\dBpoweramp -> [2010/03/03 20:13:37 | 000,000,000 | ---D | M]
ICAClient -> C:\Documents and Settings\Owner\Application Data\ICAClient -> [2010/07/13 18:02:28 | 000,000,000 | ---D | M]
IObit -> C:\Documents and Settings\Owner\Application Data\IObit -> [2009/10/30 14:07:29 | 000,000,000 | ---D | M]
pdf995 -> C:\Documents and Settings\Owner\Application Data\pdf995 -> [2010/03/16 21:01:57 | 000,000,000 | ---D | M]
tmp -> C:\Documents and Settings\Owner\Application Data\tmp -> [2010/03/11 21:07:58 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\Tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
[File - Purity Scan]
[Custom Scans]
< netsvcs >
< MD5 Scans Start>
< %systemdrive%\NETBIOS.SYS /md5 /s >
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\dllcache\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\drivers\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
< %systemdrive%\TCPIP.SYS /md5 /s >
tcpip.sys : MD5=93EA8D04EC73A85DB02EB8805988F733 -> C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys -> [2008/04/14 08:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\dllcache\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\drivers\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=AD978A1B783B5719720CFF204B666C8E -> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys -> [2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< End of report >
OTS logfile created on: 11/4/2010 7:01:09 PM - Run 3
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.74 Gb Free Space | 37.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 17:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 08:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 17:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 17:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 17:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 16:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 16:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 16:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 16:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 16:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 16:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 16:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 18:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 02:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 11:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 02:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 15:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 18:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 10:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 18:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 18:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 21:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 08:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 23:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 11:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 17:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 15:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 19:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 21:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 18:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 19:56:27 | 000,000,000 | --SD | C]
cmdcons -> C:\cmdcons -> [2010/10/27 15:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 18:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 18:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 18:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 18:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 18:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 18:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 17:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 20:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 20:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 20:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 20:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 20:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 19:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 22:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 22:10:07 | 000,000,000 | -H-D | C]
Temp -> C:\Documents and Settings\Owner\Local Settings\Application Data\Temp -> [2010/10/09 10:40:13 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google -> [2010/10/09 10:40:10 | 000,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/04 18:47:46 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/04 18:47:41 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/04 18:47:39 | 3210,780,672 | -HS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/04 18:45:37 | 000,000,978 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 15:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 21:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 15:25:05 | 000,000,327 | RHS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/10/26 17:56:58 | 000,445,472 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/10/26 17:56:58 | 000,072,824 | ---- | M] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 22:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 10:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 03:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 03:03:28 | 000,001,393 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/10/05 21:44:02 | 000,032,256 | ---- | M] ()
[Files - No Company Name]
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 18:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 15:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 19:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 18:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 15:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 15:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 18:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 18:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 18:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 18:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 18:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 19:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 19:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 01:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/20 00:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/10/09 10:40:12 | 000,000,978 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/09 10:40:12 | 000,000,926 | ---- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 21:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 20:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 20:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 22:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 22:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 16:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 16:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 10:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 17:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 17:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 16:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 15:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 15:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 15:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 15:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 15:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 07:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 11:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 11:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 18:05:08 | 000,002,695 | ---- | C] ()
[File - Lop Check]
pdf995 -> C:\Documents and Settings\All Users\Application Data\pdf995 -> [2010/07/13 20:35:54 | 000,000,000 | ---D | M]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | M]
Temp -> C:\Documents and Settings\All Users\Application Data\Temp -> [2009/07/21 16:26:43 | 000,000,000 | ---D | M]
Uninstall -> C:\Documents and Settings\All Users\Application Data\Uninstall -> [2009/07/21 15:55:23 | 000,000,000 | ---D | M]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/07 18:56:12 | 000,000,000 | ---D | M]
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009/10/06 09:37:45 | 000,000,000 | ---D | M]
com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> [2009/12/06 14:48:32 | 000,000,000 | ---D | M]
dBpoweramp -> C:\Documents and Settings\Owner\Application Data\dBpoweramp -> [2010/03/03 20:13:37 | 000,000,000 | ---D | M]
ICAClient -> C:\Documents and Settings\Owner\Application Data\ICAClient -> [2010/07/13 18:02:28 | 000,000,000 | ---D | M]
IObit -> C:\Documents and Settings\Owner\Application Data\IObit -> [2009/10/30 14:07:29 | 000,000,000 | ---D | M]
pdf995 -> C:\Documents and Settings\Owner\Application Data\pdf995 -> [2010/03/16 21:01:57 | 000,000,000 | ---D | M]
tmp -> C:\Documents and Settings\Owner\Application Data\tmp -> [2010/03/11 21:07:58 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 18:34:15 | 000,000,472 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\Tasks\WGASetup.job -> [2010/11/04 18:48:05 | 000,000,260 | ---- | M] ()
[File - Purity Scan]
[Custom Scans]
< netsvcs >
< MD5 Scans Start>
< %systemdrive%\NETBIOS.SYS /md5 /s >
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\dllcache\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
netbios.sys : MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -> C:\WINDOWS\system32\drivers\netbios.sys -> [2008/04/14 08:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
< %systemdrive%\TCPIP.SYS /md5 /s >
tcpip.sys : MD5=93EA8D04EC73A85DB02EB8805988F733 -> C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys -> [2008/04/14 08:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\dllcache\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=9AEFA14BD6B182D61E3119FA5F436D3D -> C:\WINDOWS\system32\drivers\tcpip.sys -> [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation)
tcpip.sys : MD5=AD978A1B783B5719720CFF204B666C8E -> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys -> [2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< End of report >
#33
Posted 05 November 2010 - 01:42 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
I will now replace those files with the cache copy...
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
Retry the internet
I will review the information when it comes back in.
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:Files
C:\WINDOWS\system32\drivers\netbios.sys|C:\WINDOWS\system32\dllcache\netbios.sys /replace
C:\WINDOWS\system32\drivers\tcpip.sys|C:\WINDOWS\system32\dllcache\tcpip.sys /replace
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
Retry the internet
I will review the information when it comes back in.
#34
Posted 05 November 2010 - 02:46 PM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
Ran the fix. Still no internet...
All Processes Killed
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbios.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbios.sys
File C:\WINDOWS\system32\drivers\tcpip.sys successfully replaced with C:\WINDOWS\system32\dllcache\tcpip.sys
[Empty Temp Folders]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Owner
->Temp folder emptied: 11997896 bytes
->Temporary Internet Files folder emptied: 217894 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3281936 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212992 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3397182 bytes
Total Files Cleaned = 18.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Owner
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTS Restore Point (0)
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11052010_164104
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All Processes Killed
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbios.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbios.sys
File C:\WINDOWS\system32\drivers\tcpip.sys successfully replaced with C:\WINDOWS\system32\dllcache\tcpip.sys
[Empty Temp Folders]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Owner
->Temp folder emptied: 11997896 bytes
->Temporary Internet Files folder emptied: 217894 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3281936 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212992 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3397182 bytes
Total Files Cleaned = 18.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Owner
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTS Restore Point (0)
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11052010_164104
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
#35
Posted 05 November 2010 - 03:14 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi I will be discussing this with the network guys - to see if that can give me a reolution. Please bear with me
#37
Posted 06 November 2010 - 04:57 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi I have some data now - I believe I was checking the wrong file
Download OTS to your Desktop and double-click on it to run it
Download OTS to your Desktop and double-click on it to run it
- Make sure you close all other programs and don't use the PC while the scan runs.
- Select All Users
- Under custom scans paste in the following
/md5start
netbt.sys
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt
- Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
- When the scan is complete Notepad will open with the report file loaded in it.
- Please attach the log in your next post.
#38
Posted 08 November 2010 - 04:58 PM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
Here is the scan log...
OTS logfile created on: 11/8/2010 5:49:21 PM - Run 5
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.75 Gb Free Space | 37.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
adobe_updater.exe -> C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe -> [2009/01/08 06:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 16:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 07:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 16:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 16:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 16:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 15:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 15:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 15:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 15:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 15:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 15:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 15:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 17:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 01:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 10:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 01:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 18:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 17:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 09:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 17:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 17:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 20:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 07:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 22:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 10:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 16:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 14:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 18:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 20:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 17:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 18:56:27 | 000,000,000 | --SD | C]
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 17:25:55 | 004,608,744 | ---- | C] (Microsoft Corporation)
cmdcons -> C:\cmdcons -> [2010/10/27 14:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 17:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 17:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 17:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 17:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 17:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 17:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 16:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 19:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 19:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 19:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 19:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 19:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 18:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 14:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 21:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 21:10:07 | 000,000,000 | -H-D | C]
[Files/Folders - Modified Within 30 Days]
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/05 19:45:05 | 000,000,978 | ---- | M] ()
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 17:32:22 | 000,779,711 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/05 15:43:50 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/05 15:42:28 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/05 15:42:23 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/05 15:42:21 | 3210,780,672 | -HS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/11/05 15:41:19 | 000,446,348 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/11/05 15:41:19 | 000,073,342 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 14:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 20:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 17:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 14:25:05 | 000,000,327 | RHS- | M] ()
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 14:20:44 | 004,608,744 | ---- | M] (Microsoft Corporation)
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 21:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 09:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 02:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 02:03:28 | 000,001,393 | ---- | M] ()
[Files - No Company Name]
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 19:04:20 | 000,779,711 | ---- | C] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 18:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 14:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 14:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 17:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 17:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 17:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 17:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 17:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 18:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 18:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 00:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/19 23:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 20:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 19:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 19:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 21:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 21:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 15:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 15:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 09:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 16:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 16:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 15:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 14:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 14:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 14:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 14:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 14:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 06:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 10:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 10:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 17:05:08 | 000,002,695 | ---- | C] ()
[Custom Scans]
< MD5 Scans Start>
< %systemdrive%\NETBT.SYS /md5 /s >
netbt.sys : MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -> C:\WINDOWS\system32\dllcache\netbt.sys -> [2008/04/14 07:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt >
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt\ not found. -> ->
< End of report >
OTS logfile created on: 11/8/2010 5:49:21 PM - Run 5
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.75 Gb Free Space | 37.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
adobe_updater.exe -> C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe -> [2009/01/08 06:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
dadkeyb.dll -> C:\Program Files\Dell\QuickSet\dadkeyb.dll -> [2007/12/10 16:51:44 | 000,098,304 | ---- | M] ()
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 15:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 07:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -> File not found
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 16:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 16:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 16:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel® High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 15:59:59 | 000,110,080 | ---- | M] (Intel® Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 15:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 15:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 15:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 15:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 15:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 15:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 17:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 01:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 10:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 01:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 18:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.no_proxies_on -> "" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/19 23:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 17:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 09:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 17:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 17:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 20:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 07:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 17:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 09:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 20:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 22:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 08:55:40 | 002,329,224 | ---- | M] (IObit)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 19:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 10:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.ad...Plus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 16:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 14:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
SINO -> C:\Documents and Settings\Owner\Desktop\SINO -> [2010/11/03 18:02:57 | 000,000,000 | ---D | C]
amherst1 -> C:\Documents and Settings\Owner\Desktop\amherst1 -> [2010/10/28 20:25:38 | 000,000,000 | ---D | C]
avz4 -> C:\Documents and Settings\Owner\Desktop\avz4 -> [2010/10/28 17:36:04 | 000,000,000 | ---D | C]
ComboFix -> C:\ComboFix -> [2010/10/27 18:56:27 | 000,000,000 | --SD | C]
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 17:25:55 | 004,608,744 | ---- | C] (Microsoft Corporation)
cmdcons -> C:\cmdcons -> [2010/10/27 14:24:48 | 000,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/10/26 17:35:12 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/10/26 17:35:12 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/10/26 17:35:12 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/10/26 17:35:12 | 000,031,232 | ---- | C] (NirSoft)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/10/26 17:34:54 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010/10/26 17:34:32 | 000,000,000 | ---D | C]
_OTS -> C:\_OTS -> [2010/10/26 16:56:51 | 000,000,000 | ---D | C]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 19:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 19:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 19:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 19:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 19:02:05 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 18:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 14:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 21:55:05 | 000,000,000 | ---D | C]
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 21:10:07 | 000,000,000 | -H-D | C]
[Files/Folders - Modified Within 30 Days]
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/11/05 19:45:05 | 000,000,978 | ---- | M] ()
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 17:32:22 | 000,779,711 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/11/05 15:43:50 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/11/05 15:42:28 | 000,002,447 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/11/05 15:42:23 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/05 15:42:21 | 3210,780,672 | -HS- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/11/05 15:41:19 | 000,446,348 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/11/05 15:41:19 | 000,073,342 | ---- | M] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:54 | 000,650,240 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/11/04 14:16:52 | 000,002,206 | ---- | M] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/28 20:30:01 | 000,002,137 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/27 17:34:15 | 000,000,472 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:15:28 | 003,887,312 | R--- | M] ()
boot.ini -> C:\boot.ini -> [2010/10/27 14:25:05 | 000,000,327 | RHS- | M] ()
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe -> [2010/10/27 14:20:44 | 004,608,744 | ---- | M] (Microsoft Corporation)
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/25 21:16:10 | 000,079,872 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 17:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | M] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 09:45:01 | 000,000,926 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 02:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 02:03:28 | 000,001,393 | ---- | M] ()
[Files - No Company Name]
drfDownloadPastPerformance.pdf -> C:\Documents and Settings\Owner\Desktop\drfDownloadPastPerformance.pdf -> [2010/11/05 19:04:20 | 000,779,711 | ---- | C] ()
MicrosoftFixit50203.msi -> C:\Documents and Settings\Owner\Desktop\MicrosoftFixit50203.msi -> [2010/11/04 17:44:58 | 000,650,240 | ---- | C] ()
newkey -> C:\newkey -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
newfile.enc -> C:\newfile.enc -> [2010/11/04 14:15:01 | 000,022,729 | ---- | C] ()
SINO.exe -> C:\Documents and Settings\Owner\Desktop\SINO.exe -> [2010/11/03 18:02:41 | 003,397,182 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Owner\Desktop\ComboFix.exe -> [2010/10/27 17:25:24 | 003,887,312 | R--- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/10/27 14:25:04 | 000,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/10/27 14:24:56 | 000,260,272 | RHS- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/10/26 17:35:12 | 000,256,512 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/10/26 17:35:12 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/10/26 17:35:12 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/10/26 17:35:12 | 000,079,872 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/10/26 17:35:12 | 000,068,096 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 19:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 18:56:18 | 000,000,472 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 18:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 00:08:19 | 000,012,069 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/19 23:18:36 | 3210,780,672 | -HS- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 21:13:28 | 000,069,632 | RHS- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 20:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 19:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 19:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 21:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 21:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 15:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 15:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 09:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 16:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 16:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 15:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 14:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 14:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 14:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 14:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 14:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 14:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 06:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 10:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 10:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 17:05:08 | 000,002,695 | ---- | C] ()
[Custom Scans]
< MD5 Scans Start>
< %systemdrive%\NETBT.SYS /md5 /s >
netbt.sys : MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -> C:\WINDOWS\system32\dllcache\netbt.sys -> [2008/04/14 07:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt >
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netbt\ not found. -> ->
< End of report >
#39
Posted 08 November 2010 - 05:07 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK that was the file - It has deleted the enitre control set and file for that key
I can replace the file now - but as I am on windows 7 I will need to get the necessary reg data from an XP system. So lets put the file back - and I will get the data for the reg key in a bit
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
I can replace the file now - but as I am on windows 7 I will need to get the necessary reg data from an XP system. So lets put the file back - and I will get the data for the reg key in a bit
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:files
C:\WINDOWS\system32\drivers\netbt.sys|C:\WINDOWS\system32\dllcache\netbt.sys /replace
:end
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
#40
Posted 08 November 2010 - 05:20 PM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
Here is the fix log...
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbt.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbt.sys
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11082010_181945
[Custom Items]
========== FILES ==========
File C:\WINDOWS\system32\drivers\netbt.sys successfully replaced with C:\WINDOWS\system32\dllcache\netbt.sys
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11082010_181945
#41
Posted 09 November 2010 - 03:52 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Please download and the attached zip file
Extract the Netbt.reg file to your desktop
Right click the reg file and select merge
Accept the warning
Once done reboot and try the net
Extract the Netbt.reg file to your desktop
Right click the reg file and select merge
Accept the warning
Once done reboot and try the net
#42
Posted 09 November 2010 - 06:52 AM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
I got this error message when trying to merge...
---------------------------
Registry Editor
---------------------------
Cannot import C:\Documents and Settings\Owner\Desktop\Netbt.reg: Error accessing the registry.
---------------------------
OK
---------------------------
---------------------------
Registry Editor
---------------------------
Cannot import C:\Documents and Settings\Owner\Desktop\Netbt.reg: Error accessing the registry.
---------------------------
OK
---------------------------
#43
Posted 09 November 2010 - 06:54 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Could you confirm that you have regedit on your system please
#44
Posted 09 November 2010 - 07:43 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Lets see if OTS can place the data in your registry
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"Tag"=dword:00000006
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,\
00,73,00,79,00,73,00,00,00
"DisplayName"="NetBios over Tcpip"
"Group"="PNP_TDI"
"DependOnService"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00
"DependOnGroup"=hex(7):00,00
"Description"="NetBios over Tcpip"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage]
"OtherDependencies"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00
"Bind"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\
00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,\
37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,\
00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,\
30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,\
00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,\
39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,\
00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,\
41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,\
00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,\
7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,\
00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,\
31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,\
00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\
69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,\
00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,\
30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,\
00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,\
5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,\
00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,\
42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,\
00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,\
00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,\
38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,\
00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,\
00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,\
00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,\
2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,\
00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,\
45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\
00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,\
33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,\
00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,\
36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,\
00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,\
36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,\
00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,\
39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,\
00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,\
70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,\
00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,\
32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,\
00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\
54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,\
00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,\
45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,\
00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\
69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,\
00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,\
34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,\
00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,\
44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,\
00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,\
35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,\
00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,\
7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\
00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,\
2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,\
00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,\
46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\
00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,\
35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,\
00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,\
37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,\
00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,\
36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,\
00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,\
38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,\
00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,\
7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,\
00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,\
46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,\
00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\
69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,\
00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,\
41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,\
00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\
54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,\
00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,\
2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,\
00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,\
63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,\
00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,\
38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,\
00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,\
65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,\
00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,\
35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,\
00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,\
00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,\
00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,\
42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,\
00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,\
44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,\
00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,\
41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,\
00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,\
44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\
00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,\
38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,\
00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,\
37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,\
00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,\
34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,\
00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,\
37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,\
00,00,00
"Route"=hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,\
34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,\
00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,\
37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,\
00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,\
38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,\
00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,\
32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,\
00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,\
34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,\
00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,\
38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,\
00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,\
45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,\
00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,\
46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,\
00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,\
35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,\
00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,\
41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,\
00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,\
42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,\
00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,44,\
00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,\
2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,\
00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,\
00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,45,\
00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,\
34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,\
00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,\
22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,\
00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,\
31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,\
00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,\
54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,\
00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,\
30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,\
00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,\
63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,\
00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,\
43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,\
00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,\
70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,\
00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,\
2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,\
00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,\
69,00,70,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,\
00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,\
38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,\
00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,\
70,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,\
00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,\
38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,\
00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,\
22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,\
00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,\
32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,\
00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,\
20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,\
00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,\
36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,\
00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,\
22,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,49,00,70,00,22,00,00,00,00,\
00
"Export"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\
00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,\
30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,\
00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,\
46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,\
00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\
5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,\
00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,\
35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,\
00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,\
00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,\
36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,\
00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,\
45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\
00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\
70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,\
00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,\
42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,\
00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\
4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,\
00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,\
33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,\
00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,\
7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\
00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,\
33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,\
00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,\
31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,\
00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\
5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,\
00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,\
37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,\
00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,\
00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,\
46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,\
00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,\
44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\
00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\
70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,\
00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,\
43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,\
00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\
4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,\
00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,\
36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,\
00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,\
7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\
00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,\
39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,\
00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,\
32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,\
00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\
5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,\
00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,\
31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,\
00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\
69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,\
00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,\
2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,\
00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,\
31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\
00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,\
7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,\
00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,\
31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,\
00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,\
42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,\
00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,\
31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,\
00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,\
65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,\
00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,\
34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,\
00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,\
43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\
00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\
70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,\
00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,\
33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,\
00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,\
65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,\
00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,\
2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,\
00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,\
5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,\
00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,\
33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,\
00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,\
36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,\
00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,\
70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,\
00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,\
45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,\
00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,\
5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,\
00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,\
41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,\
00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,\
7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\
00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,\
32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,\
00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,\
36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,\
00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,\
54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,\
00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,\
2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,\
00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,\
63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,\
00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,\
42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,\
00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,\
42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,\
00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,\
34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,\
00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,\
37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,\
00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"NbProvider"="_tcp"
"NameServerPort"=dword:00000089
"CacheTimeout"=dword:000927c0
"BcastNameQueryCount"=dword:00000003
"BcastQueryTimeout"=dword:000002ee
"NameSrvQueryCount"=dword:00000003
"NameSrvQueryTimeout"=dword:000005dc
"Size/Small/Medium/Large"=dword:00000001
"SessionKeepAlive"=dword:0036ee80
"TransportBindName"="\\Device\\"
"EnableLMHOSTS"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}]
"NameServerList"=hex(7):00,00
"RASFlags"=dword:00000001
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Security]
"Security"=hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\
05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\
23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,\
00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,\
00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,\
01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,\
00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum]
"0"="Root\\LEGACY_NETBT\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT]
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000]
"Service"="NetBT"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="NetBios over Tcpip"
"Capabilities"=dword:00000000
"Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0023"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\LogConf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\Control]
"ActiveService"="NetBT"
:end
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
#45
Posted 09 November 2010 - 07:00 PM
togatown
- Topic Starter
-
- Member
-
- 34 posts
Member
I do have regedit. When I go to start > run > and enter regedit - the registry editor pops up. At any rate - I ran the OTS fix and here is the log...
[Custom Items]
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Type"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Start"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Tag"|dword:00000006 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ImagePath"|hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,00,73,00,79,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DisplayName"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Group"|"PNP_TDI" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnService"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnGroup"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Description"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"OtherDependencies"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Bind"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Route"|hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,49,00,70,00,22,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Export"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NbProvider"|"_tcp" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameServerPort"|dword:00000089 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"CacheTimeout"|dword:000927c0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastNameQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastQueryTimeout"|dword:000002ee /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryTimeout"|dword:000005dc /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"Size/Small/Medium/Large"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"SessionKeepAlive"|dword:0036ee80 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"TransportBindName"|"\\Device\\" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"EnableLMHOSTS"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"RASFlags"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Security\\"Security"|hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"0"|"Root\\LEGACY_NETBT\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\\"NextInstance"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Service"|"NetBT" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Legacy"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ConfigFlags"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Class"|"LegacyDriver" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ClassGUID"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"DeviceDesc"|"NetBios over Tcpip" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Capabilities"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Driver"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0023" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\Control\\"ActiveService"|"NetBT" /E!
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11092010_195743
[Custom Items]
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Type"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Start"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Tag"|dword:00000006 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"ImagePath"|hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,00,73,00,79,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DisplayName"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Group"|"PNP_TDI" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnService"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"DependOnGroup"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\\"Description"|"NetBios over Tcpip" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"OtherDependencies"|hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Bind"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Route"|hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,49,00,70,00,22,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Linkage\\"Export"|hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,36,00,39,00,38,00,31,00,37,00,41,00,33,00,36,00,2d,00,33,00,38,00,37,00,42,00,2d,00,34,00,34,00,43,00,45,00,2d,00,38,00,45,00,36,00,31,00,2d,00,38,00,45,00,32,00,33,00,32,00,43,00,31,00,36,00,38,00,42,00,43,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,44,00,30,00,38,00,46,00,46,00,39,00,38,00,37,00,2d,00,35,00,45,00,35,00,34,00,2d,00,34,00,39,00,45,00,31,00,2d,00,41,00,46,00,41,00,41,00,2d,00,35,00,35,00,46,00,45,00,46,00,39,00,44,00,38,00,30,00,39,00,34,00,32,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,45,00,32,00,39,00,31,00,39,00,42,00,30,00,2d,00,35,00,44,00,35,00,37,00,2d,00,34,00,34,00,35,00,45,00,2d,00,42,00,33,00,32,00,39,00,2d,00,41,00,44,00,35,00,38,00,41,00,37,00,39,00,33,00,43,00,31,00,39,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,35,00,31,00,35,00,36,00,36,00,46,00,2d,00,41,00,44,00,36,00,38,00,2d,00,34,00,31,00,34,00,30,00,2d,00,38,00,43,00,46,00,37,00,2d,00,31,00,37,00,37,00,37,00,46,00,46,00,37,00,45,00,31,00,46,00,37,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,38,00,31,00,45,00,38,00,35,00,33,00,43,00,2d,00,31,00,34,00,41,00,32,00,2d,00,34,00,31,00,30,00,35,00,2d,00,42,00,30,00,42,00,38,00,2d,00,36,00,35,00,43,00,33,00,46,00,46,00,37,00,31,00,31,00,43,00,34,00,44,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,34,00,36,00,37,00,38,00,45,00,34,00,45,00,2d,00,36,00,42,00,33,00,34,00,2d,00,34,00,45,00,42,00,43,00,2d,00,38,00,39,00,45,00,32,00,2d,00,35,00,45,00,31,00,38,00,43,00,46,00,45,00,43,00,41,00,34,00,36,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,32,00,33,00,33,00,42,00,39,00,43,00,42,00,42,00,2d,00,31,00,34,00,30,00,38,00,2d,00,34,00,34,00,35,00,35,00,2d,00,38,00,44,00,44,00,33,00,2d,00,46,00,31,00,31,00,34,00,35,00,33,00,44,00,39,00,44,00,35,00,35,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,37,00,31,00,31,00,45,00,46,00,36,00,45,00,46,00,2d,00,38,00,33,00,30,00,45,00,2d,00,34,00,41,00,37,00,35,00,2d,00,38,00,34,00,41,00,30,00,2d,00,38,00,37,00,42,00,33,00,41,00,39,00,34,00,43,00,34,00,45,00,37,00,31,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,42,00,43,00,32,00,33,00,44,00,46,00,34,00,2d,00,35,00,32,00,35,00,46,00,2d,00,34,00,37,00,43,00,31,00,2d,00,39,00,38,00,38,00,46,00,2d,00,33,00,39,00,46,00,33,00,42,00,36,00,46,00,44,00,35,00,32,00,34,00,36,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,30,00,30,00,35,00,39,00,41,00,38,00,42,00,45,00,2d,00,41,00,45,00,36,00,41,00,2d,00,34,00,38,00,31,00,43,00,2d,00,42,00,45,00,32,00,45,00,2d,00,31,00,37,00,35,00,42,00,36,00,38,00,30,00,41,00,33,00,41,00,30,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,37,00,33,00,38,00,37,00,32,00,39,00,30,00,2d,00,34,00,44,00,41,00,35,00,2d,00,34,00,35,00,38,00,46,00,2d,00,42,00,43,00,43,00,36,00,2d,00,42,00,39,00,32,00,46,00,44,00,43,00,41,00,33,00,38,00,39,00,46,00,43,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,44,00,32,00,35,00,35,00,33,00,33,00,46,00,2d,00,42,00,30,00,42,00,43,00,2d,00,34,00,37,00,45,00,44,00,2d,00,38,00,39,00,33,00,39,00,2d,00,34,00,37,00,32,00,36,00,32,00,36,00,35,00,43,00,37,00,35,00,44,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,42,00,33,00,45,00,44,00,35,00,32,00,41,00,30,00,2d,00,44,00,34,00,33,00,36,00,2d,00,34,00,39,00,34,00,33,00,2d,00,42,00,38,00,31,00,45,00,2d,00,35,00,41,00,38,00,36,00,30,00,41,00,32,00,44,00,37,00,39,00,39,00,30,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,42,00,38,00,42,00,41,00,32,00,44,00,2d,00,42,00,37,00,46,00,30,00,2d,00,34,00,32,00,43,00,43,00,2d,00,39,00,32,00,34,00,45,00,2d,00,32,00,34,00,46,00,39,00,37,00,31,00,33,00,39,00,41,00,33,00,42,00,34,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,34,00,41,00,43,00,42,00,35,00,34,00,42,00,34,00,2d,00,44,00,35,00,41,00,41,00,2d,00,34,00,34,00,32,00,37,00,2d,00,38,00,30,00,33,00,30,00,2d,00,42,00,37,00,45,00,42,00,44,00,38,00,43,00,46,00,33,00,33,00,44,00,35,00,7d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NbProvider"|"_tcp" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameServerPort"|dword:00000089 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"CacheTimeout"|dword:000927c0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastNameQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"BcastQueryTimeout"|dword:000002ee /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryCount"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"NameSrvQueryTimeout"|dword:000005dc /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"Size/Small/Medium/Large"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"SessionKeepAlive"|dword:0036ee80 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"TransportBindName"|"\\Device\\" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\\"EnableLMHOSTS"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{0059A8BE-AE6A-481C-BE2E-175B680A3A00}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{233B9CBB-1408-4455-8DD3-F11453D9D55B}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{24678E4E-6B34-4EBC-89E2-5E18CFECA461}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{4ACB54B4-D5AA-4427-8030-B7EBD8CF33D5}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{5BC23DF4-525F-47C1-988F-39F3B6FD5246}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{67387290-4DA5-458F-BCC6-B92FDCA389FC}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{711EF6EF-830E-4A75-84A0-87B3A94C4E71}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{7E2919B0-5D57-445E-B329-AD58A793C195}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{A81E853C-14A2-4105-B0B8-65C3FF711C4D}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AA51566F-AD68-4140-8CF7-1777FF7E1F70}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{AEB8BA2D-B7F0-42CC-924E-24F97139A3B4}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{B3ED52A0-D436-4943-B81E-5A860A2D7990}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"RASFlags"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{BD25533F-B0BC-47ED-8939-4726265C75D7}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NameServerList"|hex(7):00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{D08FF987-5E54-49E1-AFAA-55FEF9D80942}\\"NetbiosOptions"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Security\\"Security"|hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"0"|"Root\\LEGACY_NETBT\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\\"NextInstance"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Service"|"NetBT" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Legacy"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ConfigFlags"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Class"|"LegacyDriver" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"ClassGUID"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"DeviceDesc"|"NetBios over Tcpip" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Capabilities"|dword:00000000 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\\"Driver"|"{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0023" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT\0000\Control\\"ActiveService"|"NetBT" /E!
< End of fix log >
OTS by OldTimer - Version 3.1.40.0 fix logfile created on 11092010_195743
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
