Hi Ron
Thanks for trying to help.
MBAMnetsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
GMER Rootkit Scanner gave me the BSOD with the following message:
The problem seems to be caused by the following file: pwddapob.sys
0x00000050 (0xe74d8000,0x00000000,0xaddb0c3e,0x00000000
pwddabob.sys - Address ADD0C3E base at ADDB000, datestamp 4B274F8D
OTLOTL logfile created on: 10/06/2010 20:11:00 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 82.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 293.32 Gb Total Space | 78.30 Gb Free Space | 26.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DBKQ562J
Current User Name: Ben
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/06/10 18:20:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
PRC - [2010/04/03 08:49:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/20 08:56:56 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/21 05:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/12/09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/01/03 09:10:30 | 001,031,848 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
PRC - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/07 16:30:37 | 000,071,008 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
PRC - [2007/11/15 04:56:55 | 002,189,864 | ---- | M] (Gainward Co.) -- C:\WINDOWS\TBPanel.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/17 14:21:49 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1161414575\ee\aolsoftware.exe
PRC - [2006/11/17 14:21:49 | 000,050,736 | ---- | M] (America Online, Inc.) -- c:\Program Files\Common Files\AOL\1161414575\ee\aolsoftware.exe
PRC - [2006/11/14 00:05:34 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe
PRC - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/12/12 16:52:32 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
PRC - [2005/11/03 20:02:09 | 000,001,536 | ---- | M] () -- c:\Program Files\Common Files\AOL\1161414575\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/05/06 13:46:10 | 000,483,328 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2005/04/14 21:50:12 | 000,262,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2005/03/22 23:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/03/11 12:48:54 | 000,217,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2005/01/12 17:36:00 | 001,658,965 | ---- | M] (GlobespanVirata, Inc.) -- C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
PRC - [2005/01/12 17:36:00 | 000,016,384 | ---- | M] () -- C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
PRC - [2003/10/29 02:06:00 | 000,024,576 | R--- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003/05/06 09:28:34 | 000,072,192 | ---- | M] (Friendly Technologies) -- C:\Program Files\VoyagerTest\fts.exe
========== Modules (SafeList) ========== MOD - [2010/06/10 18:20:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
MOD - [2009/01/03 09:07:04 | 000,188,416 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.dll
MOD - [2006/11/30 15:50:22 | 000,010,288 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\WLHook.dll
MOD - [1999/03/29 07:34:06 | 000,110,595 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Msscript1.ocx
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (IAANTMonCryptSvc) Intel®
SRV - File not found [Auto | Stopped] -- -- (HidServUleadBurningHelper)
SRV - [2009/12/09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2007/02/08 17:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/14 00:05:34 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Auto | Running] -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2006/11/13 21:59:52 | 000,122,880 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005/12/12 16:52:32 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)
SRV - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
========== Driver Services (SafeList) ========== DRV - [2010/01/12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/12/02 15:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2008/06/06 09:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 07:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/01 16:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008/02/01 16:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2007/02/13 20:45:53 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006/12/27 15:19:49 | 000,162,432 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt)
DRV - [2006/12/27 15:19:49 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt)
DRV - [2006/11/13 21:38:28 | 000,011,776 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\diginet.sys -- (DigiNet)
DRV - [2006/11/13 21:38:24 | 000,016,384 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\DigiFilt.sys -- (DigiFilter)
DRV - [2006/11/13 21:37:58 | 000,015,232 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbx2midk.sys -- (MBX2MIDK)
DRV - [2006/11/13 21:37:42 | 000,015,488 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbx2dfu.sys -- (MBX2DFU)
DRV - [2006/11/13 21:36:36 | 000,109,056 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dalwdm.sys -- (dalwdmservice)
DRV - [2006/10/05 17:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TPkd.sys -- (TPkd)
DRV - [2006/08/29 00:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/01/12 10:18:38 | 000,022,752 | ---- | M] (Behringer Spezielle Studiotechnik GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bumxmidi.sys -- (BCUMXMIDI)
DRV - [2005/12/12 16:52:34 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)
DRV - [2005/12/12 16:52:34 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)
DRV - [2005/12/12 16:52:34 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)
DRV - [2005/12/12 16:52:34 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)
DRV - [2005/12/12 16:52:32 | 000,007,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2005/11/16 21:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/22 18:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/09/12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 19:05:24 | 000,176,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/06/17 12:33:40 | 000,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iastor.sys -- (iastor)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/04/22 22:34:56 | 000,052,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/04/22 21:11:30 | 000,098,048 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/04/06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/03/30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005/01/14 17:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/01/12 17:36:00 | 000,138,402 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\glausb.sys -- (lanusb)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/10/04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/07/08 17:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/25 16:52:46 | 000,104,375 | ---- | M] (Friendly Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PPPoEWin.SYS -- (PPPoEWin)
DRV - [2003/01/10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/16 13:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.co.uk/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {177C5996-27E7-43AA-9B1C-E621C0FB4792}:1.9.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{177C5996-27E7-43AA-9B1C-E621C0FB4792}: C:\Documents and Settings\Ben\Local Settings\Application Data\{177C5996-27E7-43AA-9B1C-E621C0FB4792} [2010/02/20 18:46:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/20 08:57:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/15 20:27:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/15 20:29:24 | 000,000,000 | ---D | M]
[2009/01/08 12:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2010/06/09 21:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions
[2010/04/27 21:00:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/30 19:50:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2010/04/18 10:07:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/07/22 20:14:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010/06/09 21:30:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/27 23:51:51 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/27 23:51:51 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/27 23:51:51 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/27 23:51:51 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2009/12/27 10:22:04 | 000,370,657 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12778 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [%FP%Friendly fts.exe] C:\Program Files\VoyagerTest\fts.exe (Friendly Technologies)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe ()
O4 - HKLM..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe (GlobespanVirata, Inc.)
O4 - HKLM..\Run: [Gainward] C:\WINDOWS\TBPanel.exe (Gainward Co.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1161414575\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKCU..\Run: [Fraps] C:\Fraps\fraps.exe (Beepa P/L)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://www1.snapfish...shUKActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
http://194.72.186.24...sCamControl.cab (CamImage Class)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/03 21:57:45 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{6cc60082-31f9-11df-8b75-0011f534dbf4}\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{9cd5c254-d129-11de-9ecc-0011f534dbf4}\Shell\AutoRun\command - "" = E:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{9cd5c254-d129-11de-9ecc-0011f534dbf4}\Shell\menu1\command - "" = E:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/08/16 04:22:48 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: midi2 - C:\WINDOWS\System32\mbx2midu.dll (Digidesign, A Division of Avid Technology, Inc.)
Drivers32: MIDI3 - C:\WINDOWS\System32\Diomidi.DLL (Digidesign, A Division of Avid Technology, Inc.)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\scg726.acm (SHARP Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Ligos Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\iyvu9_32.dll ()
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave4 - C:\WINDOWS\System32\Digi32.dll (Digidesign, A Division of Avid Technology, Inc.)
Unable to start service SrService!
========== Files/Folders - Created Within 90 Days ========== [2010/06/10 19:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/06/10 18:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/10 18:20:03 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2010/06/10 18:18:48 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Ben\Desktop\erunt_setup.exe
[2010/06/10 18:18:36 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\TFC.exe
[2010/06/09 20:28:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ben\Recent
[2010/06/09 20:11:27 | 000,000,000 | ---D | C] -- C:\Rooter$
[2010/05/30 11:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\Bioshock
[2010/05/30 11:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\Bioshock
[2010/05/28 19:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Local Settings\Application Data\Spotify
[2010/05/28 19:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\Spotify
[2010/05/28 19:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spotify
[2010/05/17 07:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\Old Attempt2
[2010/05/12 22:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\My Musi[bleep]itled - 12-05-10
[2010/05/09 22:07:32 | 000,086,016 | ---- | C] (MindVision) -- C:\WINDOWS\unvise32qt.exe
[2010/05/08 19:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\New artist - Album_128
[2010/05/08 10:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\Max Payne 2 Savegames
[2010/05/04 07:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\Old Attempt
[2010/05/03 09:41:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Local Settings\Application Data\ivecxcdev
[2010/04/19 07:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\N95
[2010/04/13 08:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/28 17:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\New artist - Album_37
[2010/03/20 08:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/03/20 08:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\real
[2010/03/20 08:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/03/16 21:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\Magix
[2010/03/14 22:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\BioWare
========== Files - Modified Within 90 Days ========== [2010/06/10 20:15:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/10 20:15:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/10 20:13:48 | 000,000,374 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2010/06/10 20:13:46 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010/06/10 20:05:51 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/06/10 20:02:32 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/06/10 20:01:55 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/10 20:01:27 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/10 20:00:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/10 20:00:13 | 3487,723,520 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/10 19:04:01 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/06/10 19:03:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/10 18:34:48 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\NTREGOPT.lnk
[2010/06/10 18:34:48 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\ERUNT.lnk
[2010/06/10 18:22:50 | 015,466,496 | ---- | M] () -- C:\Documents and Settings\Ben\ntuser.dat
[2010/06/10 18:20:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2010/06/10 18:19:04 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Ben\Desktop\erunt_setup.exe
[2010/06/10 18:18:37 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\TFC.exe
[2010/06/10 18:12:33 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2010/06/09 21:45:20 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2010/06/09 21:45:19 | 001,578,256 | -H-- | M] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\IconCache.db
[2010/06/09 20:29:41 | 000,000,332 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100609_202937.reg
[2010/06/09 20:29:20 | 000,014,540 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100609_202914.reg
[2010/06/09 20:23:39 | 000,000,889 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/09 20:05:04 | 000,153,600 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\SharedSettings.ccs
[2010/06/09 19:00:38 | 000,231,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/09 08:17:55 | 000,503,304 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/09 08:17:55 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/09 08:17:55 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/06 22:17:11 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Ben\ntuser.ini
[2010/06/05 15:02:19 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/05 09:14:36 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/06/05 09:11:19 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100605_091116.reg
[2010/06/03 21:27:54 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010/06/03 21:27:54 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/06/03 21:27:54 | 000,000,032 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010/05/28 19:54:00 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Spotify.lnk
[2010/05/26 22:36:43 | 000,003,494 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100526_223638.reg
[2010/05/23 12:23:11 | 001,459,626 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Tuning.mp3
[2010/05/21 20:18:09 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/15 20:24:24 | 000,009,280 | ---- | M] () -- C:\WINDOWS\System32\QuickTime.qtp
[2010/05/15 20:15:54 | 000,000,427 | ---- | M] () -- C:\WINDOWS\System32\QuickTimeFavorites.qtr
[2010/05/15 20:15:35 | 000,028,672 | ---- | M] () -- C:\WINDOWS\System32\qttask.exe
[2010/05/12 22:04:23 | 000,000,791 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/05/03 10:16:41 | 000,002,168 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100503_101638.reg
[2010/05/01 13:46:30 | 000,000,023 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/24 08:47:36 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100424_084733.reg
[2010/04/21 19:39:18 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/15 20:41:29 | 000,000,645 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/04/15 20:12:44 | 000,003,784 | ---- | M] () -- C:\WINDOWS\System32\actmoviep.sys
[2010/04/15 20:12:27 | 000,000,425 | --S- | M] () -- C:\WINDOWS\System32\1928339733.dat
[2010/04/10 00:41:29 | 000,001,950 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20100410_004126.reg
[2010/03/20 08:56:58 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/19 23:33:16 | 000,066,472 | ---- | M] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
========== Files Created - No Company Name ========== [2010/06/10 19:10:28 | 000,000,374 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2010/06/10 19:09:08 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/06/10 19:04:01 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/06/10 18:34:48 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\NTREGOPT.lnk
[2010/06/10 18:34:48 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\ERUNT.lnk
[2010/06/09 20:29:38 | 000,000,332 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100609_202937.reg
[2010/06/09 20:29:16 | 000,014,540 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100609_202914.reg
[2010/06/05 09:11:18 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100605_091116.reg
[2010/05/30 11:22:55 | 3487,723,520 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/28 19:54:00 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Spotify.lnk
[2010/05/26 22:36:41 | 000,003,494 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100526_223638.reg
[2010/05/23 12:23:02 | 001,459,626 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Tuning.mp3
[2010/05/21 20:18:09 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/15 20:15:35 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe
[2010/05/14 20:53:00 | 000,000,427 | ---- | C] () -- C:\WINDOWS\System32\QuickTimeFavorites.qtr
[2010/05/09 22:05:39 | 000,009,280 | ---- | C] () -- C:\WINDOWS\System32\QuickTime.qtp
[2010/05/03 10:16:40 | 000,002,168 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100503_101638.reg
[2010/04/24 08:47:35 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100424_084733.reg
[2010/04/14 07:57:56 | 000,003,784 | ---- | C] () -- C:\WINDOWS\System32\actmoviep.sys
[2010/04/14 07:55:06 | 000,000,425 | --S- | C] () -- C:\WINDOWS\System32\1928339733.dat
[2010/04/10 00:41:27 | 000,001,950 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20100410_004126.reg
[2010/03/20 08:57:49 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2010/03/20 08:57:49 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2009/12/31 16:33:58 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RUNAWAY.INI
[2009/07/27 07:52:05 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/07/07 07:48:24 | 000,000,791 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/06/12 20:44:55 | 000,000,208 | ---- | C] () -- C:\WINDOWS\System32\xpysys.dll
[2008/12/22 12:34:17 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008/10/28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/10/07 18:47:29 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/10/07 18:47:29 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/10/07 18:47:29 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/10/07 18:47:29 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/10/07 18:47:29 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/10/07 18:47:29 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/09/06 17:24:43 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2008/04/13 14:09:16 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/01/06 21:04:44 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/01/03 21:59:35 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2008/01/03 21:53:34 | 000,032,768 | ---- | C] () -- C:\WINDOWS\TBPanelExt.dll
[2008/01/03 21:53:34 | 000,012,285 | ---- | C] () -- C:\WINDOWS\Cadx3.ini
[2008/01/03 21:53:34 | 000,006,942 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2008/01/03 21:53:34 | 000,005,120 | ---- | C] () -- C:\WINDOWS\TBManage.dll
[2007/09/14 07:34:56 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/14 07:34:56 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007/04/06 10:17:24 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2007/04/05 19:21:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\DigiPlatformSupport.dll
[2007/02/13 20:45:53 | 000,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/01/26 19:40:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/26 09:01:20 | 000,000,635 | ---- | C] () -- C:\WINDOWS\ef.INI
[2007/01/12 21:01:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006/12/31 12:41:24 | 000,000,129 | ---- | C] () -- C:\WINDOWS\cdiemu.ini
[2006/12/27 15:19:49 | 000,162,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\ithsgt.sys
[2006/12/27 15:19:49 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\lilsgt.sys
[2006/10/17 23:01:45 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CoInst.dll
[2006/10/17 23:01:41 | 000,017,020 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2006/10/10 17:24:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/07 17:16:00 | 000,000,008 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/08/09 07:54:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musiceditor.INI
[2006/08/08 08:04:52 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/07/15 01:43:06 | 000,000,043 | ---- | C] () -- C:\WINDOWS\VideoLink Pro.INI
[2006/07/14 19:13:24 | 000,000,278 | ---- | C] () -- C:\WINDOWS\MovieEdit.INI
[2006/07/14 18:52:52 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/06/11 10:33:26 | 000,000,099 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2006/06/10 13:04:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006/05/31 17:38:13 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2006/05/31 17:38:13 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2006/04/30 21:37:27 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini
[2006/04/30 21:37:26 | 000,000,979 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006/04/26 21:59:13 | 000,215,552 | ---- | C] () -- C:\WINDOWS\System32\Webupdate2.dll
[2006/04/26 21:59:13 | 000,002,309 | ---- | C] () -- C:\WINDOWS\System32\french.ini
[2006/04/26 21:59:13 | 000,002,194 | ---- | C] () -- C:\WINDOWS\System32\spanish.ini
[2006/04/26 21:59:13 | 000,001,673 | ---- | C] () -- C:\WINDOWS\System32\english.ini
[2006/04/24 18:32:30 | 000,002,632 | ---- | C] () -- C:\WINDOWS\scummvm.ini
[2006/04/16 01:44:16 | 000,308,736 | ---- | C] () -- C:\WINDOWS\System32\fpxlib.dll
[2006/04/16 01:44:16 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\jpeglib.dll
[2006/04/16 01:44:01 | 000,000,401 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2006/04/16 01:43:38 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2006/04/08 13:55:43 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006/04/07 18:16:17 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/04/05 21:59:43 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\C60B96B314.sys
[2006/04/05 20:42:24 | 000,000,540 | ---- | C] () -- C:\WINDOWS\AppRun.ini
[2006/04/03 20:14:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/04/03 20:12:17 | 000,000,645 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/04/03 19:45:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/04/03 19:45:16 | 000,000,476 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/12/07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005/11/10 08:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 04:18:33 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(3).dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/28 05:22:38 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/12/02 15:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/09/22 10:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/07/29 15:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
========== LOP Check ========== [2006/05/31 18:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2006/04/03 20:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2008/10/19 08:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/08/21 19:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/10/07 18:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/01/03 21:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2007/12/17 19:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2007/04/03 18:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2007/12/17 19:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/04/03 20:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2008/10/07 18:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/06/10 20:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/10/07 18:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2006/04/03 20:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/06/06 12:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Alru
[2010/06/02 21:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Bioshock
[2009/11/24 15:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Braid
[2009/02/10 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Canon
[2009/06/12 20:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CoffeeCup Software
[2010/06/06 12:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Cyovu
[2007/04/05 18:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DigiDelivery
[2010/06/03 21:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Digidesign
[2010/04/02 13:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Facebook
[2006/08/19 13:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Gearbox Software
[2008/10/07 19:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\InterVideo
[2007/03/13 22:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2009/07/15 22:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\LucasArts
[2010/03/16 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Magix
[2008/03/01 00:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\muvee Technologies
[2007/12/17 19:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Nokia
[2007/12/19 20:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Nokia Multimedia Player
[2007/12/17 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\NSeries
[2007/04/03 18:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PACE Anti-Piracy
[2007/12/17 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PC Suite
[2008/04/03 20:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Propellerhead Software
[2007/12/21 22:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ScummVM
[2006/12/17 20:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Snapfish
[2010/06/08 20:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Spotify
[2006/04/07 18:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Template
[2007/05/06 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\The Longest Journey
[2008/10/07 19:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ulead Systems
[2008/05/09 22:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Viewpoint
[2010/06/10 20:05:51 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/06/10 20:13:48 | 000,000,374 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006/04/05 21:10:57 | 000,000,741 | ---- | M] () -- C:\892.cin
[2006/04/05 21:10:57 | 000,000,665 | ---- | M] () -- C:\900.cin
[2009/01/23 00:05:37 | 000,000,476 | ---- | M] () -- C:\aaw7boot.log
[2009/03/16 14:36:40 | 001,347,346 | ---- | M] () -- C:\Apr2005_d3dx9_25_x64.cab
[2009/03/16 14:36:42 | 001,078,954 | ---- | M] () -- C:\Apr2005_d3dx9_25_x86.cab
[2009/03/16 14:36:38 | 001,397,830 | ---- | M] () -- C:\Apr2006_d3dx9_30_x64.cab
[2009/03/16 14:36:44 | 001,115,221 | ---- | M] () -- C:\Apr2006_d3dx9_30_x86.cab
[2009/05/02 09:00:19 | 000,631,209 | ---- | M] () -- C:\Apr2006_MDX1_x86.cab
[2008/01/03 21:57:45 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/04/05 19:05:12 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2005/08/16 04:43:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/05/31 18:11:11 | 000,000,230 | ---- | M] () -- C:\config.xml
[2006/04/03 19:48:36 | 000,005,815 | RH-- | M] () -- C:\dell.sdr
[2010/06/10 20:00:13 | 3487,723,520 | -HS- | M] () -- C:\hiberfil.sys
[2006/04/05 20:42:05 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2006/08/08 08:04:54 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2005/08/16 04:43:04 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2010/05/29 09:33:48 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2005/08/16 04:43:04 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/10 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/19 18:05:18 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/10 20:00:04 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/06/09 20:12:15 | 000,004,155 | ---- | M] () -- C:\Rooter.txt
[2009/02/24 09:06:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/02/24 09:06:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2001/05/24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2008/10/07 19:20:25 | 000,482,642 | ---- | M] () -- C:\vcredist_x86.log
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2008/04/14 01:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2005/08/16 04:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 04:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 04:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[1 C:\WINDOWS\System32\config\*.tmp files -> C:\WINDOWS\System32\config\*.tmp -> ]
< %systemroot%\system32\user32.dll /md5 >[2008/04/14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >[2008/04/14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
========== Files - Unicode (All) ==========[2008/09/12 20:33:34 | 000,000,018 | ---- | M] ()(C:\WINDOWS\??????) -- C:\WINDOWS\捉湯牗獫䤮䥎
[2008/09/11 20:33:36 | 000,000,018 | ---- | C] ()(C:\WINDOWS\??????) -- C:\WINDOWS\捉湯牗獫䤮䥎
========== Alternate Data Streams ========== @Alternate Data Stream - 997 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:rtKzb9jo9BT4gM0o2uWd
@Alternate Data Stream - 992 bytes -> C:\Program Files\Common Files\Microsoft Shared:4vadmz7wik8aw3QjYE1BHij0kzp
@Alternate Data Stream - 979 bytes -> C:\Program Files\Common Files\Microsoft Shared:FRfNbYGVPEJqJ8Tab5A
@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61435A52
@Alternate Data Stream - 1047 bytes -> C:\Documents and Settings\Ben\Local Settings\Application Data\T8VArVzn:Ihh5cAQXTEu2i2CNRajPpO0oVA2
@Alternate Data Stream - 1030 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:DobnmRnsW5dWSOMIxGMZohe2Ptl
< End of report >
OTL Extras logfile created on: 10/06/2010 20:11:01 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 82.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 293.32 Gb Total Space | 78.30 Gb Free Space | 26.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DBKQ562J
Current User Name: Ben
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = aolfile_HTM] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- C:\PROGRA~1\AOL9~1.0\aol.exe -u"%1" File not found
https [open] -- C:\PROGRA~1\AOL9~1.0\aol.exe -u"%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Grisoft\AVG Free\avginet.exe" = C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Kerio\Personal Firewall\PERSFW.exe" = C:\Program Files\Kerio\Personal Firewall\PERSFW.exe:*:Enabled:Kerio Personal Firewall Engine -- File not found
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- File not found
"C:\Program Files\VideoLink Pro\Engine.exe" = C:\Program Files\VideoLink Pro\Engine.exe:*:Enabled:VideoLink Engine -- (Smith Micro Software, Inc.)
"C:\Program Files\VideoLink Pro\SMListenEngine.exe" = C:\Program Files\VideoLink Pro\SMListenEngine.exe:*:Enabled:Tray Listening Engine -- (Smith Micro Software, Inc.)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe" = C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG Free\avgcc.exe" = C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) -- File not found
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) -- File not found
"C:\Program Files\Valve\Steam\Steam.exe" = C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Common Files\AOL\1161414575\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1161414575\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Valve\Steam\SteamApps\benjg\team fortress 2\hl2.exe" = C:\Program Files\Valve\Steam\SteamApps\benjg\team fortress 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\InterVideo\DVD8\WinDVD.exe" = C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe" = C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander -- File not found
"C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe" = C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™ -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"K:\AOL 9.0 VR\waol.exe" = K:\AOL 9.0 VR\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1161414575\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1161414575\ee\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Valve\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe" = C:\Program Files\Valve\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:Peggle Extreme -- ()
"C:\Program Files\Valve\Steam\SteamApps\common\the longest journey\game.exe" = C:\Program Files\Valve\Steam\SteamApps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\CoffeeCup Software\Free FTP\FreeFTP.exe" = C:\Program Files\CoffeeCup Software\Free FTP\FreeFTP.exe:*:Enabled:Direct FTP Application -- (CoffeeCup Software, Inc.)
"C:\Program Files\Valve\Steam\SteamApps\common\the secret of monkey island special edition\MISE.exe" = C:\Program Files\Valve\Steam\SteamApps\common\the secret of monkey island special edition\MISE.exe:*:Enabled:The Secret of Monkey Island: Special Edition -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Valve\Steam\SteamApps\common\runaway a road adventure\Runaway.exe" = C:\Program Files\Valve\Steam\SteamApps\common\runaway a road adventure\Runaway.exe:*:Enabled:Runaway, A Road Adventure -- ()
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Valve\Steam\SteamApps\common\mass effect\Binaries\MassEffect.exe" = C:\Program Files\Valve\Steam\SteamApps\common\mass effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect -- (BioWare)
"C:\Program Files\Valve\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe" = C:\Program Files\Valve\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe:*:Enabled:Max Payne 2: The Fall of Max Payne -- (Remedy Entertainment)
"C:\Program Files\Valve\Steam\SteamApps\benjg\half-life\hl.exe" = C:\Program Files\Valve\Steam\SteamApps\benjg\half-life\hl.exe:*:Enabled:Half-Life -- (Valve)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Valve\Steam\SteamApps\common\bioshock\Builds\Release\Bioshock.exe" = C:\Program Files\Valve\Steam\SteamApps\common\bioshock\Builds\Release\Bioshock.exe:*:Enabled:BioShock -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1D3C662A-F6C6-4767-A788-7AA43A9A1317}" = ARTEuro
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2158685C-E2B3-4026-B0A1-0FFE31837AFD}" = PlayLinc
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{233F252D-1742-473C-AAD9-3DEB9C0E46E6}" = Syberia DVD
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48110A46-A3A4-481E-8230-7873B7F4C696}" = Nokia Software Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel® PROSet for Wired Connections
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}" = Free Bomb Factory Plug-Ins 7.3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C22F265-DE76-44D1-8A79-A71D819137DA}" = Intel® Quick Resume Technology Drivers
"{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}" = Intel® Viiv™
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{923C8F79-D70B-4E53-B278-41AD6560C55C}" = ArcSoft VideoImpression 1.6
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A15B3CF2-7FB7-4102-BBC9-9680B7F0825F}" = InterLok Driver Kit
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.3
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B53F4598-B3D9-41DF-911E-523FA91EE464}" = Nokia Software Launcher
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BFE9C03E-2335-4041-848F-5D055D5DD89A}" = AmpliTube 1.1 LE
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Kondor
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life® 2
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF2F3EF2-A1CC-4ACD-BCAE-92CAC8D5613A}" = Digidesign Pro Tools LE 7.3.1
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1932E56-8A95-40E0-A15B-E06B45969845}" = Nokia NSeries System Utilities
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"7-Zip" = 7-Zip 4.64
"A123 Mp4 to AVI WMV DVD MPEG MOV Converter_is1" = A123 Mp4 to AVI WMV DVD MPEG MOV Converter 3.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adventure Maker v4.5.2_is1" = Adventure Maker v4.5.2 (build1)
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach uk" = AOL Coach Version 1.0(Build:20040229.1 uk)
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"BookSmart® 2.5.1 2.5.1" = BookSmart® 2.5.1 2.5.1
"Broken Sword" = Broken Sword
"Broken Sword II" = Broken Sword II
"BT Voyager 105 ADSL Modem" = BT Voyager 105 ADSL Modem
"BT Voyager Modem AOL Test" = BT Voyager Modem AOL Test
"Canon CanoScan Toolbox 4.0" = Canon CanoScan Toolbox 4.0
"Carmageddon II Carpocalypse Now" = Carmageddon II Carpocalypse Now
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CoffeeCup Free FTP 4.2" = CoffeeCup Free FTP
"DellSupport" = Dell Support 5.0.0 (630)
"D-Fend Reloaded" = D-Fend Reloaded 0.3.2 (deinstall)
"EAX Unified" = EAX Unified
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ERUNT_is1" = ERUNT 1.1j
"ESPNMotion" = ESPNMotion
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"FLV Player1.33 FC" = FLV Player
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter_is1" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter 4.2.0620
"Fraps" = Fraps
"Gainward" = EXPERTool
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImageRecall 3" = ImageRecall 3
"Indeo® Software" = Indeo® Software
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"Intel® Quick Resume Technology" = Intel® Quick Resume Technology Drivers
"Lemonade_is1" = Lemonade 0.9.8 Public BETA
"Mafia" = Mafia
"MAGIX Media Manager 2004 silver" = MAGIX Media Manager 2004 silver
"MAGIX Media Manager silver" = MAGIX Media Manager silver
"MAGIX Movie Edit Pro 2005" = MAGIX Movie Edit Pro 2005
"MAGIX mp3 maker titanium 2004" = MAGIX mp3 maker titanium 2004
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel® PRO Network Connections Drivers
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Reason4_is1" = Reason 4.0.1
"ScummVM_is1" = ScummVM 0.10.0
"Spotify" = Spotify
"Steam App 12150" = Max Payne 2: The Fall of Max Payne
"Steam App 17460" = Mass Effect
"Steam App 26800" = Braid
"Steam App 32360" = The Secret of Monkey Island: Special Edition
"Steam App 3483" = Peggle Extreme
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 70" = Half-Life
"Steam App 7210" = Runaway, A Road Adventure
"Steam App 7670" = BioShock
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Thief2DeinstallKey" = Thief 2
"ThiefGoldDeinstallKey" = Thief Gold
"VideoLink Pro" = VideoLink Pro
"ViewpointMediaPlayer" = Viewpoint Media Player
"VP3 Codec for Video for Windows" = VP3 Codec for Video for Windows
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinUAE" = WinUAE 1.5.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Steam App 2145" = Dark Messiah Might and Magic Dedicated Server
"Steam App 6310" = The Longest Journey
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 05/06/2010 10:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 05/06/2010 11:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 05/06/2010 12:15:06 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 05/06/2010 13:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 05/06/2010 14:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 05/06/2010 15:15:13 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 06/06/2010 17:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 09/06/2010 03:15:15 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 10/06/2010 13:15:05 | Computer Name = DBKQ562J | Source = Google Update | ID = 20
Description =
Error - 10/06/2010 14:10:51 | Computer Name = DBKQ562J | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
[ System Events ]
Error - 10/06/2010 13:22:19 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The Intel® Matrix Storage Event Monitor service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/06/2010 13:22:19 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The IviRegMgr service terminated unexpectedly. It has done this 1
time(s).
Error - 10/06/2010 13:22:19 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 10/06/2010 13:22:19 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).
Error - 10/06/2010 13:22:20 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The Ulead Burning Helper service terminated unexpectedly. It has
done this 1 time(s).
Error - 10/06/2010 13:22:20 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7034
Description = The Intel® Quick Resume Technology Drivers service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/06/2010 13:27:18 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7000
Description = The Cardex service failed to start due to the following error: %%183
Error - 10/06/2010 15:04:05 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7000
Description = The Cardex service failed to start due to the following error: %%183
Error - 10/06/2010 15:11:33 | Computer Name = DBKQ562J | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 10/06/2010 15:11:34 | Computer Name = DBKQ562J | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2
< End of report >