OTL logfile created on: 8/21/2010 15:55:13 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 74.23 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 620.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2010/07/31 11:15:51 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/07/07 20:33:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010/07/07 20:27:16 | 001,268,224 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2010/06/30 20:34:27 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Steam\Steam.exe
PRC - [2010/06/28 15:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/21 22:37:54 | 001,619,272 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/09 15:32:20 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lycosa\razertra.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/22 22:11:32 | 001,675,776 | ---- | M] (Flagship Industries, Inc.) -- C:\Ventrilo\Ventrilo.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/21 13:10:30 | 000,610,816 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2008/10/16 18:07:40 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\Razer\Lycosa\razerhid.exe
PRC - [2008/08/06 16:31:44 | 000,233,576 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2007/12/16 23:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2005/12/12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
========== Modules (SafeList) ==========
MOD - [2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2009/04/10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 02:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 15:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/21 22:37:54 | 001,619,272 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/05 18:17:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/02/09 22:35:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/02/09 22:23:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/02/04 16:20:33 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/30 14:17:30 | 003,407,412 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/06/18 19:10:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/04/02 13:27:26 | 000,090,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008/09/10 10:22:32 | 000,229,648 | ---- | M] (Uniblue) [On_Demand | Stopped] -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/16 23:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/12/12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2005/08/02 16:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\swlubtl.sys -- (swlubtl)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SWLD23U.sys -- (SWLD23U)
DRV - File not found [Kernel | Unknown | Running] -- -- (SASKUTIL)
DRV - File not found [Kernel | Unknown | Running] -- -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\nvflash.sys -- (NVR0FLASHDev)
DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Owner\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\AsInsHelp32.sys -- (ASInsHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AWRTPD.sys -- (Ad-Watch Real-Time Scanner)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2010/07/09 17:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/07/07 22:15:22 | 001,227,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x22k.sys -- (ha20x22k)
DRV - [2010/07/07 22:15:10 | 001,184,344 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/07/07 22:15:00 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/07/07 22:14:52 | 000,159,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/07/07 22:14:44 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/07/07 22:14:36 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/07/07 22:14:20 | 000,537,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/07/07 22:14:00 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/07/07 22:13:52 | 001,353,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2010/07/07 22:13:52 | 001,353,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/07/07 22:13:42 | 000,073,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2010/07/07 22:13:42 | 000,073,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/07/07 22:13:34 | 000,198,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2010/07/07 22:13:34 | 000,198,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/03 21:22:30 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/30 19:02:30 | 000,047,152 | ---- | M] (Prevx) [File_System | Auto | Running] -- C:\Windows\System32\drivers\pxrts.sys -- (pxrts)
DRV - [2009/11/30 19:02:30 | 000,030,280 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2009/11/30 19:02:29 | 000,024,496 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pxkbf.sys -- (pxkbf)
DRV - [2009/09/23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/04 18:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvrd32.sys -- (nvrd32)
DRV - [2009/08/04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009/04/10 21:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/02/03 14:54:52 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTVideo.sys -- (SndTVideo)
DRV - [2009/02/03 14:54:48 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2008/05/22 14:21:46 | 000,016,896 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2008/04/17 12:57:48 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MovRVDrv32.sys -- (MovRVDrv32)
DRV - [2008/04/17 12:57:46 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTDriverV32.sys -- (SndTDriverV32)
DRV - [2007/12/17 18:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/09/04 20:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\nvoclock.sys -- (NVR0Dev)
DRV - [2007/08/28 18:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/08/21 03:13:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2007/08/08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2007/01/15 16:35:18 | 001,032,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/01/05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA nForce
DRV - [2007/01/05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:51:31 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/11/02 03:35:04 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/18 13:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005/12/21 12:23:26 | 000,014,592 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Usbicp.sys -- (uisp)
DRV - [2005/08/02 16:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2004/08/10 09:57:54 | 000,017,536 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NtpaSp50.sys -- (NTPASp50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.myspace.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {2458abc0-f443-11dd-87af-0800200c9a66}:3.6.3.1.03.04.10
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.7
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/21 10:18:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 11:01:13 | 000,000,000 | ---D | M]
[2009/03/16 15:28:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2009/02/05 18:54:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/08/17 19:34:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions
[2010/05/01 12:52:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 19:09:03 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/07/31 23:17:46 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/08/05 17:59:46 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/07/31 23:17:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/05 17:12:56 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/08/05 17:29:40 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/10/17 10:11:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/08/05 18:04:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/07/31 23:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/08/05 17:41:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/08/05 17:07:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\[email protected]
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010/02/23 18:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009/05/24 12:49:59 | 000,002,395 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\searchplugins\daemon-search.xml
[2008/12/12 13:23:54 | 000,002,158 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7e8w4di.default\searchplugins\MySpace.xml
[2010/08/17 19:04:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/29 23:03:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/17 19:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/08/21 12:13:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 71.15.32.8 71.15.32.9
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1998/12/13 02:43:32 | 000,000,040 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008/07/15 19:53:55 | 000,000,142 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co....thors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 90 Days ==========
[2010/08/21 15:40:00 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/21 12:29:15 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2010/08/21 12:13:43 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/21 12:12:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/21 12:12:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2010/08/21 11:59:58 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/21 11:59:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/21 11:59:42 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/21 11:39:30 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/08/21 01:38:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\O&O
[2010/08/21 01:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010/08/21 00:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/08/21 00:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/16 16:27:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\yabot-v1.1
[2010/08/13 20:07:53 | 000,000,000 | ---D | C] -- C:\HammerAutosave
[2010/08/11 19:24:20 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/08/11 19:24:20 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/08/11 19:24:20 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/08/11 19:24:20 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/08/11 19:24:19 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/08/11 19:23:35 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/08/11 19:23:35 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/08/11 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/08/11 19:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/08/05 17:41:00 | 000,028,672 | ---- | C] (6XGate Systems, Inc.) -- C:\Windows\System32\regclass.dll
[2010/08/05 17:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\FirefoxPreloader
[2010/08/05 17:28:39 | 000,453,000 | ---- | C] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/04 10:38:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Staygrey_by_lefty28
[2010/08/03 23:07:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\iTunes Videos
[2010/08/03 22:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\CodeGazer
[2010/08/03 17:45:24 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/28 20:01:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\StarCraft II
[2010/07/28 20:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/07 22:15:42 | 001,811,288 | ---- | C] (Creative) -- C:\Windows\System32\drivers\ct20xflt.sys
[2010/07/07 20:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2010/07/07 20:10:22 | 000,012,800 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe
[2010/07/01 13:13:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\NCSoft
[2010/06/21 22:38:22 | 001,254,728 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\ooscrsav.scr
[2010/06/21 22:37:28 | 000,200,008 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodbs.exe
[2010/06/21 22:33:16 | 000,546,120 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodssrs.dll
[2010/06/21 22:32:50 | 000,010,056 | ---- | C] (O&O Software GmbH) -- C:\Windows\System32\oodbsrs.dll
[2010/06/21 00:02:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ipod music
[2010/06/19 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 04:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/06/11 14:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtime Worlds
[2010/06/06 03:27:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Need for Speed World Online
[2010/06/06 03:27:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Need for Speed World
[2010/06/06 03:06:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Electronic_Arts_Inc
[2010/06/04 13:22:42 | 000,000,000 | ---D | C] -- C:\SRCDS
[2008/05/07 18:13:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Owner\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 90 Days ==========
[2010/08/21 15:54:14 | 012,845,056 | ---- | M] () -- C:\Users\Owner\ntuser.dat
[2010/08/21 15:41:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4051726148-2668874063-1496388572-1000UA.job
[2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/21 15:19:34 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 15:19:34 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 15:19:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/21 15:19:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/21 15:19:14 | 000,010,208 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2010/08/21 15:18:23 | 000,055,380 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:23 | 000,055,380 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:23 | 000,000,820 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/21 15:18:08 | 000,524,288 | -HS- | M] () -- C:\Users\Owner\ntuser.dat{61c5b91a-2bc4-11df-b3d9-001a92569e01}.TMContainer00000000000000000001.regtrans-ms
[2010/08/21 15:18:08 | 000,065,536 | -HS- | M] () -- C:\Users\Owner\ntuser.dat{61c5b91a-2bc4-11df-b3d9-001a92569e01}.TM.blf
[2010/08/21 15:18:07 | 001,859,022 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2010/08/21 14:41:21 | 000,000,714 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/08/21 12:29:17 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2010/08/21 12:13:48 | 000,000,320 | ---- | M] () -- C:\Windows\system.ini
[2010/08/21 12:13:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/21 11:58:57 | 003,820,278 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/08/21 11:54:17 | 000,000,691 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\GetValue.vbs
[2010/08/21 11:54:17 | 000,000,035 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SetValue.bat
[2010/08/21 10:51:29 | 000,002,255 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/21 01:37:16 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/08/21 00:41:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4051726148-2668874063-1496388572-1000Core.job
[2010/08/20 16:09:15 | 000,137,256 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 16:09:06 | 000,218,808 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/16 18:58:36 | 000,723,876 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/16 18:58:36 | 000,606,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/16 18:58:36 | 000,106,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/11 19:24:21 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/11 19:24:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/11 19:18:00 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010/08/11 15:27:18 | 000,380,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/05 17:57:43 | 000,978,604 | ---- | M] () -- C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
[2010/08/05 17:41:42 | 000,001,748 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/05 17:28:43 | 000,453,000 | ---- | M] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/05 16:43:29 | 000,000,819 | ---- | M] () -- C:\Users\Owner\Desktop\StarCraft II Editor.lnk
[2010/08/05 14:34:03 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2010/08/05 14:34:03 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2010/08/05 14:23:24 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010/08/05 14:23:23 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010/08/04 13:18:21 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 13:15:38 | 000,000,703 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010/08/04 12:58:42 | 000,055,781 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/04 10:49:18 | 000,102,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/03 17:49:02 | 000,055,781 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/03 13:33:20 | 000,000,564 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ventrilo.lnk
[2010/08/01 00:40:17 | 000,000,804 | ---- | M] () -- C:\Users\Owner\Desktop\CCleaner.lnk
[2010/07/22 18:00:07 | 000,790,751 | ---- | M] () -- C:\Users\Owner\Desktop\aim_cod4_killhouse_compare.gif
[2010/07/09 17:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/09 17:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/07/07 22:15:42 | 001,811,288 | ---- | M] (Creative) -- C:\Windows\System32\drivers\ct20xflt.sys
[2010/07/07 21:23:10 | 000,017,868 | ---- | M] () -- C:\Windows\System32\instwdm.ini
[2010/07/07 21:23:06 | 000,000,054 | ---- | M] () -- C:\Windows\System32\ctzapxx.ini
[2010/07/07 20:40:00 | 000,011,776 | ---- | M] (Creative Technology Limited) -- C:\Windows\INRES.DLL
[2010/07/07 20:39:56 | 000,181,248 | ---- | M] (Creative Technology Limited) -- C:\Windows\System32\ctdvinst.dll
[2010/07/07 20:39:56 | 000,086,016 | ---- | M] (Creative Technology Limited) -- C:\Windows\System32\ctcoinst.dll
[2010/07/07 20:36:44 | 000,014,336 | ---- | M] ( ) -- C:\Windows\System32\a3d.dll
[2010/07/07 20:33:04 | 000,002,560 | ---- | M] () -- C:\Windows\System32\CtxfiRes.dll
[2010/07/07 20:14:30 | 000,016,384 | ---- | M] () -- C:\Windows\System32\regplib.exe
[2010/07/07 20:10:30 | 000,007,680 | ---- | M] () -- C:\Windows\System32\enlocstr.exe
[2010/07/07 20:10:22 | 000,012,800 | ---- | M] ( ) -- C:\Windows\System32\killapps.exe
[2010/06/29 23:29:11 | 000,000,099 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2010/06/29 23:27:56 | 000,000,046 | ---- | M] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2010/06/29 20:30:41 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010/06/29 16:58:58 | 000,001,057 | ---- | M] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/28 15:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/21 22:38:22 | 001,254,728 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\ooscrsav.scr
[2010/06/21 22:37:28 | 000,200,008 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodbs.exe
[2010/06/21 22:33:16 | 000,546,120 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodssrs.dll
[2010/06/21 22:32:50 | 000,010,056 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodbsrs.dll
[2010/06/19 21:14:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/18 18:55:21 | 000,000,312 | ---- | M] () -- C:\Users\Owner\Desktop\Curse Client.appref-ms
[2010/06/12 06:37:12 | 000,138,056 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\PnkBstrK.sys
[2010/06/09 17:42:19 | 000,000,198 | ---- | M] () -- C:\Users\Owner\Documents\apb confirmation code.rtf
[2010/06/01 09:02:24 | 002,419,568 | ---- | M] () -- C:\Windows\System32\pbsvc_apb.exe
========== Files Created - No Company Name ==========
[2010/08/21 15:31:32 | 000,293,376 | ---- | C] () -- C:\Users\Owner\Desktop\gmer.exe
[2010/08/21 14:41:21 | 000,000,714 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2010/08/21 11:31:17 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2010/08/21 10:58:44 | 000,010,208 | ---- | C] () -- C:\Windows\System32\oodbs.lor
[2010/08/21 01:37:16 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/08/14 12:39:21 | 000,790,751 | ---- | C] () -- C:\Users\Owner\Desktop\aim_cod4_killhouse_compare.gif
[2010/08/11 19:24:21 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/05 17:57:40 | 000,978,604 | ---- | C] () -- C:\Users\Owner\Desktop\Wallpapers-room_com___Aurora_Borealis_by_titusboy25_1680x1050.jpg
[2010/08/05 16:43:29 | 000,000,819 | ---- | C] () -- C:\Users\Owner\Desktop\StarCraft II Editor.lnk
[2010/08/05 14:34:03 | 000,055,380 | ---- | C] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/05 14:34:03 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settingsbkup.sfm
[2010/08/05 14:34:03 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settings.sfm
[2010/08/05 14:34:03 | 000,000,820 | ---- | C] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/08/04 13:22:01 | 000,002,255 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/04 13:18:21 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 13:15:38 | 000,000,703 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010/08/03 17:17:23 | 000,001,748 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/07 21:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2010/07/07 21:23:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2010/07/07 20:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2010/07/07 20:14:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\regplib.exe
[2010/07/07 20:10:30 | 000,007,680 | ---- | C] () -- C:\Windows\System32\enlocstr.exe
[2010/06/19 21:14:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/12 06:32:35 | 002,419,568 | ---- | C] () -- C:\Windows\System32\pbsvc_apb.exe
[2010/06/09 17:42:19 | 000,000,198 | ---- | C] () -- C:\Users\Owner\Documents\apb confirmation code.rtf
[2010/05/13 18:21:42 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[2010/05/11 13:37:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/04 01:12:03 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2010/02/21 13:10:49 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/02/21 13:10:49 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/02/21 13:10:49 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/02/11 21:19:35 | 000,000,248 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/02/09 22:18:07 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/02/09 22:18:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/02/04 17:15:53 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010/02/04 17:15:53 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2009/12/13 19:51:37 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2009/11/19 22:48:30 | 000,000,861 | ---- | C] () -- C:\Windows\CoD.INI
[2009/10/23 23:18:38 | 000,000,079 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\RSBot Accounts.ini
[2009/08/30 11:34:08 | 000,007,311 | ---- | C] () -- C:\Program Files\5362f30584883d01175a57752e4d547dba04a54e_full[1].jpg
[2009/08/26 20:39:35 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\prvlcl.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/23 13:38:00 | 000,055,781 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/23 13:29:14 | 000,055,781 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/14 01:28:04 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2009/06/29 04:21:10 | 000,000,691 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\GetValue.vbs
[2009/06/29 04:21:10 | 000,000,035 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\SetValue.bat
[2009/06/28 03:08:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/18 19:17:19 | 000,000,180 | ---- | C] () -- C:\ProgramData\Setup.log
[2009/05/29 03:17:38 | 000,000,254 | ---- | C] () -- C:\Windows\MP3trt.ini
[2009/05/28 03:43:55 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/05/26 13:12:38 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2009/05/24 11:33:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/03/07 13:47:50 | 000,076,407 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Smiley.ico
[2009/02/14 14:25:15 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008/12/17 16:44:41 | 000,006,048 | ---- | C] () -- C:\Windows\System32\MCC16.dll
[2008/12/17 16:44:06 | 000,040,448 | ---- | C] () -- C:\Windows\System32\BJAXSecurityManager.dll
[2008/12/17 16:44:04 | 000,086,016 | ---- | C] () -- C:\Windows\System32\BJInstaller.dll
[2008/09/07 11:48:29 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/08/13 15:29:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/05/07 18:14:33 | 000,000,034 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.log
[2008/05/07 18:13:41 | 000,007,887 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.cat
[2008/05/07 18:13:41 | 000,001,144 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.inf
[2008/05/01 21:57:10 | 000,002,776 | ---- | C] () -- C:\Windows\WoWEmuHackSettings.ini
[2008/05/01 21:57:10 | 000,000,106 | ---- | C] () -- C:\Windows\wininit.ini
[2008/05/01 21:57:10 | 000,000,028 | ---- | C] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2008/05/01 21:57:09 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/05/01 21:57:09 | 000,000,044 | ---- | C] () -- C:\Windows\EPSNX400.ini
[2008/04/25 16:23:24 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/04/18 17:29:56 | 000,000,063 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/04/15 15:21:28 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2008/02/10 11:59:16 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/12/26 17:55:56 | 000,138,056 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\PnkBstrK.sys
[2007/12/26 17:55:35 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2007/12/26 16:00:45 | 000,008,268 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2007/12/15 22:25:33 | 000,048,128 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/11 11:59:42 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2007/07/20 17:46:20 | 000,000,552 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d8caps.dat
[2007/06/19 20:11:56 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/06/19 20:11:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/06/19 20:11:54 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/06/18 09:17:04 | 000,000,097 | ---- | C] () -- C:\Windows\lexstat.ini
[2007/03/20 09:11:49 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2007/03/20 09:03:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2007/03/12 13:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/08/02 16:24:01 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2000/01/28 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
========== LOP Check ==========
[2009/05/17 21:23:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Any Video Converter
[2010/03/03 21:32:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Astroburn Lite
[2008/06/19 23:47:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2008/03/16 18:06:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Beyond
[2010/02/14 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bioshock
[2010/06/29 17:12:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bioshock2
[2010/02/09 12:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitDefender
[2009/05/24 12:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools
[2009/05/24 12:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2009/12/19 18:54:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DMCache
[2009/12/08 22:48:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2008/08/04 14:22:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Electronic Arts
[2010/05/13 18:22:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeBurner
[2009/09/07 12:37:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2009/07/26 17:31:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GSC 2.00
[2009/05/16 22:40:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\id Software
[2010/03/08 00:07:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\InterTrust
[2008/09/07 20:05:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2010/06/21 04:21:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2009/03/12 21:50:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Megaupload
[2008/11/07 22:38:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MobMapUpdater
[2009/02/15 13:18:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicNet
[2010/06/06 03:27:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Need for Speed World
[2010/06/06 03:27:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Need for Speed World Online
[2010/01/23 18:02:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Octoshape
[2008/05/17 23:52:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010/02/18 11:51:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Razer
[2010/03/15 18:17:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\runic games
[2009/02/13 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\scar5
[2009/04/01 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Subversion
[2010/02/08 21:03:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
[2009/05/28 03:46:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Systweak
[2010/03/04 01:07:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\The Creative Assembly
[2009/02/16 16:29:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2008/05/05 20:58:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Touchstone
[2010/01/23 21:57:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2009/07/27 14:01:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tunngle
[2010/01/23 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ubi.com
[2010/03/04 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ubisoft
[2010/03/09 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2010/08/21 01:34:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/05/07 18:14:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vso
[2010/01/22 18:20:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ZombieDriver
[2010/08/21 15:18:11 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/05/28 16:47:19 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Uniblue DiskRescue 2009.job
[2008/06/15 13:24:16 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\Uniblue SpyEraser.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008/05/01 21:57:10 | 000,084,974 | ---- | M] () -- C:\....jpg
[2010/02/01 16:28:57 | 000,076,040 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/03/14 21:02:11 | 000,284,983 | ---- | M] () -- C:\ava1.png
[2010/03/14 21:03:58 | 001,032,098 | ---- | M] () -- C:\ava2.jpg
[2010/08/11 19:18:01 | 000,091,903 | ---- | M] () -- C:\bdlog.txt
[2008/05/01 21:57:10 | 068,338,376 | ---- | M] () -- C:\BellSouthIW.reg
[2009/04/10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/03/01 21:41:32 | 000,001,319 | ---- | M] () -- C:\CD3rdPartyWrapper.log
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[1992/11/05 13:06:22 | 001,048,576 | ---- | M] () -- C:\Contra III - The Alien Wars.smc
[2010/03/19 15:47:50 | 000,010,569 | ---- | M] () -- C:\counterstrikespray.jpg
[2010/03/06 14:34:17 | 000,038,894 | ---- | M] () -- C:\don_frye_2.jpg
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/03/06 14:30:56 | 000,003,416 | ---- | M] () -- C:\images.jpg
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2007/06/18 09:12:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/29 20:35:10 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2007/06/18 09:12:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/21 15:19:22 | 3219,128,320 | -HS- | M] () -- C:\pagefile.sys
[2008/04/14 16:35:51 | 000,000,528 | RHS- | M] () -- C:\PCGWIN32.LI4
[2010/03/05 16:43:14 | 000,000,000 | ---- | M] () -- C:\pcversion.txt
[2010/08/21 11:55:04 | 000,001,705 | ---- | M] () -- C:\rapport.txt
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2010/08/21 11:39:30 | 000,000,101 | ---- | M] () -- C:\VundoFix.txt
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
[2007/02/28 18:16:00 | 000,010,991 | R--- | M] () -- C:\Windows\VELOCITY.PNG
< %systemroot%\*.scr >
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/08/30 11:33:56 | 000,007,311 | ---- | M] () -- C:\Program Files\5362f30584883d01175a57752e4d547dba04a54e_full[1].jpg
[2008/04/20 11:18:17 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/05/17 09:20:52 | 000,000,574 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2008/11/08 18:26:01 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Owner\Desktop\ATF-Cleaner.exe
[2010/08/21 11:58:57 | 003,820,278 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2009/12/15 11:24:48 | 000,293,376 | ---- | M] () -- C:\Users\Owner\Desktop\gmer.exe
[2010/08/21 15:40:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/08/05 17:28:43 | 000,453,000 | ---- | M] (SpeedyFox) -- C:\Users\Owner\Desktop\speedyfox.exe
[2010/08/21 12:29:17 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-19 20:28:34
========== Alternate Data Streams ==========
@Alternate Data Stream - 507 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:EEFF768F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
OTL Extras logfile created on: 8/21/2010 15:55:13 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 74.23 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 620.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00389648-5CCA-4CD6-A39C-D89A0AAE5593}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{026CD152-6116-4980-8FB4-7FB3F9E3453C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{176F66DB-714D-46F4-A07E-9BE4BA7B8A88}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{178F719D-8172-47CD-BDCE-E4943B1045F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23D9BF59-2410-4A7C-839C-F0A18E8283C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27925DDF-D32F-44A6-830B-84FA0060E49B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{28A37DAE-E2C4-4628-BCBA-095620CED11D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{291D383A-3DF0-453A-9B25-46E5CB02FC5A}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{3C78A4D5-9E99-4857-A0BC-A98CFBBDDD0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A6CC78E-BB61-40C6-B9C3-49138529E0C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{5EAF261D-77E0-45B8-83A3-F1E2E0A413A3}" = rport=138 | protocol=17 | dir=out | app=system |
"{658B6948-6035-4809-ADAF-BD306D161A56}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CF4E322-BED9-4F56-9E2C-9456A20E3BC6}" = rport=139 | protocol=6 | dir=out | app=system |
"{6F6EA153-1A95-487D-9667-FE4F716E6D6F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{758F03AA-B273-4ABC-8F37-6D7E87C9DD83}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77F072BB-C579-43A1-B800-7A9CB2326022}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7C747611-2049-4E0B-A156-89E1085F4185}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7CF4681F-66A7-43EE-B002-0C75B84A4E66}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82AC0F5E-516C-4CF0-978A-24589440A3E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{83E29E23-BC8F-4BE7-9951-508C9846B57B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8FE257C5-19AE-437C-AC34-CA3D8EF8FAF3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{91CC9B7B-CE9B-4013-991C-7A129F87E0FB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9742153F-171C-48CE-99ED-D4989D05819E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A21A6DAE-670D-4A17-B250-ACF8CCE7BEAE}" = lport=137 | protocol=17 | dir=in | app=system |
"{A7BDDB2D-F65C-451B-985D-97F9F3308AB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{B44359D2-3C96-40DE-8689-C0B1461BF0D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{B5709C54-22DF-4DD8-9B5D-54D4E2F74BCF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BF1BF2B8-9756-40AA-AF9F-0607418D8AAD}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA63EAAB-EEC3-4CBE-95A4-1EA2E592B008}" = rport=137 | protocol=17 | dir=out | app=system |
"{F56C8CBD-6744-459F-95FC-8680B24319BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6E1BB41-C434-4C05-B754-7450C1B498CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A6306D-D6F6-464F-B88C-341B0F8EEF6C}" = protocol=17 | dir=in | app=c:\world at war\codwawmp.exe |
"{0328132B-B2E1-444E-8F87-707E43A42AD4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0B28707F-F60A-4CD7-A10F-41A74BC64E58}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{109C1126-0DB0-45D1-8F08-D9B793716817}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{134C15D8-A70A-4475-83F1-FA8FCF2069B5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{13DB71B3-019B-4BA2-A9C5-DCF7C808C06C}" = protocol=6 | dir=in | app=c:\world at war\codwaw.exe |
"{14653A17-308C-4DAC-BB9F-6F467CE6F75F}" = protocol=1 | dir=in | [email protected],-26140 |
"{1593D625-85F5-467D-B50F-E930A6B82E48}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\alien swarm\srcds.exe |
"{16379163-0FA0-469F-90D3-362714D435EC}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\alien swarm\swarm.exe |
"{17A1D84C-9EF0-42E9-9251-FC7CFC7062D6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1CA988A0-7649-4B44-8F46-4C96C6C82BCE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E9401DF-5CFC-467A-8C17-BDC79BEF41E1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{1ED4752E-A5D2-4E05-9B29-E023FF970734}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-enus-ptr-downloader.exe |
"{2394F4D2-C10C-463D-80D2-F9C094C1F179}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{25500588-4331-41C3-A2BD-BD607A2650D8}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{27A05887-845C-4562-902E-196CF05ED869}" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\counter-strike source\hl2.exe |
"{2848D9A9-0D89-417F-AFB4-E9C35B66340E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2C86C1F6-BA25-4895-8994-934D3B4D9BCB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E762AF5-120B-49C6-BB32-441723C52792}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"{32E9F628-1F88-4C5C-AD26-A3512F0E96E9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{35AE1192-D313-4343-AA75-6A3BE664C017}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{390FA38B-B04F-41F9-BB71-B973C9909098}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3A7316A7-F4A0-44E8-836F-E30DBF91FE37}" = protocol=58 | dir=in | [email protected],-26142 |
"{3C65F57C-60BF-473C-9AE1-EDB1010C1320}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{3D12B1DD-181A-48A3-80B8-A57B087EF95F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F00B117-6D87-4010-A39C-839EEAA17920}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{44461EEB-AF68-4B39-8814-E9905BECEA5A}" = protocol=58 | dir=out | [email protected],-28546 |
"{446978BE-5543-441D-ABC0-8DD1E3AD73A7}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"{48DD6992-D957-4CE5-B779-B3FB747A7761}" = protocol=6 | dir=in | app=c:\world at war\codwawmp.exe |
"{4B43AAC9-A2C8-431C-9345-787A32E471E2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{4C379240-F726-490C-A02E-3DD3676B5F22}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{514FE498-580E-42F8-AA00-076533AF2CAF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{51BF5613-BF9A-4E03-80B5-34F33F04C092}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5227DBAE-9266-46A9-83B6-BF7EA58FD475}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10116-to-0.2.0.10128-enus-downloader.exe |
"{52347961-A304-4F39-9BAC-7D546ED27BAF}" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\garrysmod\hl2.exe |
"{55BD08CB-CFE3-49EB-BE6D-2996932A2406}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{58F7B520-3726-49CF-800F-318089E4B425}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{596DBDA6-040C-424E-AC08-0B143DDF8331}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\alien swarm\srcds.exe |
"{5B44F81B-E81B-49FB-B907-C04716D548E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5BB7D8D9-8AA9-40D1-8340-DA3BC0650C3B}" = protocol=58 | dir=in | [email protected],-28545 |
"{5DEC6305-812A-47E5-A443-CA78FB830021}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5E0AA768-1350-4BE7-ABBF-91EFB5E8761F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{5F016744-7AC2-40C1-9C61-3FDB6DD93A1B}" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\garrysmod\hl2.exe |
"{602DA524-A9E7-4754-B0B8-F79FE1D0DFEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60E7F658-CA7B-4C56-B00D-7A4F299944EA}" = protocol=6 | dir=out | app=system |
"{6349E790-E788-42E3-A203-1482956738EB}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{66F7AAA2-F54B-4461-B437-F177D311244D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-enus-downloader.exe |
"{675A8BC1-8743-4820-BA85-9FD89BE809BA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{697B722F-543F-4E41-A34E-51410262E0F4}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6DE0F767-014B-4CA9-AD16-4DD9C1A97428}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{6E35D761-3953-48CF-B0A7-3ED543C0A227}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\alien swarm\swarm.exe |
"{70F5FBA9-E1A0-48D7-B1FA-38E8DA14FEF4}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{723E926F-C9C7-45BA-9A83-B45461C04F03}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-enus-downloader.exe |
"{73665EC8-9299-4548-92A6-167F00554A90}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{73C36A1D-93F8-4319-A1D2-516B5896854C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{74D4B200-D856-48A7-AC3E-760A2FF98305}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-enus-downloader.exe |
"{75FD775D-4A5B-4D27-AB0E-82B2E3F79F2E}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{783AD40D-5532-4780-9D07-490F2A72109C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{7846F31A-3426-412F-B3A0-D51CA1579C68}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{78E3B811-5909-4FCF-BD43-27536390BFE5}" = protocol=17 | dir=in | app=c:\world at war\codwaw.exe |
"{796A411B-2E29-4AD9-A5EC-A17D88B21BD6}" = protocol=6 | dir=in | app=c:\program files\disktrix\ultimatedefrag2008\udefrag.exe |
"{7D1946D2-0557-4B01-8B1C-97AB1A969C13}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8268316B-D74E-49E2-856D-52AF489F962C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{854F963D-C287-449C-B21C-D4847159D7E4}" = protocol=1 | dir=in | [email protected],-28543 |
"{86AF1EB1-6CE5-484F-9C54-6BB00728A86B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-enus-downloader.exe |
"{8ACB911B-3353-489F-8EDF-A8B2DBB61C53}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8C6351D2-3D51-424A-8DAF-AA82923123D0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{8C8113AB-3E8D-4818-A821-9BF5B1DC1F14}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw.exe |
"{8CF36969-D98C-423F-B873-549B5FEDD9FE}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{8EA419D6-3212-426C-A31D-51C0471F31B7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8F9D7954-E5F0-46F7-863E-722C3515CDDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90EA8FDA-9464-4005-A26F-DC03BFE3D151}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{93540388-162B-4D2C-BF28-AF08C78C3D68}" = protocol=17 | dir=in | app=c:\steam\steam.exe |
"{93F2F6E9-1406-4496-B7A4-1415CCE6EB24}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{95EC9291-EB65-40CB-BACB-B7EA57EF8B37}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9615DF33-8D3E-48EF-AB80-E291455BC8A6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{9B747902-2EC4-4111-BEDF-5DFB7A9D4CAC}" = protocol=1 | dir=out | [email protected],-28544 |
"{9B8C04F7-190F-4B8C-BCF9-816E0A5C9BEF}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{9C854FD7-B2F5-41E6-99AA-D2298C2622B7}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9D815120-C859-4971-A497-AB56371A1220}" = protocol=6 | dir=in | app=c:\steam\steam.exe |
"{9EAE9AC5-A14C-4934-A3AE-05F902C25BDB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9EF8914D-4528-45CD-A884-51AADCB29935}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A20F7303-AF8C-4794-989A-5ADB780B5265}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-enus-downloader.exe |
"{A48272A8-B9F5-4E5E-924E-548AF1E02F8F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{A54EB43D-53DE-4018-A03B-A5561A4A27F9}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{AB745D96-326C-4E5E-A595-0C0D30872054}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"{AC4686AB-F351-4B60-AE38-005BAB73B676}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{AD1D8E4A-4B9C-486F-A17A-1D15DB81D59E}" = protocol=17 | dir=in | app=c:\ventrilo\ventrilo.exe |
"{AED060CC-89D1-453E-987F-7C7C1C7C51FB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{AF572392-2DF5-47A7-880D-AAACE647AB25}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{B2DAA303-55CC-4543-9309-5E9A7DE8460F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{B36CDEDA-F14C-49E8-BB4C-9E908FD50E58}" = protocol=6 | dir=in | app=c:\ventrilo\ventrilo.exe |
"{B3DA051B-002F-4C2B-8F5E-8EA240780BA5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-enus-downloader.exe |
"{B4911B98-2882-4C42-8504-951D37A463B3}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{B49D5536-B9A5-4EB1-8D12-D03424CA68C5}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{B94EEA61-8408-486F-9A8A-F9E33B5CE747}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-to-0.2.2.10357-enus-ptr-downloader.exe |
"{BA7C9328-E6AA-4943-8A09-09A84116375D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BAC2030E-8280-4EEA-B09F-B407F730A6B1}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{BF74C26C-E056-4BD7-B2C3-DE591D999004}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war gold\rometw.exe |
"{C34F41FD-06B3-4BB1-9E17-9CC98BEE96B4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{C3C01F0C-E7B2-49FA-9792-F76734F3762A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C64F07AC-C4E0-4710-AF2E-56E18B94A23E}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{C93E15DE-E0B3-41D1-B9ED-F3418A01BC22}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9AC9471-BAA2-4566-A6F7-19A55D5271B2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CBFBC766-1C9F-413B-AA72-2FA42BDF4971}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{CC1C043A-A85A-459A-A7C0-F7C313175B72}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-enus-ptr-downloader.exe |
"{CCE5048D-10BE-4BD8-9931-418CAB186059}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CF6363C5-7D6C-4E9E-9DAE-79D215A5B6FF}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{D0A0F61D-2F71-4931-95A6-6BFE2BA15F3B}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{D1F1ED5A-63DD-4F54-854C-48180D1F365A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-enus-downloader.exe |
"{D51B0E56-5DC0-42CE-A0F3-EF3BCA173187}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{D5F1D22C-A984-43EB-9E57-88F2C4C93C48}" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\counter-strike source\hl2.exe |
"{D6820A91-20CC-40F9-9F47-E652588CAB70}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{D8D0A3A4-EFF1-427F-9452-49BA0CCAB15D}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{DC222AEA-4ADE-4573-A974-492765DAF33A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10116-to-0.2.0.10128-enus-downloader.exe |
"{DFE929A5-5433-4A51-A913-F2B643A39B88}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E070DB33-DCC4-4C7B-8881-18571BFA2DC8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-enus-downloader.exe |
"{E26C05FB-0D4A-4710-A503-EA7AA2DEAAE4}" = protocol=17 | dir=in | app=c:\program files\disktrix\ultimatedefrag2008\udefrag.exe |
"{E29179E8-F991-4220-B666-383642B84E2B}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{E540CD0E-2B53-44D5-9547-C86DDFFEAEEE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E7715670-2839-4A71-9DA1-21802B930B73}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EFE64DC9-0277-4572-86C8-D697842DC4D1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{F2CFE8C8-ADFD-40DA-B18A-F0AFC041BC0C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F57E87DB-B816-4DEA-B5B1-FE48746938B2}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-to-0.2.2.10357-enus-ptr-downloader.exe |
"{F6B0A444-57CF-43F9-87D3-4E3939B7768A}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{FA629C74-1281-47DA-B657-E97ECBCFE561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD41BFB1-5D75-4B78-B287-7D1EC0EB348F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"TCP Query User{069A0E94-390F-42C7-B507-B734E7305A3E}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{09A6AB0B-89D0-45E0-99CD-321196BDD465}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{09B5D3A7-0D68-4B8C-9317-3AAA2920D8F7}C:\program files\modernrcon\pbucon\pbucon.exe" = protocol=6 | dir=in | app=c:\program files\modernrcon\pbucon\pbucon.exe |
"TCP Query User{0B0F4BB7-5BA5-409A-BE8E-D03FB6C90E24}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{175C817D-D3CC-4E19-AC4B-2781477DC351}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"TCP Query User{19389D7F-D306-4451-8BE1-BF3B378C9801}C:\program files\starcraft ii beta\versions\base14133\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base14133\sc2.exe |
"TCP Query User{248D8220-C917-48CD-9233-670FF24FDA75}C:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\eve online\bin\exefile.exe |
"TCP Query User{2BFB00CA-439C-4BA7-80E5-5F6A22FEC650}C:\steam\steamapps\bobo70461\source dedicated server\srcds.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\source dedicated server\srcds.exe |
"TCP Query User{30122C7C-3C28-405D-991E-61B610E5A159}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{330575B7-2D71-454B-AB8E-BA8730A1491A}C:\program files\tortun\gui.exe" = protocol=6 | dir=in | app=c:\program files\tortun\gui.exe |
"TCP Query User{336583F1-9755-4A4D-AB52-BB6F58CFC732}C:\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"TCP Query User{365D7FC5-91F2-4B93-89DD-F4E728186D47}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{391EAF69-76CF-4C2E-98A2-A765B13DC18D}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{3C39649A-779A-4A7D-8E0E-0FC16BE9C6F2}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{3F7BE297-E2EF-480A-91C1-0D69300DF204}C:\programdata\electronic arts\need for speed world\data\nfswo.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfswo.exe |
"TCP Query User{4BF65F3A-522D-4BA6-AF79-88F9A226897D}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{4E5B9470-5A45-4F8A-988F-D1AE1F38E35C}C:\program files\starcraft ii beta\versions\base14093\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base14093\sc2.exe |
"TCP Query User{4EAC7975-8AEB-4FD6-9F4A-2ADD773902AD}C:\steam\steamapps\bobo70461\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\insurgency\hl2.exe |
"TCP Query User{53B6F4BA-8B5C-4E85-8010-690907A4F52A}C:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe |
"TCP Query User{54339EA3-B388-4B72-B30B-6B1D9B1805E1}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{59C0B39C-5548-4702-B1DE-811A116660FB}C:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe |
"TCP Query User{674DC28B-8335-43DD-A99A-79FF9FC93CFC}C:\program files\modernrcon\modernrcon_v0.5.exe" = protocol=6 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.5.exe |
"TCP Query User{74AA0562-FFD2-4C62-B751-5B4703A8C103}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"TCP Query User{7A6DF0CC-B50C-478C-B2C7-D6E4770B3CDD}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"TCP Query User{8273E9DC-4621-4641-BB83-C4D6716CB534}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{842EC773-F59D-43A1-81D1-B66614412DA8}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{88517F6B-22CE-472F-AF46-9AD4406171D7}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8DFEB373-1CD1-4EE3-B059-FBC7913B7CF3}C:\users\owner\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"TCP Query User{93EF92C0-137B-4DF1-BB14-4FC1D64D3C88}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"TCP Query User{98D2E523-2E65-4A59-92D6-EC802F276202}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"TCP Query User{9CC0630F-4E71-405F-A77A-9B274563C7AD}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A50AC8E6-44F1-4A08-A5BC-85477210F11D}C:\steam\steamapps\bobo70461\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\bobo70461\team fortress 2\hl2.exe |
"TCP Query User{B86C52C7-CD8A-48F7-B600-380321D0E821}C:\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=c:\resident evil 5\re5dx9.exe |
"TCP Query User{B9446D96-078A-4850-970F-016E900B1C2E}C:\users\owner\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"TCP Query User{BA9E2890-88A1-4CC0-9922-E8996BE4FC09}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{CF2AC870-E613-4542-8A24-0F25909AA1CC}C:\steam\steamapps\common\rome total war alexander\testappa.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\rome total war alexander\testappa.exe |
"TCP Query User{D16488E3-2796-4338-B127-3CD48F1FA495}C:\steam\steamapps\common\all points bulletin\binaries\apb.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\common\all points bulletin\binaries\apb.exe |
"TCP Query User{D6949C84-0D99-4D24-81FE-39948806FA2F}C:\users\user\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"TCP Query User{D9563ABC-01CF-4774-ADE2-25260DB8A094}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"TCP Query User{DB3AB051-CB8F-4370-A35C-283628306708}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{DEE032FD-2AD3-46BF-A5CD-92B44FE0CEB0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E0CAFABC-649F-478B-B97D-B7FA9A9B40F0}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{E15E1053-C81D-439E-8E1C-A1990A3E48F9}C:\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"TCP Query User{E4DEB1C5-C94C-44D1-B346-74F9F59122BA}C:\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=c:\resident evil 5\re5dx10.exe |
"UDP Query User{026207C5-04A1-4ED5-B603-34E0842D5F65}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{04DAA899-B734-450F-A0FC-2FAD472733A4}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
"UDP Query User{05A05406-EBAE-464A-B82F-38780F38FDFC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{072168F8-5D1A-438A-93C3-ECB346C55A23}C:\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=c:\resident evil 5\re5dx9.exe |
"UDP Query User{134F78DE-DB2F-401A-B200-B090530C68F7}C:\program files\tortun\gui.exe" = protocol=17 | dir=in | app=c:\program files\tortun\gui.exe |
"UDP Query User{173AAE3C-44DE-404E-9D91-47AC10C73222}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1B16506A-92C3-4975-B39D-1377DEAA308E}C:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\assassin's creed 2\uplaybrowser.exe |
"UDP Query User{219A39C7-AE2B-40F1-B6EB-124927C633F5}C:\program files\starcraft ii beta\versions\base14093\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base14093\sc2.exe |
"UDP Query User{24A4FBE4-1A70-4CEB-A415-29E7906F52EA}C:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\borderlands 1.21\borderlands\borderlands\binaries\borderlands.exe |
"UDP Query User{2C2B9285-C8F9-4B61-8BCD-6CE984ADADAB}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{2FDA6D6C-A86A-4184-92F3-C28FEA44040A}C:\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"UDP Query User{3267B6BC-108E-4271-A7A4-E6FA6D9F195E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{360A7D7B-A585-42CC-9D08-A9AE4D2A7935}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{3E4478F4-D0DE-44A9-9872-EFE066E9EC59}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"UDP Query User{3F08A55C-9553-4472-A62B-D3BC1AC280FF}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{4099C35F-2C9D-4254-BD4A-B42A45966B12}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{5539B1CF-1E10-4211-8A40-4EB0F806F226}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{5BF06A9A-B6A2-49CE-A79D-B0B9A6B5BD60}C:\program files\modernrcon\modernrcon_v0.5.exe" = protocol=17 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.5.exe |
"UDP Query User{60D054C6-FB11-429A-B14C-209DDD9F7986}C:\steam\steamapps\bobo70461\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\insurgency\hl2.exe |
"UDP Query User{6340F78F-8136-4D3B-A0F8-C300F2D3C7C0}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{6491CBEF-B0D1-4F6F-91EB-26D61966C525}C:\steam\steamapps\common\rome total war alexander\testappa.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\rome total war alexander\testappa.exe |
"UDP Query User{67ACFE4B-40AA-4247-98D7-8311859BD5EB}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{69164F87-3CBD-4B90-9F83-D4E6428384BA}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{6B56CB38-ED45-4686-B3FC-EFE1FD95E7A4}C:\steam\steamapps\common\all points bulletin\binaries\apb.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\all points bulletin\binaries\apb.exe |
"UDP Query User{7F4CA58F-5BBB-4627-9705-F6CD311CF79C}C:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\common\eve online\bin\exefile.exe |
"UDP Query User{90C123DB-42F2-494D-A091-99AEFBE05053}C:\steam\steamapps\bobo70461\source dedicated server\srcds.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\source dedicated server\srcds.exe |
"UDP Query User{93045011-BF5C-410A-905A-BA4537010A14}C:\steam\steamapps\bobo70461\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\bobo70461\team fortress 2\hl2.exe |
"UDP Query User{94A5AEB8-5EC0-4542-8B6B-432D5B430A57}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"UDP Query User{98063431-9F12-46B3-9456-9A95D9EF0CD0}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A87C4E92-5C77-4CDD-B943-F8D743ADBA50}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B72CD9F6-04F2-4B02-B87B-7A31379E222A}C:\program files\starcraft ii beta\versions\base14133\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base14133\sc2.exe |
"UDP Query User{BC843199-9834-42EA-94F2-2620288757F5}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{BDE723AA-8DA3-4CF3-8B5A-315CE0DEE399}C:\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=c:\resident evil 5\re5dx10.exe |
"UDP Query User{BFE4C389-162D-419C-B284-7BAB24EF97BE}C:\users\owner\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"UDP Query User{D46A22E6-AFFE-4A56-8668-04025BB57408}C:\programdata\electronic arts\need for speed world\data\nfswo.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfswo.exe |
"UDP Query User{DA6E081C-3716-4AE6-93A3-9535D7C18BA5}C:\users\user\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\user\program files\dna\btdna.exe |
"UDP Query User{DB47EC05-89FB-4CAF-93FC-5E9A03036E97}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"UDP Query User{DEADB917-9559-4AE0-B366-D7A8EC832387}C:\users\owner\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"UDP Query User{E39D3EEE-73C8-4977-9AEC-A6ED0466E0ED}C:\program files\java\jre6\launch4j-tmp\jdownloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jdownloader.exe |
"UDP Query User{E3C90703-4F73-4041-BFAE-F54A54CD68C6}C:\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\pfportchecker\pfportchecker.exe |
"UDP Query User{EDDD7DC7-FD7D-4A02-9FC2-173F9FB343A5}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{F2415DA2-DC40-496B-9509-EEB4BE0A2472}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{F6896ED1-6E14-4A2D-ACED-B71441A0E59A}C:\program files\modernrcon\pbucon\pbucon.exe" = protocol=17 | dir=in | app=c:\program files\modernrcon\pbucon\pbucon.exe |
"UDP Query User{FC32940B-393C-41DD-99FC-93EB093AE677}C:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jk ii jedi outcast\gamedata\jk2ded.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r320)
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{036778E0-D3CE-40AC-94E7-F5AF42F3245D}" = System Requirements Lab
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War 1.6 Patch
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0C35EAE4-A535-46B7-B4BF-68952BD94E68}" = Uniblue DiskRescue 2009
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A127AE-2DAF-40B7-8374-34C3E629521C}" = Far Cry (Patch 1.3)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 21
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch
"{30349EFD-29C6-471B-B720-10D805B2D9F3}" = NCsoft Launcher
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java SE Development Kit 6 Update 13
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java SE Development Kit 6 Update 18
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java SE Development Kit 6 Update 20
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3AFC29CB-DB12-43CC-A92A-E0AE4F78D901}" = Battlefield 2 Remote Server Admin
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{519FCD20-AB3E-4A4F-AA30-2AAED80513A8}" = Lightscribe Extended Label Contrast Utility
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A6DCB18-3ECB-46DC-894B-5EFE08C0BD9B}" = Mega Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373184D-8E8F-4308-912A-3901071FA1AD}" = LightScribe Applications
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty® - World at War 1.7 Patch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare 1.5 Patch
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8681B1E6-CD96-46EF-9065-CE0D1085ED99}" = Star Wars JK II Jedi Outcast
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90C1F682-9F40-42EC-BBE0-D2A1A4987E1B}" = LightScribe Diagnostic Utility
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AE6FB4CD-554F-4560-9A99-F8AE602414DB}" = TortoiseSVN 1.6.0.15855 (32 bit)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War 1.5 Patch
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa
"{E47BA573-BBC4-40C1-8A7D-B25F2F2B0DAE}" = Far Cry (Patch 1.32)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9E3EE81-6E7F-47A3-8D38-3470256704DB}_is1" = Tortun 0.8
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}" = O&O Defrag Professional
"{EE8592F6-FC2B-4AFD-B527-109D127C039F}" = Far Cry (Patch 1.31)
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"3DMIDI" = Creative 3DMIDI Player
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALchemy" = Creative ALchemy
"Astroburn Lite" = Astroburn Lite
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio Control Panel
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"CoD RconTool 10" = CoD RconTool 10
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"Creative Volume Panel" = Volume Panel
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diagnostics 4_5" = Creative Diagnostics
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Download Manager" = Download Manager 2.3.9
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON Stylus NX400 Series" = EPSON Stylus NX400 Series Printer Uninstall
"ERUNT_is1" = ERUNT 1.1j
"Firefox Preloader_is1" = Firefox Preloader
"Fraps" = Fraps
"Free Easy Burner_is1" = Free Easy Burner V 4.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.8.0
"Free Studio_is1" = Free Studio version 4.1
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.1
"GSC 2.00" = GSC 2.00
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"HijackThis" = HijackThis 2.0.2
"Image Merger .EXE_is1" = Image Merger .EXE 1.0.0.19
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty® - World at War 1.7 Patch
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.0 Full
"LimeWire" = LimeWire 5.5.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MobMap_is1" = MobMap 3.46
"ModernRcon v0.5" = ModernRcon v0.5
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MS Access 97 SP2" = MS Access 97 SP2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PFPortChecker" = PFPortChecker 1.0.32
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.89
"Runic Games Torchlight" = Torchlight
"SereneScreen Aquarium" = SereneScreen Aquarium
"SFBM" = SoundFont Bank Manager
"Silent Package Run-Time Sample" = EPSON NX400 User's Guide
"SpyEraser_is1" = Uniblue SpyEraser
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 17020" = Global Agenda
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 4760" = Rome: Total War Gold Edition
"Steam App 550" = Left 4 Dead 2
"Steam App 630" = Alien Swarm
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"UltimateDefrag 2008 Trial" = UltimateDefrag 2008 Trial
"Uniblue DiskRescue 2009" = Uniblue DiskRescue 2009
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VistaGlazz_is1" = VistaGlazz 2.1
"VTFEdit_is1" = VTFEdit 1.2.5
"Warcraft III" = Warcraft III
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = WinRAR archiver
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"WOLAPI" = Westwood Shared Internet Components
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Xvid_is1" = Xvid 1.2.1 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/21/2010 12:32:14 | Computer Name = User-PC | Source = IS360service | ID = 0
Description =
Error - 8/21/2010 12:34:13 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =
Error - 8/21/2010 12:38:42 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =
Error - 8/21/2010 12:55:10 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =
Error - 8/21/2010 12:57:56 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =
Error - 8/21/2010 13:11:40 | Computer Name = User-PC | Source = EventSystem | ID = 4609
Description =
Error - 8/21/2010 15:43:41 | Computer Name = User-PC | Source = VSS | ID = 8194
Description =
Error - 8/21/2010 16:23:43 | Computer Name = User-PC | Source = VSS | ID = 8194
Description =
Error - 8/21/2010 16:35:22 | Computer Name = User-PC | Source = Perflib | ID = 1008
Description =
Error - 8/21/2010 16:35:22 | Computer Name = User-PC | Source = Perflib | ID = 1010
Description =
[ Media Center Events ]
Error - 10/14/2007 01:49:25 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/15/2007 17:49:44 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/26/2007 15:55:22 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/16/2007 18:50:20 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/16/2007 20:49:14 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/21/2007 22:45:29 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/30/2008 04:42:55 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 8/11/2008 01:42:54 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/3/2009 17:34:57 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/1/2009 23:31:55 | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 2/10/2009 23:50:18 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1211
seconds with 900 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/21/2010 15:48:45 | Computer Name = User-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 8/21/2010 15:49:36 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/21/2010 15:49:36 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/21/2010 16:19:04 | Computer Name = User-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 8/21/2010 16:19:22 | Computer Name = User-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 8/21/2010 16:19:46 | Computer Name = User-PC | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.
Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 8/21/2010 16:20:44 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-21 15:53:53
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kxldapob.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwAssignProcessToJobObject [0x8C5ED1CC]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwCreateThread [0x8C5ED206]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenProcess [0x8C5ED51A]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenThread [0x8C5ED3F6]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwProtectVirtualMemory [0x8C5ED292]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwSetContextThread [0x8C5ED18E]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateProcess [0x8C5ED64E]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateThread [0x8C5ED316]
SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwWriteVirtualMemory [0x8C5ED34E]
INT 0x52 ? 8635CBF8
INT 0x62 ? 8635DBF8
INT 0x63 ? 886A1BF8
INT 0x72 ? 8635DBF8
INT 0x73 ? 8635CBF8
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x96548B9C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x965489C0]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0x96548AFA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 191 832F48F4 4 Bytes [CC, D1, 5E, 8C] {INT 3 ; RCR DWORD [ESI-0x74], 0x1}
.text ntkrnlpa.exe!KeSetEvent + 221 832F4984 4 Bytes [06, D2, 5E, 8C] {PUSH ES; RCR BYTE [ESI-0x74], CL}
.text ntkrnlpa.exe!KeSetEvent + 3F1 832F4B54 4 Bytes [1A, D5, 5E, 8C]
.text ntkrnlpa.exe!KeSetEvent + 40D 832F4B70 4 Bytes [F6, D3, 5E, 8C]
.text ntkrnlpa.exe!KeSetEvent + 431 832F4B94 4 Bytes [92, D2, 5E, 8C] {XCHG EDX, EAX; RCR BYTE [ESI-0x74], CL}
.text ...
PAGE ntkrnlpa.exe!ZwLoadDriver 833B3DF0 7 Bytes JMP 96548AFE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8341F28F 5 Bytes JMP 965445B4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObInsertObject 83478063 5 Bytes JMP 96545F6C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!NtCreateSection 83479905 7 Bytes JMP 965489C4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 834D990A 7 Bytes JMP 96548BA0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
? System32\Drivers\speh.sys The system cannot find the path specified. !
PAGE ataport.SYS!DllUnload 83D3EB2E 5 Bytes JMP 8635D1D8
.text USBPORT.SYS!DllUnload 9105541B 5 Bytes JMP 886A11D8
.text ao1vzsfe.SYS 91508000 22 Bytes [82, C3, 21, 83, 6C, C2, 21, ...]
.text ao1vzsfe.SYS 91508017 84 Bytes [00, 32, A7, 78, 80, 3D, A5, ...]
.text ao1vzsfe.SYS 9150806C 96 Bytes [90, EE, 28, 83, 98, EE, 2E, ...]
.text ao1vzsfe.SYS 915080CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text ao1vzsfe.SYS 915080DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...
PAGE spsys.sys!?SPVersion@@3PADA + 1ABF A645103F 110 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F A64510AF 1 Byte [16]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F A64510AF 128 Bytes [16, 3B, C8, 75, E2, B0, 01, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB0 A6451130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB7 A6451137 2298 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE ...
? C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS The system cannot find the file specified. !
? C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\OO Software\Defrag\oodag.exe[3228] kernel32.dll!SetUnhandledExceptionFilter 75E6A84F 5 Bytes JMP 00401280 C:\Program Files\OO Software\Defrag\oodag.exe (O&O Defrag Agent (Win32)/O&O Software GmbH)
.text C:\Program Files\Mozilla Firefox\firefox.exe[4584] ntdll.dll!LdrLoadDll 77519390 5 Bytes JMP 00C113F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
Device \FileSystem\Ntfs \Ntfs 86CF41F8
Device \FileSystem\udfs \UdfsCdRom 8A7E91F8
Device \FileSystem\udfs \UdfsDisk 8A7E91F8
Device \Driver\volmgr \Device\VolMgrControl 8635F1F8
Device \Driver\usbohci \Device\USBPDO-0 8875E1F8
Device \Driver\usbehci \Device\USBPDO-1 8875F1F8
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\volmgr \Device\HarddiskVolume1 8635F1F8
Device \Driver\cdrom \Device\CdRom0 887601F8
Device \Driver\cdrom \Device\CdRom1 887601F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 86CF11F8
Device \Driver\atapi \Device\Ide\IdePort0 86CF11F8
Device \Driver\atapi \Device\Ide\IdePort1 86CF11F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2 86CF11F8
Device \Driver\sptd \Device\356469049 speh.sys
Device \Driver\cdrom \Device\CdRom2 887601F8
Device \Driver\cdrom \Device\CdRom3 887601F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8A7A9500
Device \Driver\Smb \Device\NetbiosSmb 8A3C81F8
Device \Driver\nvstor32 \Device\RaidPort0 86CF31F8
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\nvstor32 \Device\RaidPort1 86CF31F8
Device \Driver\PCI_PNP1041 \Device\0000005e speh.sys
Device \Driver\iScsiPrt \Device\RaidPort2 888911F8
Device \Driver\usbohci \Device\USBFDO-0 8875E1F8
Device \Driver\usbehci \Device\USBFDO-1 8875F1F8
Device \Driver\nvstor32 \Device\0000006e 86CF31F8
Device \Driver\netbt \Device\NetBT_Tcpip_{F7807230-7B87-4252-B9F6-416C5DF1300E} 8A7A9500
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1 8889A1F8
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1Port6Path0Target0Lun0 8889A1F8
Device \Driver\ao1vzsfe \Device\Scsi\ao1vzsfe1Port6Path0Target1Lun0 8889A1F8
Device \FileSystem\cdfs \Cdfs 886C41F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -2090808924
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 343200403
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x88 0x10 0x4C 0xAD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1F 0xB8 0xFC 0xCE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0xC0 0x63 0x6A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x2A 0x1F 0xB7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2D 0x30 0x79 0x18 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB2 0x8B 0x36 0x42 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0x2D 0x81 0x46 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x88 0x10 0x4C 0xAD ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1F 0xB8 0xFC 0xCE ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0xC0 0x63 0x6A ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x2A 0x1F 0xB7 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2D 0x30 0x79 0x18 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB2 0x8B 0x36 0x42 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0x2D 0x81 0x46 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\[email protected] 819D035DC69383A6BE1501533224B4562A2A899D093F2FF91C0EBCA64461C8371AC7D9BD364D0B76FE25586A1BD6E52FF8473C4880ADBC54D940D579F6C43DCAAD39329E1CC307EFABAFF9EAE589262C6DBF06C2D03ED89E057DD9E44DF32B51CDDFDBAD095E5E7EA1BD6CE5018F9F6AD1D2C09C65CC9245735F191BCFF329A7FC513B6046694C92B2FCC8AD111CD20A62685BACDF19CE3CF027F5133B2C20323445C7EBCB16DD1FA3BCBBDCED4994B05288560BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6A0AC4980AC79335D575E7D6A3B98086BA1F1DA35CF11B9C2F15CF31F30D376E92F3B90B20C920AF8F8779F99F269B56F87BA1F6710B5424A71A97110327CDB64FC6A433CE692022D027BFEDBA3A3892E5B5FDA1F03002560EC15E9A78D3D09CB32DC429993289480E2D6B5F99982955A276419D8D015931355E618CDA312302C48441B43CDC1931C40BF431889086DD75727E906C72D80A780C1BC61FA08C5C61E25E0A4F465945E9FC0294ECA4E67C33BD3618A5617251428191D34BCC1048F75D6279B892773586E376E28D8019FEC88EE15C014B37D84E8B2820D38746630F58709FB35B34CCE79D49DA555DFF5D2564D23F43778C8D744AC38255DECAF8329B7A28CC0C904BCF61FC
---- EOF - GMER 1.0.15 ----
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4458
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
8/21/2010 16:12:00
mbam-log-2010-08-21 (16-12-00).txt
Scan type: Quick scan
Objects scanned: 163436
Time elapsed: 6 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)