Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

System Process Spiking

Started by kteng , Feb 06 2010 06:48 PM

Please log in to reply

#1
kteng

Posted 06 February 2010 - 06:48 PM

Member

Member
21 posts

The System Process (in the task manager) randomly spikes to 40% CPU Usage every 30 min or so. I ran Process Explorer when the lag started and copied the thread that was causing the lag:

ntkrnlpa.exe!ExAllocatePoolWithTag+0x90b
ntkrnlpa.exe!MmIsDriverVerifying+0xa30
hal.dll+0x2ef2
hal.dll!KfLowerIrql+0x17
fltmgr.sys+0x33cc
ntkrnlpa.exe!RtlVolumeDeviceToDosName+0x93e
Ntfs.sys+0x73b
Ntfs.sys+0x26040
ntkrnlpa.exe!IoStartPacket+0x10f
fltmgr.sys!FltProcessFileLock+0x21a5
ntkrnlpa.exe!IoStartPacket+0x10f
ntkrnlpa.exe!PoShutdownBugCheck+0x216c
ntkrnlpa.exe!ObQueryNameString+0x2030
ntkrnlpa.exe!NtWriteFile+0x3b0d
ntkrnlpa.exe!NtWriteFile+0x4484
ntkrnlpa.exe!NtWriteFile+0x6b4e
ntkrnlpa.exe!KeSynchronizeExecution+0x16c
ntkrnlpa.exe!ZwYieldExecution+0xb51
netbt.sys+0x1d6f5
netbt.sys+0x1d619
netbt.sys+0xc34
ntkrnlpa.exe!wctomb+0x702
ntkrnlpa.exe!RtlUpcaseUnicodeToMultiByteN+0x4d8
ntkrnlpa.exe!NtBuildNumber+0x5e6

---
MBAM came up completely clean

I had a BSOD when running GMER. It said "page fault in non-paged area" and something about XDva326.sys

#2
kteng

Posted 06 February 2010 - 06:48 PM

Member

Topic Starter
Member
21 posts

OTL logfile created on: 2/6/2010 4:34:17 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Downloads\software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 34.13 Gb Free Space | 7.33% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 465.68 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KTENG
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/02/04 22:00:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Downloads\software\OTL.exe
PRC - [2010/02/03 13:02:22 | 001,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2010/01/22 16:59:30 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/22 00:48:32 | 002,127,408 | ---- | M] (Trend Media Corporation Limited) -- C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe
PRC - [2009/11/19 22:12:14 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/07/23 00:51:26 | 016,804,864 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008/06/18 02:01:56 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2007/02/03 18:38:24 | 000,274,432 | ---- | M] (SillySot Software) -- C:\Program Files\Iconoid\iconoid.exe
PRC - [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2004/08/03 23:56:58 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010/02/04 22:00:33 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Downloads\software\OTL.exe
MOD - [2006/08/25 07:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] -- -- (IDriverT)
SRV - [2010/02/04 19:02:21 | 001,181,328 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/01/28 15:15:33 | 002,431,024 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3647.dll -- (Akamai)
SRV - [2010/01/11 22:17:44 | 000,154,216 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc)
SRV - [2009/12/11 15:47:44 | 000,036,352 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009/11/12 09:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/11/03 15:13:44 | 000,295,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\termsrv32.dll -- (TermService)
SRV - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/09/25 00:35:14 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007/11/06 12:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/04/19 21:29:44 | 000,411,168 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/04 13:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [1999/12/13 00:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {a756d17a-5a4c-4417-813c-c8cd0151e486}:1.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.4

FF - HKLM\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2009/11/01 10:34:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/26 15:09:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/22 16:59:42 | 000,000,000 | ---D | M]

[2009/11/09 14:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Extensions
[2009/05/17 21:28:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2009/11/09 14:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Extensions\[email protected]
[2010/02/06 00:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\g3z0emxl.default\extensions
[2010/01/04 13:54:44 | 000,000,000 | ---D | M] (Open Profile Folder) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\g3z0emxl.default\extensions\{a756d17a-5a4c-4417-813c-c8cd0151e486}
[2010/01/01 12:57:05 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\g3z0emxl.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2009/05/21 22:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\g3z0emxl.default\extensions\[email protected]
[2010/02/06 00:10:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010/02/04 17:13:50 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2007/04/16 09:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2009/10/31 12:42:43 | 000,000,759 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 live.refx.net
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Kevin\Application Data\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl File not found
O4 - HKCU..\Run: [FlashGet 3] C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [Iconoid] C:\Program Files\Iconoid\iconoid.exe (SillySot Software)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Documents and Settings\Kevin\Application Data\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Documents and Settings\Kevin\Application Data\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/19 21:48:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2de08cb2-c715-11de-acd9-001fd080e29d}\Shell - "" = AutoRun
O33 - MountPoints2\{2de08cb2-c715-11de-acd9-001fd080e29d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2de08cb2-c715-11de-acd9-001fd080e29d}\Shell\AutoRun\command - "" = F:\Torchlight_Setup.exe -- File not found
O33 - MountPoints2\{fd84b14a-c720-11de-acda-001fd080e29d}\Shell - "" = AutoRun
O33 - MountPoints2\{fd84b14a-c720-11de-acda-001fd080e29d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fd84b14a-c720-11de-acda-001fd080e29d}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/01/03 04:54:33 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765113575899136)

========== Files/Folders - Created Within 14 Days ==========

[2010/02/04 18:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010/02/04 17:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Desktop\Steam Hack v12
[2010/02/04 17:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\gPotato
[2010/02/03 21:03:34 | 003,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Kevin\Desktop\procexp.exe
[2010/02/03 14:59:36 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/02/03 14:59:36 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/02/03 14:59:36 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/02/03 14:59:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/02/03 14:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/02/03 13:45:23 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Cleaner Pro
[2010/02/03 13:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/02/03 13:25:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kevin\Recent
[2010/02/01 21:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\OpenVPN
[2010/01/23 23:04:03 | 000,000,000 | --SD | C] -- C:\Program Files\HLSW
[2010/01/23 23:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\HLSW
[2010/01/23 21:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/23 21:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\WebEx
[2010/01/23 21:03:05 | 000,000,000 | ---D | C] -- C:\CC Get MAC Address
[2009/05/30 10:52:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/05/29 15:56:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/04/19 21:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[1 C:\Documents and Settings\Kevin\Desktop\*.tmp files -> C:\Documents and Settings\Kevin\Desktop\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/02/06 16:33:50 | 000,012,904 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2010/02/06 16:29:47 | 000,267,982 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/02/06 16:29:30 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/02/06 16:29:28 | 000,012,644 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/06 16:28:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/06 16:28:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/06 16:28:41 | 3487,805,440 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/02/06 16:02:15 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/06 13:02:10 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/02/06 07:02:12 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/02/06 01:02:21 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/02/06 00:37:32 | 000,014,601 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\Kevin's Fitness Plan.docx
[2010/02/05 23:57:33 | 015,466,496 | ---- | M] () -- C:\Documents and Settings\Kevin\ntuser.dat
[2010/02/05 23:57:33 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Kevin\ntuser.ini
[2010/02/05 23:49:54 | 000,000,633 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/05 23:49:54 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/02/05 23:47:11 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kevin\Desktop\~$vin's Fitness Plan.docx
[2010/02/05 23:42:50 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\Workout.xls
[2010/02/05 22:02:05 | 000,002,096 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010/02/05 19:02:24 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/02/04 22:34:37 | 009,231,414 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\74004-esea_match_1548100.zip
[2010/02/04 21:23:26 | 011,389,564 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\56077-esea_match_1540169.zip
[2010/02/04 19:06:27 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\XP Shell State.zip
[2010/02/04 17:38:37 | 000,045,518 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\SteamHackv12.rar
[2010/02/04 17:38:32 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\AikaOnline.lnk
[2010/02/04 17:25:22 | 447,960,356 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\AikaOnlineInstaller.exe
[2010/02/04 15:00:26 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/02/04 13:56:26 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/03 22:52:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/03 21:37:25 | 000,095,558 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\[email protected]@G31.2.rar
[2010/02/03 21:07:23 | 000,255,542 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\F0RBiDD3N.rar
[2010/02/03 14:59:55 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/02/03 14:53:39 | 000,071,240 | ---- | M] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/03 14:52:41 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/02/03 13:29:06 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/02 17:57:30 | 040,235,720 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\esea_match_1537129.dem
[2010/02/01 21:18:51 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\OpenVPN GUI.lnk
[2010/01/31 01:02:10 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/30 22:48:19 | 005,464,068 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\63129-esea_match_1544445.zip
[2010/01/30 19:38:24 | 000,000,430 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\Shortcut to CS Stuff.lnk
[2010/01/24 02:20:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010/01/23 23:04:10 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\HLSW.lnk
[2010/01/23 21:06:46 | 008,892,928 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/01/23 19:47:34 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\nuke_1.1.1.3.bmp
[2010/01/23 19:47:22 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\nuke_1.1.1.2.bmp
[1 C:\Documents and Settings\Kevin\Desktop\*.tmp files -> C:\Documents and Settings\Kevin\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/05 23:47:11 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kevin\Desktop\~$vin's Fitness Plan.docx
[2010/02/05 23:47:02 | 000,014,601 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\Kevin's Fitness Plan.docx
[2010/02/04 22:34:25 | 009,231,414 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\74004-esea_match_1548100.zip
[2010/02/04 21:23:15 | 011,389,564 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\56077-esea_match_1540169.zip
[2010/02/04 19:06:27 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\XP Shell State.zip
[2010/02/04 17:38:32 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\AikaOnline.lnk
[2010/02/04 17:16:15 | 447,960,356 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\AikaOnlineInstaller.exe
[2010/02/03 21:37:25 | 000,095,558 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\[email protected]@G31.2.rar
[2010/02/03 21:07:23 | 000,255,542 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\F0RBiDD3N.rar
[2010/02/03 14:59:55 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/02/02 22:00:19 | 040,235,720 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\esea_match_1537129.dem
[2010/02/01 21:18:51 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\OpenVPN GUI.lnk
[2010/01/30 22:48:18 | 005,464,068 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\63129-esea_match_1544445.zip
[2010/01/30 19:38:24 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\Shortcut to CS Stuff.lnk
[2010/01/23 23:04:10 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\HLSW.lnk
[2010/01/23 21:06:44 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/01/23 19:47:34 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\nuke_1.1.1.3.bmp
[2010/01/23 19:47:21 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\nuke_1.1.1.2.bmp
[2010/01/01 21:56:55 | 000,000,143 | ---- | C] () -- C:\WINDOWS\GKLauncherInfo.ini
[2010/01/01 02:22:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2009/12/31 17:45:55 | 000,327,168 | ---- | C] () -- C:\WINDOWS\System32\cutil32.dll
[2009/11/01 11:57:45 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/11/01 11:57:45 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/09/07 11:02:28 | 000,000,000 | ---- | C] () -- C:\Program Files\AstonWriteTest.txt
[2009/07/29 23:53:32 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\vrtaucbl.sys
[2009/07/14 17:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/05/29 17:01:42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\fusioncache.dat
[2009/05/04 22:45:33 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/02 15:19:41 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\jfwapi.dll
[2009/04/30 15:08:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/26 12:54:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/22 21:02:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2009/04/22 21:02:08 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2009/04/22 20:41:39 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/04/20 13:08:08 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/11/06 12:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/11/10 05:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2004/07/17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1996/04/03 11:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/12/09 20:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/01/03 23:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2009/04/20 12:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/04/20 12:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2009/04/22 20:39:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/11/01 11:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009/04/21 21:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2010/01/15 13:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/12/11 15:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009/10/09 14:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2010/02/04 17:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/10/13 12:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2010/01/18 22:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/04/22 20:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/01/03 18:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/10/23 22:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/01/01 23:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/21 13:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/02 17:11:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/01/03 23:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Ableton
[2009/04/20 12:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\acccore
[2009/04/21 13:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Aim
[2009/09/07 11:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Aston
[2010/02/06 16:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\BITS
[2009/08/22 13:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Blitware
[2010/01/04 19:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Canon
[2009/05/30 11:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\DAEMON Tools Lite
[2009/11/01 11:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\DAEMON Tools Pro
[2010/01/11 23:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\DragonicaSCB
[2010/01/01 02:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\FlashGet
[2010/01/01 02:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\FlashGetBHO
[2009/05/17 21:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Flock
[2009/09/24 17:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\GetRightToGo
[2010/01/03 02:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\GlarySoft
[2010/01/25 22:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\HLSW
[2009/04/21 16:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\InfraRecorder
[2010/01/02 21:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\LimeWire
[2009/12/11 17:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\NeopleLauncherDFO
[2009/04/22 21:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\NewSoft
[2009/11/14 00:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Notepad++
[2009/10/23 17:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\OpenCandy
[2009/05/17 21:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Opera
[2009/09/10 19:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Orbit
[2009/10/13 13:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Propellerhead Software
[2009/10/23 22:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Publish Providers
[2010/01/19 00:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Research In Motion
[2010/02/02 17:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\runic games
[2009/04/22 20:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\ScanSoft
[2009/10/23 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Sony
[2009/12/29 12:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\StarVault
[2009/10/23 21:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Steinberg
[2010/02/05 15:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\uTorrent
[2010/02/06 01:02:21 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/02/06 07:02:12 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/02/06 13:02:10 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/02/05 19:02:24 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/01/31 01:02:10 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/01/24 02:20:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010/02/06 16:29:30 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: AGP440.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\0b55f15d5d26161f7d256509\i386\sp2.cab:AGP440.sys
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\0b55f15d5d26161f7d256509\i386\sp2.cab:atapi.sys
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/13 10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008/04/13 16:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\eventlog.dll
[2004/08/03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/13 16:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\netlogon.dll
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 16:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008/04/13 16:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/01/03 04:58:32 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/01/03 12:48:50 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010/01/03 04:58:32 | 031,195,136 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/01/03 04:58:32 | 007,077,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D06A4C76
< End of report >

#3
kteng

Posted 06 February 2010 - 06:49 PM

Member

Topic Starter
Member
21 posts

OTL Extras logfile created on: 2/6/2010 4:34:17 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Downloads\software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 34.13 Gb Free Space | 7.33% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 465.68 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KTENG
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3286:TCP" = 3286:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"3246:TCP" = 3246:TCP:*:Enabled:Services
"80:TCP" = 80:TCP:*:Enabled:Services

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"59105:TCP" = 59105:TCP:*:Enabled:Pando Media Booster
"59105:UDP" = 59105:UDP:*:Enabled:Pando Media Booster
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3286:TCP" = 3286:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"3246:TCP" = 3246:TCP:*:Enabled:Services
"56991:TCP" = 56991:TCP:*:Enabled:Pando Media Booster
"56991:UDP" = 56991:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet\FlashGet.exe" = C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Steam\SteamApps\[email protected]\counter-strike\hl.exe" = C:\Program Files\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\World of Warcraft\Repair.exe" = C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility -- (Blizzard Entertainment, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- ()
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\SteamApps\[email protected]\team fortress 2\hl2.exe" = C:\Program Files\Steam\SteamApps\[email protected]\team fortress 2\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Program Files\Steam\SteamApps\[email protected]\half-life\hl.exe" = C:\Program Files\Steam\SteamApps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe" = C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe" = C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe:*:Enabled:TurbineMessageService -- File not found
"C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe" = C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe:*:Enabled:TurbineNetworkService -- File not found
"C:\Program Files\Steam\SteamApps\common\prince of persia the sands of time\PrinceOfPersia.EXE" = C:\Program Files\Steam\SteamApps\common\prince of persia the sands of time\PrinceOfPersia.EXE:*:Enabled:Prince of Persia: The Sands of Time -- (UBISOFT)
"C:\Documents and Settings\Kevin\Desktop\utorrent.exe" = C:\Documents and Settings\Kevin\Desktop\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.516\keyclone\keyclone.exe" = C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.516\keyclone\keyclone.exe:*:Enabled:keyclone -- File not found
"C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.765\keyclone\keyclone.exe" = C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.765\keyclone\keyclone.exe:*:Enabled:keyclone -- File not found
"C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.890\keyclone\keyclone.exe" = C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.890\keyclone\keyclone.exe:*:Enabled:keyclone -- File not found
"C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.609\keyclone\keyclone.exe" = C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.609\keyclone\keyclone.exe:*:Enabled:keyclone -- File not found
"C:\Documents and Settings\Kevin\Desktop\keyclone\keyclone.exe" = C:\Documents and Settings\Kevin\Desktop\keyclone\keyclone.exe:*:Enabled:keyclone -- (Solid ICE Technologies, Inc)
"C:\Program Files\mIRC\mIRC - English.exe" = C:\Program Files\mIRC\mIRC - English.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Kevin\Desktop\Listchecker\pickup.listchecker.exe" = C:\Documents and Settings\Kevin\Desktop\Listchecker\pickup.listchecker.exe:*:Enabled:pickup.listchecker -- ()
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\Steam\SteamApps\common\fallout 3\FalloutLauncher.exe" = C:\Program Files\Steam\SteamApps\common\fallout 3\FalloutLauncher.exe:*:Enabled:Fallout 3 -- (Bethesda Softworks)
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\Heroes of Newerth\hon.exe" = C:\Program Files\Heroes of Newerth\hon.exe:*:Enabled:hon -- (S2 Games)
"C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.234\AionSpamFilter.exe" = C:\Documents and Settings\Kevin\Local Settings\Temp\Rar$EX00.234\AionSpamFilter.exe:*:Enabled:AionSpamFilter -- File not found
"C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe" = C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum -- (Rocksteady Studios Ltd)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\DFO\DFO.exe" = C:\Nexon\DFO\DFO.exe:*:Enabled:Dungeon Fighter Online -- (neople)
"C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe" = C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"C:\Rohan_Global\rohanclient.exe" = C:\Rohan_Global\rohanclient.exe:*:Enabled:Rohan Online Game -- File not found
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe" = C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- ()
"C:\Program Files\GameKiss\ValkyrieSky\Valkyrie Sky.exe" = C:\Program Files\GameKiss\ValkyrieSky\Valkyrie Sky.exe:*:Enabled:Valkyrie ?? ???? -- File not found
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)
"C:\Program Files\Steam\SteamApps\astura\counter-strike\hl.exe" = C:\Program Files\Steam\SteamApps\astura\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Steam\SteamApps\[email protected]\counter-strike source\hl2.exe" = C:\Program Files\Steam\SteamApps\[email protected]\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service -- File not found
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{14E94112-5F6B-4049-B177-4C7E69D3C3A0}_is1" = Dragonica Online
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{3215EBED-1D06-42fb-A05C-A752A46FB24C}" = Canon MP530
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{66798EC2-4ADE-4051-B39A-79FD9FFEF62B}" = Aion
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1015.1
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1" = reFX Nexus 1.0.0
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{961346DF-FE43-4392-99FC-47B1F5A882C3}" = GKLauncher
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CFA05440-A429-4A60-84C9-16919C12876F}_is1" = Cabal Online 8.6.30.1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D96021A9-B290-4783-B019-0E4000DA84CE}" = S4 League_EU
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E6DEF92B-BB32-49CF-96A9-AACE4D046DF4}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}" = BlackBerry Desktop Software 5.0.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.65
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM Search" = AIM Search
"AIM Toolbar" = AIM Toolbar
"AIM_6" = AIM 6
"Akamai" = Akamai NetSession Interface
"AnalogX Extension Changer" = AnalogX Extension Changer
"AOL Instant Messenger" = AOL Instant Messenger
"ASIO4ALL" = ASIO4ALL
"ATITool" = ATITool Overclocking Utility
"AutoHotkey" = AutoHotkey 1.0.48.02
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"BlackBerry_{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}" = BlackBerry Desktop Software 5.0.1
"Canon MP530 User Registration" = Canon MP530 User Registration
"Canon MP620 series User Registration" = Canon MP620 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CC Get MAC Address_is1" = CC Get MAC Address 2.3
"CCleaner" = CCleaner (remove only)
"CMN_Deploy_0" = CMN3 4.0
"Collab" = Collab
"CurseClient" = Curse Client
"DFO" = DFOLauncher
"DFX for Winamp" = DFX for Winamp
"Direct WAV MP3 Splitter_is1" = Direct WAV MP3 Splitter version 2.6.0.19
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint" = Easy-WebPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 8" = FL Studio 8
"FL Studio 9" = FL Studio 9
"FlashGet" = FlashGet 1.9.6.1073
"FlashGet 3.3" = FlashGet 3.3
"Glary Utilities_is1" = Glary Utilities 2.18.0.786
"Hardcore" = Hardcore
"HLSW_is1" = HLSW v1.3.2.1
"hon" = Heroes of Newerth
"Iconoid_is1" = Iconoid Version 3.8.5
"IL Download Manager" = IL Download Manager
"InfraRecorder" = InfraRecorder
"JC&MB Quicknote_is1" = Quicknote 5.4
"LimeWire" = LimeWire PRO 5.3.6
"Live 8.0.4" = Live 8.0.4
"LOSI" = LOSI 0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maximus" = Maximus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenVPN" = OpenVPN 2.1.1
"Orbit_is1" = Orbit Downloader
"PC Wizard 2010_is1" = PC Wizard 2010.1.92
"PerformanceTest 7_is1" = PerformanceTest v7.0
"PoiZone" = PoiZone
"PROR" = Microsoft Office Professional 2007 Trial
"Quest_is1" = Quest 4.0.5
"RealPlayer 6.0" = RealPlayer
"Reason4_is1" = Reason 4.0
"reFX Nexus 1.4.1_is1" = reFX Nexus 1.4.1
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"ROCCAT GUI-CS" = ROCCAT GUI 1.00 (CS)
"Sawer" = Sawer
"Slice" = Slice Audio File Splitter
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = ADRIFT
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 13600" = Prince of Persia: The Sands of Time
"Steam App 22300" = Fallout 3
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steinberg Cubase SX v3.1.1.944" = Steinberg Cubase SX v3.1.1.944
"Toxic Biohazard" = Toxic Biohazard
"Veoh Web Player Beta" = Veoh Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtual Audio Cable 4.04" = Virtual Audio Cable 4.04
"VLC media player" = VLC media player 0.9.9
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AikaOnline" = AikaOnline
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/3/2010 5:55:22 PM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 2/4/2010 1:31:13 AM | Computer Name = KTENG | Source = Application Hang | ID = 1002
Description = Hanging application hl.exe, version 1.1.1.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/4/2010 1:33:45 AM | Computer Name = KTENG | Source = Application Hang | ID = 1002
Description = Hanging application hl.exe, version 1.1.1.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/4/2010 2:27:33 AM | Computer Name = KTENG | Source = Application Hang | ID = 1002
Description = Hanging application hl.exe, version 1.1.1.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/4/2010 11:35:09 PM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 2/5/2010 9:08:57 PM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application ventrilo.exe, version 3.0.4.0, faulting module
unknown, version 0.0.0.0, fault address 0x4b435553.

Error - 2/6/2010 1:11:23 AM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 2/6/2010 6:11:37 AM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 2/6/2010 4:31:25 PM | Computer Name = KTENG | Source = Application Hang | ID = 1002
Description = Hanging application hl.exe, version 1.1.1.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/6/2010 7:34:42 PM | Computer Name = KTENG | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.6089.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

[ System Events ]
Error - 2/4/2010 11:34:08 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/5/2010 7:13:31 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/5/2010 7:14:09 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.

Error - 2/5/2010 7:14:22 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 2/5/2010 10:28:12 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 2/5/2010 10:29:16 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7031
Description = The Akamai NetSession Interface service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 1000
milliseconds: Restart the service.

Error - 2/5/2010 11:58:54 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/6/2010 3:57:12 AM | Computer Name = KTENG | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/6/2010 3:58:49 AM | Computer Name = KTENG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/6/2010 8:29:13 PM | Computer Name = KTENG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

< End of report >