Hijackthis Log[INACTIVE]


Recommended Posts

Wotcher

My windows live mail is sending out spam emails to people constantly, I want to check whether I've got something running on my pc I shouldn't. Anything wrong here?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:57:25, on 14/04/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE

C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe

C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe

C:\WINDOWS\CTHELPER.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\ehome\RMSysTry.exe

C:\Program Files\Common Files\Sonic Shared\CineTray.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\ehome\RMSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meshcomputers.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe

O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...031/CTSUEng.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/da/PCPitStop.CAB

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198518217031

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15035/CTPID.cab

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: HauppaugeTVServer - Unknown owner - C:\PROGRA~1\WinTV\HCWTVS~1.EXE (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

--

End of file - 9332 bytes

Link to post
Share on other sites

hello

  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under Custom Scan paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %systemroot%\System32\antiwpa.dll
    %systemroot%\SYSTEM32\wpa.dll
    %systemroot%\setup\scripts\biestart.exe
    %systemroot%\system32\drivers\royal.sys
    %SYSTEMDRIVE%\*.
    %PROGRAMFILES%\*.

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Link to post
Share on other sites

OTListIt logfile created on: 14/04/2009 19:52:42 - Run 1

OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Daniel\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 67.50% Memory free

3.85 Gb Paging File | 3.25 Gb Available in Paging File | 84.56% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 279.47 Gb Total Space | 158.62 Gb Free Space | 56.76% Space Free | Partition Type: NTFS

Drive D: | 488.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: FLAMS

Current User Name: Daniel

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Output = Minimal

File Age = 30 Days

Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)

PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)

PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)

PRC - C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)

PRC - C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)

PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)

PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)

PRC - C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)

PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

PRC - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)

PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

PRC - C:\Program Files\Rainlendar2\Rainlendar2.exe ()

PRC - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

PRC - C:\WINDOWS\ehome\RMSysTry.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)

PRC - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)

PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)

PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)

PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

PRC - C:\WINDOWS\ehome\RMSvc.exe (Microsoft Corporation)

PRC - C:\WINDOWS\ehome\McrdSvc.exe (Microsoft Corporation)

PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)

PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation)

PRC - C:\Program Files\foobar2000\foobar2000.exe ()

PRC - C:\Documents and Settings\Daniel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

PRC - C:\Documents and Settings\Daniel\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)

SRV - (Apple Mobile Device [Disabled | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)

SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)

SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)

SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)

SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)

SRV - (HauppaugeTVServer [On_Demand | Stopped]) -- File not found

SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SRV - (idsvc [unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)

SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)

SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\McrdSvc.exe (Microsoft Corporation)

SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)

SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)

SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (PnkBstrA [Disabled | Stopped]) -- File not found

SRV - (RMSvc [Auto | Running]) -- C:\WINDOWS\ehome\RMSvc.exe (Microsoft Corporation)

SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (vsmon [Auto | Running]) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)

SRV - (wampapache [On_Demand | Stopped]) -- c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe (Apache Software Foundation)

SRV - (wampmysqld [On_Demand | Stopped]) -- c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe ()

SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [system | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)

DRV - (AmdK8 [system | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)

DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)

DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswSP [system | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswTdi [system | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)

DRV - (ctac32k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)

DRV - (ctaud2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)

DRV - (ctdvda2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)

DRV - (ctprxy2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)

DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)

DRV - (emupia [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)

DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (gmer [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER)

DRV - (ha10kx2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)

DRV - (hamachi [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)

DRV - (hap16v2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\hap16v2k.sys (Creative Technology Ltd)

DRV - (hap17v2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\hap17v2k.sys (Creative Technology Ltd)

DRV - (HCW88BDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)

DRV - (hcw88rc5 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.)

DRV - (HCW88TSE [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)

DRV - (hcw88vid [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\hcw88vid.sys (Hauppauge Computer Works, Inc)

DRV - (MPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\MPE.sys (Microsoft Corporation)

DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)

DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcdnsu [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)

DRV - (nmwcdnsuc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)

DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)

DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)

DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)

DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)

DRV - (ovt519 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\ov519vid.sys (OmniVision Technologies, Inc.)

DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)

DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)

DRV - (PxHelp20 [boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)

DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (sptd [boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (srescan [boot | Running]) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Check Point Software Technologies LTD)

DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)

DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)

DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)

DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)

DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation)

DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)

DRV - (vsdatant [system | Running]) -- C:\WINDOWS\System32\vsdatant.sys (Check Point Software Technologies LTD)

DRV - (xusb21 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\xusb21.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.meshcomputers.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.rllmukforum.com/index.php?"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.4

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.2

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11

FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0

FF - prefs.js..extensions.enabledItems: [email protected]:0.9929

FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:0.6.0.5

FF - prefs.js..extensions.enabledItems: [email protected]:1.7.7.1

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/03 17:26:34 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2008/12/04 11:02:04 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/30 09:26:01 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/30 09:26:01 | 00,000,000 | ---D | M]

[2008/03/25 17:22:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Extensions

[2008/03/25 17:22:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/04/14 11:11:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions

[2009/03/31 11:16:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}

[2008/05/20 14:51:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}

[2009/01/10 20:59:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009/02/05 10:11:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

[2009/03/26 12:02:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2009/02/18 18:42:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2008/12/05 23:08:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\[email protected]

[2009/03/14 12:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\y9t91jmr.default\extensions\[email protected]

[2008/06/25 15:33:51 | 00,001,108 | ---- | M] () -- C:\Documents and Settings\Daniel\Application Data\Mozilla\FireFox\Profiles\y9t91jmr.default\searchplugins\wikipedia-en.xml

[2009/01/17 14:31:05 | 00,001,032 | ---- | M] () -- C:\Documents and Settings\Daniel\Application Data\Mozilla\FireFox\Profiles\y9t91jmr.default\searchplugins\wikipedia-eng.xml

[2009/04/14 11:11:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009/03/30 09:25:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2008/01/03 16:00:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

[2008/04/09 14:56:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

[2008/03/09 12:38:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

[2008/08/04 10:16:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

[2008/12/03 17:26:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

[2009/03/30 09:25:51 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll

[2009/03/30 09:25:51 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

[2008/01/04 16:36:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml

[2006/07/05 19:47:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml

[2008/01/04 16:36:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml

[2008/03/08 10:35:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml

[2008/11/14 14:42:55 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml

[2008/04/16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2008/03/28 19:11:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml

[2008/01/04 16:36:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (226635 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.1001-search.info

O1 - Hosts: 127.0.0.1 1001-search.info

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.123topsearch.com

O1 - Hosts: 127.0.0.1 123topsearch.com

O1 - Hosts: 127.0.0.1 www.132.com

O1 - Hosts: 127.0.0.1 132.com

O1 - Hosts: 127.0.0.1 www.136136.net

O1 - Hosts: 127.0.0.1 136136.net

O1 - Hosts: 7952 more lines...

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" (Creative Technology Ltd.)

O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE" (Creative Technology Ltd)

O4 - HKLM..\Run: [CTHelper] CTHELPER.EXE (Creative Technology Ltd)

O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r (Creative Technology Ltd)

O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)

O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()

O4 - HKLM..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup (Creative Technology Ltd.)

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [updReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot (BillP Studios)

O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()

O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/softwareupdate/su/...031/CTSUEng.cab (Creative Software AutoUpdate)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/da/PCPitStop.CAB (PCPitstop Utility)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupd...b?1198518217031 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/popcaploader_v10.cab (PopCapLoader Object)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su/...15035/CTPID.cab (Creative Software AutoUpdate Support Package)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll (PCPitstop Exam)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]

O32 - Autorun File - D:\AUTORUN.INF () - [ CDFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

NetSvcs: 6to4 -

NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll (Microsoft Corporation)

NetSvcs: AudioSrv - C:\WINDOWS\System32\audiosrv.dll (Microsoft Corporation)

NetSvcs: Browser - C:\WINDOWS\System32\browser.dll (Microsoft Corporation)

NetSvcs: CryptSvc - C:\WINDOWS\System32\cryptsvc.dll (Microsoft Corporation)

NetSvcs: DMServer - C:\WINDOWS\System32\dmserver.dll (Microsoft Corp.)

NetSvcs: DHCP - C:\WINDOWS\System32\dhcpcsvc.dll (Microsoft Corporation)

NetSvcs: ERSvc - C:\WINDOWS\System32\ersvc.dll (Microsoft Corporation)

NetSvcs: EventSystem - C:\WINDOWS\system32\es.dll (Microsoft Corporation)

NetSvcs: FastUserSwitchingCompatibility - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)

NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll (Microsoft Corporation)

NetSvcs: Ias -

NetSvcs: Iprip -

NetSvcs: Irmon -

NetSvcs: LanmanServer - C:\WINDOWS\System32\srvsvc.dll (Microsoft Corporation)

NetSvcs: LanmanWorkstation - C:\WINDOWS\System32\wkssvc.dll (Microsoft Corporation)

NetSvcs: Messenger - C:\WINDOWS\System32\msgsvc.dll (Microsoft Corporation)

NetSvcs: Netman - C:\WINDOWS\System32\netman.dll (Microsoft Corporation)

NetSvcs: Nla - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)

NetSvcs: Ntmssvc - C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)

NetSvcs: NWCWorkstation -

NetSvcs: Nwsapagent -

NetSvcs: Rasauto - C:\WINDOWS\System32\rasauto.dll (Microsoft Corporation)

NetSvcs: Rasman - C:\WINDOWS\System32\rasmans.dll (Microsoft Corporation)

NetSvcs: Remoteaccess - C:\WINDOWS\System32\mprdim.dll (Microsoft Corporation)

NetSvcs: Schedule - C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)

NetSvcs: Seclogon - C:\WINDOWS\System32\seclogon.dll (Microsoft Corporation)

NetSvcs: SENS - C:\WINDOWS\system32\sens.dll (Microsoft Corporation)

NetSvcs: Sharedaccess - C:\WINDOWS\System32\ipnathlp.dll (Microsoft Corporation)

NetSvcs: SRService - C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)

NetSvcs: Tapisrv - C:\WINDOWS\System32\tapisrv.dll (Microsoft Corporation)

NetSvcs: Themes - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)

NetSvcs: TrkWks - C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)

NetSvcs: W32Time - C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)

NetSvcs: WZCSVC - C:\WINDOWS\System32\wzcsvc.dll (Microsoft Corporation)

NetSvcs: Wmi - C:\WINDOWS\System32\advapi32.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp -

NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\WMIsvc.dll (Microsoft Corporation)

NetSvcs: wscsvc - C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)

NetSvcs: xmlprov - C:\WINDOWS\System32\xmlprov.dll (Microsoft Corporation)

NetSvcs: MHN - C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)

NetSvcs: BITS - C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)

NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

NetSvcs: ShellHWDetection - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)

NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

NetSvcs: WmdmPmSN - C:\WINDOWS\system32\MsPMSNSv.dll (Microsoft Corporation)

NetSvcs: napagent - C:\WINDOWS\System32\qagentrt.dll (Microsoft Corporation)

NetSvcs: hkmsvc - C:\WINDOWS\System32\kmsvc.dll (Microsoft Corporation)

MsConfig - StartUpReg: AppleSyncNotifier - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

MsConfig - StartUpReg: CanonMyPrinter - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

MsConfig - StartUpReg: CTCheck - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)

MsConfig - StartUpReg: DAEMON Tools Lite - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\DAEMON Tools Lite\daemon.exe File not found

MsConfig - StartUpReg: Google Update - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %UserProfile%\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - StartUpReg: iTunesHelper - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\iTunes\iTunesHelper.exe (Apple Inc.)

MsConfig - StartUpReg: PC Suite Tray - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe (Nokia)

MsConfig - StartUpReg: QuickTime Task - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: RssReader - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\RssReader\RssReader.exe File not found

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

SafeBootMin: aawservice - %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll (Microsoft Corporation)

SafeBootMin: Base - Driver Group

SafeBootMin: BgMainSvc - Reg Error: Value error.

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: CryptSvc - %SystemRoot%\System32\cryptsvc.dll (Microsoft Corporation)

SafeBootMin: DcomLaunch - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)

SafeBootMin: dmadmin - %SystemRoot%\System32\dmadmin.exe (Microsoft Corp., Veritas Software)

SafeBootMin: dmboot.sys - %SystemRoot%\System32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)

SafeBootMin: dmio.sys - %SystemRoot%\System32\drivers\dmio.sys (Microsoft Corp., Veritas Software)

SafeBootMin: dmload.sys - %SystemRoot%\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)

SafeBootMin: dmserver - %SystemRoot%\System32\dmserver.dll (Microsoft Corp.)

SafeBootMin: EventLog - %SystemRoot%\system32\services.exe (Microsoft Corporation)

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SafeBootMin: Netlogon - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PlugPlay - %SystemRoot%\system32\services.exe (Microsoft Corporation)

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: RpcSs - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: sr.sys - %SystemRoot%\system32\DRIVERS\sr.sys (Microsoft Corporation)

SafeBootMin: SRService - %SystemRoot%\system32\srsvc.dll (Microsoft Corporation)

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: vgasave.sys - %SystemRoot%\System32\drivers\vga.sys (Microsoft Corporation)

SafeBootMin: WinMgmt - %SystemRoot%\system32\wbem\WMIsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: aawservice - %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)

SafeBootNet: AFD - %SystemRoot%\System32\drivers\afd.sys (Microsoft Corporation)

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll (Microsoft Corporation)

SafeBootNet: Base - Driver Group

SafeBootNet: BgLiveSvc - Reg Error: Value error.

SafeBootNet: BgMainSvc - Reg Error: Value error.

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: Browser - %SystemRoot%\System32\browser.dll (Microsoft Corporation)

SafeBootNet: CryptSvc - %SystemRoot%\System32\cryptsvc.dll (Microsoft Corporation)

SafeBootNet: DcomLaunch - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)

SafeBootNet: Dhcp - %SystemRoot%\System32\dhcpcsvc.dll (Microsoft Corporation)

SafeBootNet: dmadmin - %SystemRoot%\System32\dmadmin.exe (Microsoft Corp., Veritas Software)

SafeBootNet: dmboot.sys - %SystemRoot%\System32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)

SafeBootNet: dmio.sys - %SystemRoot%\System32\drivers\dmio.sys (Microsoft Corp., Veritas Software)

SafeBootNet: dmload.sys - %SystemRoot%\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)

SafeBootNet: dmserver - %SystemRoot%\System32\dmserver.dll (Microsoft Corp.)

SafeBootNet: DnsCache - %SystemRoot%\System32\dnsrslvr.dll (Microsoft Corporation)

SafeBootNet: EventLog - %SystemRoot%\system32\services.exe (Microsoft Corporation)

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SafeBootNet: ip6fw.sys - %SystemRoot%\system32\drivers\ip6fw.sys (Microsoft Corporation)

SafeBootNet: ipnat.sys - %SystemRoot%\system32\DRIVERS\ipnat.sys (Microsoft Corporation)

SafeBootNet: LanmanServer - %SystemRoot%\System32\srvsvc.dll (Microsoft Corporation)

SafeBootNet: LanmanWorkstation - %SystemRoot%\System32\wkssvc.dll (Microsoft Corporation)

SafeBootNet: LmHosts - %SystemRoot%\System32\lmhsvc.dll (Microsoft Corporation)

SafeBootNet: Messenger - %SystemRoot%\System32\msgsvc.dll (Microsoft Corporation)

SafeBootNet: NDIS - %SystemRoot%\System32\drivers\ndis.sys (Microsoft Corporation)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: Ndisuio - %SystemRoot%\system32\DRIVERS\ndisuio.sys (Microsoft Corporation)

SafeBootNet: NetBIOS - %SystemRoot%\system32\DRIVERS\netbios.sys (Microsoft Corporation)

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetBT - %SystemRoot%\system32\DRIVERS\netbt.sys (Microsoft Corporation)

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Netlogon - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)

SafeBootNet: NetMan - %SystemRoot%\System32\netman.dll (Microsoft Corporation)

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NtLmSsp - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PlugPlay - %SystemRoot%\system32\services.exe (Microsoft Corporation)

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdpcdd.sys - %SystemRoot%\System32\DRIVERS\RDPCDD.sys (Microsoft Corporation)

SafeBootNet: rdpdd.sys - %SystemRoot%\System32\rdpdd.dll (Microsoft Corporation)

SafeBootNet: rdpwd.sys - %SystemRoot%\System32\drivers\rdpwd.sys (Microsoft Corporation)

SafeBootNet: rdsessmgr - %SystemRoot%\system32\sessmgr.exe (Microsoft Corporation)

SafeBootNet: RpcSs - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: SharedAccess - %SystemRoot%\System32\ipnathlp.dll (Microsoft Corporation)

SafeBootNet: sr.sys - %SystemRoot%\system32\DRIVERS\sr.sys (Microsoft Corporation)

SafeBootNet: SRService - %SystemRoot%\system32\srsvc.dll (Microsoft Corporation)

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: Tcpip - %SystemRoot%\system32\DRIVERS\tcpip.sys (Microsoft Corporation)

SafeBootNet: TDI - Driver Group

SafeBootNet: tdpipe.sys - %SystemRoot%\System32\drivers\tdpipe.sys (Microsoft Corporation)

SafeBootNet: tdtcp.sys - %SystemRoot%\System32\drivers\tdtcp.sys (Microsoft Corporation)

SafeBootNet: termservice - %SystemRoot%\System32\termsrv.dll (Microsoft Corporation)

SafeBootNet: vga.sys - Driver

SafeBootNet: vgasave.sys - %SystemRoot%\System32\drivers\vga.sys (Microsoft Corporation)

SafeBootNet: vsmon - %SystemRoot%\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)

SafeBootNet: WinMgmt - %SystemRoot%\system32\wbem\WMIsvc.dll (Microsoft Corporation)

SafeBootNet: WZCSVC - %SystemRoot%\System32\wzcsvc.dll (Microsoft Corporation)

SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {670B2FE5-9A0C-2F16-C207-C1D9DFC7F10D} - Internet Explorer

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Reg Error: Value error.

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3

ActiveX: {ECD292A0-0347-4244-8C24-5DBCE990FB40} - Hotfix for Microsoft .NET Framework 3.0 (KB932471)

ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate

ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: aux - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: aux1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)

Drivers32: mixer - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.avis - C:\WINDOWS\system32\ff_acm.acm ()

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.imaadpcm - C:\WINDOWS\system32\imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.msadpcm - C:\WINDOWS\system32\msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msaudio1 - C:\WINDOWS\system32\msaud32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - C:\WINDOWS\system32\msg711.acm (Microsoft Corporation)

Drivers32: msacm.msg723 - C:\WINDOWS\system32\msg723.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - C:\WINDOWS\system32\msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.siren - C:\WINDOWS\system32\sirenacm.dll (Microsoft Corporation)

Drivers32: msacm.sl_anet - C:\WINDOWS\system32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\system32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\system32\VfWWDM32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\system32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\system32\DivX.dll (DivX, Inc.)

Drivers32: vidc.ffds - C:\WINDOWS\system32\ff_vfw.dll ()

Drivers32: vidc.fvfw - C:\WINDOWS\system32\ff_vfw.dll ()

Drivers32: VIDC.I420 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\system32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\system32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.IYUV - C:\WINDOWS\system32\iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.M261 - C:\WINDOWS\system32\msh261.drv (Microsoft Corporation)

Drivers32: vidc.M263 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.mrle - C:\WINDOWS\system32\msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - C:\WINDOWS\system32\msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)

Drivers32: vidc.XVID - C:\WINDOWS\system32\xvidvfw.dll ()

Drivers32: VIDC.YUY2 - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)

Drivers32: vidc.yv12 - C:\WINDOWS\system32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.YVU9 - C:\WINDOWS\system32\tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)

Drivers32: wave - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)

Drivers32: wavemapper - C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/04/14 19:50:02 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTListIt2.exe

[2009/04/14 18:20:14 | 36,692,3044 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\24.S07E18.HDTV.XviD-NoTV.avi

[2009/04/14 18:10:54 | 18,286,3072 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\Red_Dwarf.9x01.Back_To_Earth_Part_One.WS_PDTV_XviD-FoV.[VTV].avi

[2009/04/14 16:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2009/04/11 18:02:35 | 00,298,998 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\14284685-Full.jpg

[2009/04/11 17:57:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Desktop\New Folder

[2009/04/11 11:39:27 | 28,030,656 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\Joypod_070409.mp3

[2009/04/01 17:02:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\My Documents\New Star Grand Prix

[2009/04/01 17:01:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Desktop\NSGPDemo0_95

[2009/03/23 17:29:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Desktop\Becca

[2009/03/22 12:26:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\My Documents\Bob Books

[2009/03/22 12:01:55 | 00,000,000 | ---D | C] -- C:\Program Files\BOB Books

[2008/12/10 14:43:37 | 00,000,018 | ---- | C] () -- C:\WINDOWS\cnc.ini

[2008/11/21 22:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008/11/21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008/11/21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008/11/21 22:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2008/05/18 23:04:01 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini

[2008/05/18 23:04:00 | 00,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll

[2008/05/18 18:58:38 | 00,000,057 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2008/04/16 16:00:48 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2008/03/28 02:33:58 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2008/03/11 16:08:40 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008/03/11 16:08:38 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008/02/19 10:46:00 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2008/02/18 11:55:36 | 00,086,446 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini

[2008/02/18 11:55:36 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL

[2008/02/11 16:06:22 | 00,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2008/02/01 21:29:10 | 00,032,133 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2008/02/01 21:28:44 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll

[2008/02/01 21:28:23 | 00,000,135 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008/02/01 21:28:22 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll

[2008/02/01 21:27:57 | 00,001,956 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI

[2008/02/01 21:01:21 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwxds.dll

[2007/12/28 15:57:47 | 01,986,048 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll

[2007/12/28 15:57:47 | 01,627,136 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll

[2007/12/28 15:57:47 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\libFLAC_dynamic.dll

[2007/12/28 15:57:47 | 00,258,560 | ---- | C] () -- C:\WINDOWS\System32\avformat-51.dll

[2007/12/28 15:57:47 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\FFMpegSource.dll

[2007/12/28 15:57:47 | 00,133,120 | ---- | C] () -- C:\WINDOWS\System32\swscale-0.dll

[2007/12/28 15:57:47 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\libsndfile-1.dll

[2007/12/28 15:57:47 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll

[2007/12/28 15:57:47 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\postproc-51.dll

[2007/12/28 15:57:47 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll

[2007/12/24 18:24:19 | 00,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini

[2007/12/24 17:04:55 | 00,003,254 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2007/12/24 17:04:54 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2007/12/05 02:41:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2007/12/05 02:41:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2007/12/05 02:41:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2007/12/05 02:41:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2007/12/05 02:41:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007/07/25 14:24:28 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2007/03/29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll

[2007/03/27 11:45:22 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

[2007/03/10 12:51:48 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2006/08/11 15:57:18 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL

[2006/05/23 13:40:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI

[2006/03/15 13:00:00 | 00,000,699 | ---- | C] () -- C:\WINDOWS\win.ini

[2006/03/15 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll

[2005/06/18 07:04:56 | 00,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

[2005/06/16 19:17:16 | 00,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL

[2002/10/15 23:54:04 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

========== Files - Modified Within 30 Days ==========

[14 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009/04/14 19:54:09 | 36,692,3044 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\24.S07E18.HDTV.XviD-NoTV.avi

[2009/04/14 19:53:44 | 18,286,3072 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\Red_Dwarf.9x01.Back_To_Earth_Part_One.WS_PDTV_XviD-FoV.[VTV].avi

[2009/04/14 19:50:29 | 04,958,588 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000008-10211102}.CDF

[2009/04/14 19:50:05 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTListIt2.exe

[2009/04/14 17:19:01 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-162531612-839522115-1003.job

[2009/04/14 16:47:47 | 00,350,191 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml

[2009/04/14 16:47:15 | 00,198,223 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2009/04/14 16:47:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/04/14 16:47:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/04/14 11:15:29 | 00,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000008-10211102}.rfx

[2009/04/14 11:15:29 | 00,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000007-00001102-00000008-10211102}.rfx

[2009/04/14 11:15:29 | 00,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000007-00001102-00000008-10211102}.rfx

[2009/04/14 11:15:29 | 00,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000007-00001102-00000008-10211102}.rfx

[2009/04/14 11:15:29 | 00,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000007-00001102-00000008-10211102}.rfx

[2009/04/14 11:15:29 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm

[2009/04/14 11:15:29 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

[2009/04/14 11:14:40 | 04,958,588 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000008-10211102}.BAK

[2009/04/13 18:25:27 | 00,141,312 | ---- | M] () -- C:\Documents and Settings\Daniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/04/11 18:02:36 | 00,298,998 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\14284685-Full.jpg

[2009/04/11 16:57:26 | 28,030,656 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\Joypod_070409.mp3

[2009/04/11 11:27:46 | 00,013,696 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/03/31 13:22:12 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat

[2009/03/29 16:24:15 | 00,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/03/29 16:24:15 | 00,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/03/29 16:24:15 | 00,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/03/17 21:10:06 | 02,101,976 | -H-- | M] () -- C:\Documents and Settings\Daniel\Local Settings\Application Data\IconCache.db

========== LOP Check ==========

[2009/02/04 18:18:10 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data

[2009/01/07 14:35:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2008/11/17 20:13:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy

[2009/02/25 12:43:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2008/01/10 00:04:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple

[2008/08/04 09:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2007/12/28 16:06:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

[2009/02/04 18:18:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard

[2008/10/15 14:28:11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ

[2008/05/06 20:53:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Channel4

[2007/12/25 18:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative

[2008/07/02 18:02:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2008/08/11 08:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2009/02/08 18:17:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki

[2008/10/02 21:48:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2009/03/10 11:23:23 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2008/08/08 16:40:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia

[2008/01/10 00:30:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2008/01/31 00:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop

[2008/05/26 12:16:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap

[2008/11/06 18:00:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype

[2009/02/08 18:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2007/12/24 18:46:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2008/01/06 15:13:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller

[2009/02/25 12:43:07 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Daniel\Application Data

[2009/01/29 13:41:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Acreon

[2009/04/03 11:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Adobe

[2008/11/03 13:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Apple Computer

[2008/07/09 20:57:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\avidemux

[2008/01/02 15:47:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Azureus

[2008/10/15 15:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Canon

[2008/01/23 11:42:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\com.oxygenxml

[2008/02/18 11:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Creative

[2008/03/28 02:33:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools

[2009/02/25 12:43:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1

[2007/12/25 23:27:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DivX

[2009/03/10 11:47:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\FileZilla

[2008/03/21 10:39:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Firaxis Games

[2008/01/09 12:59:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Flickr

[2009/04/13 20:45:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\foobar2000

[2008/07/09 20:57:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\gtk-2.0

[2008/09/03 16:48:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Hamachi

[2007/12/24 17:02:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Identities

[2008/02/02 17:02:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\InstallShield

[2008/03/21 10:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\InstallShield Installation Information

[2008/06/03 12:24:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Macromedia

[2008/06/24 12:51:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Daniel\Application Data\Microsoft

[2008/09/23 23:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mIRC

[2008/03/25 17:22:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mozilla

[2008/03/22 11:50:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\My Games

[2008/08/08 16:45:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Nokia

[2008/07/09 20:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Nokia Multimedia Player

[2009/02/18 15:04:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\OpenOffice.org

[2009/02/18 14:53:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\OpenOffice.org2

[2008/12/09 14:12:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Opera

[2007/12/29 19:24:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\PC Suite

[2008/02/11 16:06:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Real

[2008/07/14 12:13:10 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Daniel\Application Data\SecuROM

[2008/12/23 12:56:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Skype

[2008/12/23 12:54:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\skypePM

[2008/06/20 20:46:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SPORE Creature Creator

[2008/03/28 02:47:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sports Interactive

[2009/04/07 19:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Spotify

[2007/12/24 18:28:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sun

[2008/06/24 12:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SystemRequirementsLab

[2009/02/25 11:26:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Trusteer

[2009/04/14 19:54:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\uTorrent

[2008/04/01 12:22:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Ventrilo

[2008/01/02 11:20:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\vlc

[2009/02/08 18:10:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\WinPatrol

[2007/12/26 21:05:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\WinRAR

[2008/04/26 17:38:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Wizards of the Coast

[2006/03/15 13:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009/04/14 17:19:01 | 00,000,930 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-162531612-839522115-1003.job

[2009/04/14 16:47:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %SYSTEMDRIVE%\*. >

[2009/04/14 19:50:05 | 00,000,000 | ---D | M] -- C:

[2008/02/02 21:25:32 | 00,000,000 | ---D | M] -- C:\0b010b9ee5c52c3f25b8d759

[2008/12/04 11:00:27 | 00,000,000 | ---D | M] -- C:\b7d4fe13b769a6b03ab0fce77f4d207f

[2009/03/31 13:21:16 | 00,000,000 | -HSD | M] -- C:\Config.Msi

[2008/02/28 18:49:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings

[2007/12/24 16:45:29 | 00,000,000 | ---D | M] -- C:\DRIVERS

[2009/03/09 11:26:29 | 00,000,000 | ---D | M] -- C:\Games

[2008/06/07 13:27:15 | 00,000,000 | ---D | M] -- C:\HammerAutosave

[2008/02/01 21:25:29 | 00,000,000 | ---D | M] -- C:\Hauppauge

[2008/05/25 13:29:42 | 00,000,000 | ---D | M] -- C:\Kontiki

[2008/03/26 11:29:23 | 00,000,000 | ---D | M] -- C:\Logs

[2008/03/12 11:36:37 | 00,000,000 | ---D | M] -- C:\logs3

[2008/07/09 20:58:59 | 00,000,000 | ---D | M] -- C:\MP4Cam2AVI_v2.71

[2008/11/28 13:49:25 | 00,000,000 | ---D | M] -- C:\NVIDIA

[2009/04/14 16:57:11 | 00,000,000 | R--D | M] -- C:\Program Files

[2007/12/24 18:26:27 | 00,000,000 | -HSD | M] -- C:\RECYCLER

[2007/12/24 17:01:39 | 00,000,000 | -HSD | M] -- C:\System Volume Information

[2009/03/22 12:02:04 | 00,000,000 | ---D | M] -- C:\Temp

[2008/07/09 20:53:01 | 00,000,000 | ---D | M] -- C:\virtual dub

[2008/04/07 14:35:36 | 00,000,000 | ---D | M] -- C:\wamp

[2008/10/30 15:08:18 | 00,000,000 | ---D | M] -- C:\Westwood

[2009/04/14 16:47:28 | 00,000,000 | ---D | M] -- C:\WINDOWS

< %PROGRAMFILES%\*. >

[2009/04/14 16:57:11 | 00,000,000 | R--D | M] -- C:\Program Files

[2008/02/03 22:49:27 | 00,000,000 | ---D | M] -- C:\Program Files\AC3Filter

[2008/12/01 15:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe

[2008/11/28 13:51:52 | 00,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies

[2008/04/23 18:57:23 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software

[2008/02/02 17:03:01 | 00,000,000 | ---D | M] -- C:\Program Files\AMD

[2008/08/04 09:39:37 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update

[2009/02/08 10:46:58 | 00,000,000 | ---D | M] -- C:\Program Files\Audacity

[2007/12/25 18:28:57 | 00,000,000 | ---D | M] -- C:\Program Files\Audible

[2008/07/09 20:56:45 | 00,000,000 | ---D | M] -- C:\Program Files\Avidemux 2.4

[2008/02/03 21:04:19 | 00,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5

[2008/01/02 16:16:44 | 00,000,000 | ---D | M] -- C:\Program Files\Azureus

[2009/02/08 18:10:25 | 00,000,000 | ---D | M] -- C:\Program Files\BillP Studios

[2009/03/22 12:02:04 | 00,000,000 | ---D | M] -- C:\Program Files\BOB Books

[2009/01/07 14:34:08 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour

[2008/10/24 10:50:48 | 00,000,000 | ---D | M] -- C:\Program Files\Bridge Building Game

[2008/10/15 14:31:28 | 00,000,000 | ---D | M] -- C:\Program Files\Canon

[2008/10/15 14:27:32 | 00,000,000 | -H-D | M] -- C:\Program Files\CanonBJ

[2008/05/21 14:19:04 | 00,000,000 | ---D | M] -- C:\Program Files\Castle-Combat

[2007/12/25 23:19:36 | 00,000,000 | ---D | M] -- C:\Program Files\Chami

[2009/03/10 11:23:27 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files

[2007/12/24 16:55:16 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications

[2008/04/09 20:48:36 | 00,000,000 | ---D | M] -- C:\Program Files\Creative

[2007/12/25 18:54:22 | 00,000,000 | -H-D | M] -- C:\Program Files\Creative Installation Information

[2007/12/28 18:02:41 | 00,000,000 | ---D | M] -- C:\Program Files\DIFX

[2008/12/04 16:13:36 | 00,000,000 | ---D | M] -- C:\Program Files\DivX

[2009/01/06 16:34:37 | 00,000,000 | ---D | M] -- C:\Program Files\EA SPORTS

[2008/03/11 16:08:40 | 00,000,000 | ---D | M] -- C:\Program Files\ffdshow

[2009/03/08 13:01:44 | 00,000,000 | ---D | M] -- C:\Program Files\FileZilla Client

[2009/02/04 14:35:52 | 00,000,000 | ---D | M] -- C:\Program Files\Flickr Uploadr

[2009/02/13 20:47:20 | 00,000,000 | ---D | M] -- C:\Program Files\foobar2000

[2008/02/03 21:04:04 | 00,000,000 | ---D | M] -- C:\Program Files\Gabest

[2009/01/20 12:38:33 | 00,000,000 | ---D | M] -- C:\Program Files\Gham

[2008/01/09 18:16:34 | 00,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0

[2007/12/26 12:10:14 | 00,000,000 | ---D | M] -- C:\Program Files\GSpot270a

[2008/08/04 10:56:43 | 00,000,000 | ---D | M] -- C:\Program Files\Hamachi

[2008/05/11 21:49:42 | 00,000,000 | ---D | M] -- C:\Program Files\Hattrick Manager

[2008/05/26 20:19:34 | 00,000,000 | ---D | M] -- C:\Program Files\Hothead Games

[2008/06/19 11:46:55 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information

[2009/02/11 17:25:01 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer

[2009/01/07 14:35:22 | 00,000,000 | ---D | M] -- C:\Program Files\iPod

[2008/04/04 19:37:24 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView

[2009/01/07 14:35:43 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes

[2008/12/03 17:26:29 | 00,000,000 | ---D | M] -- C:\Program Files\Java

[2009/02/18 14:58:58 | 00,000,000 | ---D | M] -- C:\Program Files\JRE

[2008/10/02 21:46:19 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft

[2009/02/03 16:46:07 | 00,000,000 | ---D | M] -- C:\Program Files\Maxis

[2008/01/02 11:01:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mesh Online

[2008/09/16 14:11:40 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger

[2009/03/10 11:28:39 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft

[2007/12/24 16:59:12 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage

[2009/02/03 17:55:20 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Games

[2008/03/09 22:00:43 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office

[2009/02/26 21:07:22 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight

[2008/09/16 14:40:18 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Xbox 360 Accessories

[2008/09/23 23:34:54 | 00,000,000 | ---D | M] -- C:\Program Files\mIRC

[2008/09/16 14:07:27 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker

[2009/04/14 19:52:12 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox

[2008/02/02 21:29:11 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild

[2008/03/09 22:00:35 | 00,000,000 | ---D | M] -- C:\Program Files\MSECache

[2007/12/24 16:53:25 | 00,000,000 | ---D | M] -- C:\Program Files\MSN

[2007/12/24 16:53:56 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone

[2008/08/09 12:01:54 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0

[2008/02/03 23:51:32 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0

[2008/12/12 15:43:28 | 00,000,000 | ---D | M] -- C:\Program Files\Naked War

[2008/09/16 14:04:16 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting

[2008/08/11 09:10:50 | 00,000,000 | ---D | M] -- C:\Program Files\Nokia

[2007/12/24 16:55:02 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services

[2008/05/30 17:17:23 | 00,000,000 | ---D | M] -- C:\Program Files\OpenAL

[2008/04/09 14:58:23 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 2.3

[2009/02/18 14:58:01 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 2.4

[2009/02/18 14:58:55 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3

[2009/01/21 19:02:59 | 00,000,000 | ---D | M] -- C:\Program Files\Opera

[2008/09/24 17:55:55 | 00,000,000 | ---D | M] -- C:\Program Files\Orb Networks

[2008/09/16 14:04:11 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express

[2008/08/11 09:10:03 | 00,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution

[2008/02/01 20:58:27 | 00,000,000 | ---D | M] -- C:\Program Files\PCPitstop

[2008/03/11 16:07:46 | 00,000,000 | ---D | M] -- C:\Program Files\PlayFLV

[2008/05/28 20:33:27 | 00,000,000 | ---D | M] -- C:\Program Files\PokerStars

[2008/05/26 12:41:35 | 00,000,000 | ---D | M] -- C:\Program Files\PopCap Games

[2009/01/07 14:33:42 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime

[2008/10/21 17:50:46 | 00,000,000 | ---D | M] -- C:\Program Files\Rainlendar2

[2008/02/11 16:04:03 | 00,000,000 | ---D | M] -- C:\Program Files\Real

[2008/02/02 21:26:29 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies

[2008/03/18 12:19:29 | 00,000,000 | ---D | M] -- C:\Program Files\RssReader

[2008/12/03 17:48:53 | 00,000,000 | ---D | M] -- C:\Program Files\Skype

[2008/05/18 18:58:21 | 00,000,000 | ---D | M] -- C:\Program Files\Sonic

[2008/05/11 21:53:26 | 00,000,000 | ---D | M] -- C:\Program Files\Sports Interactive

[2009/01/22 10:40:39 | 00,000,000 | ---D | M] -- C:\Program Files\Spotify

[2008/06/01 19:38:56 | 00,000,000 | ---D | M] -- C:\Program Files\Stardock

[2009/04/01 16:54:28 | 00,000,000 | ---D | M] -- C:\Program Files\Steam

[2008/06/24 12:07:12 | 00,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab

[2008/10/24 17:37:39 | 00,000,000 | ---D | M] -- C:\Program Files\The General

[2008/05/19 12:17:00 | 00,000,000 | ---D | M] -- C:\Program Files\THQ

[2009/04/14 16:57:11 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro

[2008/05/30 17:17:22 | 00,000,000 | ---D | M] -- C:\Program Files\Trials 2 Second Edition

[2008/11/18 22:54:54 | 00,000,000 | ---D | M] -- C:\Program Files\TripleA

[2009/02/25 11:25:58 | 00,000,000 | ---D | M] -- C:\Program Files\Trusteer

[2009/02/25 12:43:03 | 00,000,000 | ---D | M] -- C:\Program Files\twhirl

[2007/12/24 17:02:16 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information

[2008/05/15 23:09:43 | 00,000,000 | ---D | M] -- C:\Program Files\uTorrent

[2008/04/01 12:20:58 | 00,000,000 | ---D | M] -- C:\Program Files\Ventrilo

[2008/01/02 07:57:58 | 00,000,000 | ---D | M] -- C:\Program Files\VideoLAN

[2008/01/09 21:57:45 | 00,000,000 | ---D | M] -- C:\Program Files\Warcraft III

[2008/12/04 16:45:59 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer

[2009/03/10 11:28:00 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live

[2009/03/10 11:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive

[2008/01/10 00:29:36 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2

[2008/01/10 00:37:39 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player

[2008/09/16 14:04:11 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT

[2007/12/24 16:54:45 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Plus

[2007/12/24 16:57:34 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate

[2007/12/26 21:05:49 | 00,000,000 | ---D | M] -- C:\Program Files\WinRAR

[2008/04/07 14:38:23 | 00,000,000 | ---D | M] -- C:\Program Files\WinTV

[2008/04/26 17:33:49 | 00,000,000 | ---D | M] -- C:\Program Files\Wizards of the Coast

[2008/11/17 20:13:29 | 00,000,000 | ---D | M] -- C:\Program Files\WorldOfGooDemo

[2009/01/29 13:15:06 | 00,000,000 | ---D | M] -- C:\Program Files\WUU

[2007/12/24 16:59:12 | 00,000,000 | ---D | M] -- C:\Program Files\xerox

[2008/12/04 10:52:15 | 00,000,000 | ---D | M] -- C:\Program Files\Zafehouse

[2008/05/11 21:50:04 | 00,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry

[2009/02/08 18:38:30 | 00,000,000 | ---D | M] -- C:\Program Files\Zone Labs

< End of report >

Link to post
Share on other sites

OTListIt Extras logfile created on: 14/04/2009 19:52:42 - Run 1

OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Daniel\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 67.50% Memory free

3.85 Gb Paging File | 3.25 Gb Available in Paging File | 84.56% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 279.47 Gb Total Space | 158.62 Gb Free Space | 56.76% Space Free | Partition Type: NTFS

Drive D: | 488.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: FLAMS

Current User Name: Daniel

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Output = Minimal

File Age = 30 Days

Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"3776:UDP" = 3776:UDP:*:Enabled:Media Center Extender Service

"3390:TCP" = 3390:TCP:*:Enabled:Remote Media Center Experience

"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)

C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)

%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)

C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center (Microsoft Corporation)

C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:*:Enabled:Apache HTTP Server File not found

C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)

C:\Program Files\Steam\steamapps\[email protected]\counter-strike source\hl2.exe:*:Enabled:hl2 ()

C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006 (Sports Interactive Ltd)

C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service File not found

C:\Program Files\RssReader\RssReader.exe:*:Enabled:RssReader.exe File not found

C:\Program Files\Kontiki\KHost.exe:*:Enabled:KHost.exe File not found

C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)

C:\Documents and Settings\Daniel\Application Data\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 (Firaxis Games)

C:\Program Files\THQ\Dawn Of War\W40k.exe:*:Enabled:W40k File not found

C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:RelicCOH (THQ Canada Inc.)

C:\Program Files\Castle-Combat\main.exe:*:Enabled:main ()

C:\Program Files\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile File not found

C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne File not found

C:\Program Files\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-enGB-downloader.exe:*:Enabled:Blizzard Downloader File not found

C:\Program Files\THQ\Company of Heroes\Archive.exe:*:Enabled:Archive (THQ Canada Inc.)

C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater (Nokia Corporation)

C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process (Nokia Corporation)

C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC (mIRC Co. Ltd.)

C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb File not found

C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray File not found

C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client File not found

C:\Program Files\Steam\steamapps\[email protected]\day of defeat source\hl2.exe:*:Enabled:hl2.exe ()

C:\Program Files\Steam\steamapps\[email protected]\zombie panic! source\hl2.exe:*:Enabled:hl2 ()

C:\Program Files\Steam\Steam.exe:*:Enabled:Steam (Valve Corporation)

C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)

C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify (Spotify AB)

C:\Program Files\Chami\HTML-Kit\Bin\HTMLKit.exe:*:Enabled:HTML-Kit (Chami.com)

C:\Documents and Settings\Daniel\Local Settings\Temp\Blizzard Launcher Temporary - f4950858\Launcher.exe:*:Enabled:Blizzard Launcher File not found

C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft File not found

C:\Program Files\Steam\steamapps\common\left 4 dead demo\left4dead.exe:*:Enabled:Left 4 Dead Demo ()

C:\Program Files\Steam\steamapps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:Peggle Extreme ()

C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)

C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update

"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series

"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{18D00C9F-B259-4838-871A-C61FCFF34C59}" = EA SPORTSâ„¢ Rugby 08

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI

"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86

"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{23FE964A-853B-4176-86D7-9E18B5CA1FC0}" = Media Center Extender

"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2

"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI

"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver

"{2C0CD17D-0B06-4700-83FA-7344B868B0A2}" = Opera 9.63

"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes

"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe

"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer

"{48110A46-A3A4-481E-8230-7873B7F4C696}" = Nokia Software Updater

"{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}" = Football Manager 2006

"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update

"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI

"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings

"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skypeâ„¢ 3.8

"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail

"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup

"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1

"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel

"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings

"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI

"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI

"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A8AD6CB8-DE96-43FA-9B73-5FB873DD1CAE}" = Sound Blaster Audigy 4

"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BD045381-7A9F-3FEE-C947-320D1AFF5F1D}" = twhirl

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver

"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver

"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D4576E0D-2295-4B8E-B663-B68086B00EE5}" = Sonic CinePlayer DVD Pack

"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support

"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPOREâ„¢ Creature Creator Trial Edition

"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0

"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call

"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Windows Driver Package - Nokia Modem (10/12/2007 3.6)

"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2)

"AC3Filter" = AC3Filter (remove only)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3

"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2

"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings

"Age of Mythology 1.0" = Age of Mythology

"Audacity_is1" = Audacity 1.2.6

"AudibleManager" = AudibleManager

"AudioConSole" = Creative Audio Console

"avast!" = avast! Antivirus

"Avidemux 2.4" = Avidemux 2.4

"AviSynth" = AviSynth 2.5

"BOB Books_is1" = BOB Books Version 1.5.0.4

"Bookworm Adventures Deluxe 1.0.1.100" = Bookworm Adventures Deluxe 1.0.1.100

"Bridge Building Game" = Bridge Building Game

"Canon MP520 series User Registration" = Canon MP520 series User Registration

"CanonMyPrinter" = Canon My Printer

"Castle-Combat_is1" = Castle-Combat 0.8.0

"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows Driver Package - Nokia Modem (03/05/2008 3.7)

"Company of Heroes" = Company of Heroes

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"D-Link VGA Webcam" = D-Link VGA Webcam

"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)

"EHome Devices" = Media Center Extender

"FileZilla Client" = FileZilla Client 3.2.2.1

"Flickr Uploadr" = Flickr Uploadr 3.0.2

"foobar2000" = foobar2000 v0.9.6.1

"Football Manager 2008" = Football Manager 2008

"Hamachi" = Hamachi 1.0.2.5

"HijackThis" = HijackThis 2.0.2

"HTMLKit_is1" = HTML-Kit

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"IrfanView" = IrfanView (remove only)

"Mesh" = Mesh Online

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"mIRC" = mIRC

"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Naked War_is1" = NakedWar

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Nokia PC Suite" = Nokia PC Suite

"NVIDIA Drivers" = NVIDIA Drivers

"On the Rain-Slick Precipice of Darkness, Episode One" = On the Rain-Slick Precipice of Darkness, Episode One

"OpenAL" = OpenAL

"PC Pitstop Driver Alert_is1" = PC Pitstop Driver Alert 1.0

"PlayFLV" = PlayFLV

"PokerStars" = PokerStars

"Rainlendar2" = Rainlendar2 (remove only)

"RealPlayer 6.0" = RealPlayer

"Red Alert 2" = Command & Conquer Red Alert 2

"Spotify" = Spotify

"Steam App 17500" = Zombie Panic! Source

"Steam App 211" = Source SDK

"Steam App 220" = Half-Life 2

"Steam App 240" = Counter-Strike: Source

"Steam App 300" = Day of Defeat: Source

"Steam App 3483" = Peggle Extreme

"Steam App 410" = Portal: The First Slice

"Steam App 500" = Left 4 Dead

"Steam App 530" = Left 4 Dead Demo

"SysInfo" = Creative System Information

"SystemRequirementsLab" = System Requirements Lab

"The General_is1" = The General 4.0

"Trials 2 SE" = Trials 2 Second Edition

"TripleAVersion1_0_0_2" = TripleA Version 1_0_0_2

"VLC media player" = VideoLAN VLC media player 0.8.6e

"VobSub" = VobSub v2.23 (Remove Only)

"WampServer 2_is1" = WampServer 2.0

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.4.2

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinPatrol" = WinPatrol 2008

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

"ZEN (MTP) Media Explorer" = ZEN Media Explorer

"ZENcast Organizer" = ZENcast Organizer

"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4

"fc08-FR_CANALPLUS_MAIN" = Footeball Challenge 2008 (Canal+)

"Google Chrome" = Google Chrome

"uTorrent" = µTorrent

"VASSAL" = VASSAL

"Warcraft III" = Warcraft III

"Wow Web Stats Client" = Wow Web Stats Client

"Wow Web Stats Client v2.4" = Wow Web Stats Client v2.4

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\PREFMANAGER.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\UTILS.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\CONFIG.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\CONVERT2REGEXP.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\MISCAPIS.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\XMLHTTPREQUESTER.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}\CHROME\CHROMEFILES\CONTENT\UPDATER.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\PREFS.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\USER.JS

failed, 00000005.

Error - 25/03/2009 15:02:34 | Computer Name = FLAMS | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\DANIEL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Y9T91JMR.DEFAULT\SESSIONSTORE.JS

failed, 00000005.

[ Application Events ]

Error - 13/04/2009 06:19:37 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

Error - 13/04/2009 12:28:50 | Computer Name = FLAMS | Source = Media Center Guide | ID = 0

Description = Event Info: Guide creation error. Process: DefaultDomain Object Name:

Media Center Guide

Error - 13/04/2009 12:29:23 | Computer Name = FLAMS | Source = Media Center Guide | ID = 0

Description = Event Info: Guide creation error. Process: DefaultDomain Object Name:

Media Center Guide

Error - 13/04/2009 14:09:07 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

Error - 13/04/2009 15:09:08 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

Error - 14/04/2009 05:51:06 | Computer Name = FLAMS | Source = Media Center Guide | ID = 0

Description = Event Info: Guide creation error. Process: DefaultDomain Object Name:

Media Center Guide

Error - 14/04/2009 11:47:49 | Computer Name = FLAMS | Source = Media Center Guide | ID = 0

Description = Event Info: Guide creation error. Process: DefaultDomain Object Name:

Media Center Guide

Error - 14/04/2009 12:28:22 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

Error - 14/04/2009 13:28:21 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

Error - 14/04/2009 14:28:23 | Computer Name = FLAMS | Source = Google Update | ID = 20

Description =

[ System Events ]

Error - 14/03/2009 07:07:32 | Computer Name = FLAMS | Source = Service Control Manager | ID = 7031

Description = The Media Center Receiver Service service terminated unexpectedly.

It has done this 1 time(s). The following corrective action will be taken in

5000 milliseconds: Restart the service.

Error - 17/03/2009 05:13:59 | Computer Name = FLAMS | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{EFF8EF31-3BF2-4483-A95B-3EBC4BED79AA}

because another computer on the network has the same name. The server could not

start.

Error - 19/03/2009 13:29:06 | Computer Name = FLAMS | Source = Print | ID = 6161

Description = The document Jamie Oliver - Recipes - ba... owned by Daniel failed

to print on printer Canon MP520 series Printer. Data type: NT EMF 1.008. Size of

the spool file in bytes: 6977808. Number of bytes printed: 4877560. Total number

of pages in the document: 2. Number of pages printed: 0. Client machine: \\FLAMS.

Win32 error code returned by the print processor: 13 (0xd).

Error - 11/04/2009 06:32:21 | Computer Name = FLAMS | Source = Print | ID = 6161

Description = The document Jamie Oliver - Recipes - pi... owned by Daniel failed

to print on printer Canon MP520 series Printer. Data type: NT EMF 1.008. Size of

the spool file in bytes: 29508172. Number of bytes printed: 3148380. Total number

of pages in the document: 12. Number of pages printed: 0. Client machine: \\FLAMS.

Win32 error code returned by the print processor: 13 (0xd).

Error - 12/04/2009 09:01:22 | Computer Name = FLAMS | Source = TermService | ID = 1006

Description = The terminal server received large number of incomplete connections.

The system may be under attack.

< End of report >

Link to post
Share on other sites

hello

Run OTList2.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTLI
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
    SRV - (HauppaugeTVServer [On_Demand | Stopped]) -- File not found
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
    [2007/12/28 16:06:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
    [2009/04/14 19:54:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\uTorrent
    [2008/05/15 23:09:43 | 00,000,000 | ---D | M] -- C:\Program Files\uTorrent

    :Services

    :Reg

    :Files

    :Commands
    [purity]
    [emptytemp]
    [start explorer]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

Please download ATF Cleaner by Atribune.

  • Double-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases

[*]Click on My Computer under Scan.

[*]Once the scan is complete, it will display the results. Click on View Scan Report.

[*]You will see a list of infected items there. Click on Save Report As....

[*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Link to post
Share on other sites

========== OTLISTIT ==========

Process explorer.exe killed successfully!

No active process named aawservice.exe was found!

Service\Driver HauppaugeTVServer deleted successfully.

File File not found not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

C:\Documents and Settings\All Users\Application Data\Azureus moved successfully.

C:\Documents and Settings\Daniel\Application Data\uTorrent moved successfully.

C:\Program Files\uTorrent moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

========== COMMANDS ==========

File delete failed. C:\Documents and Settings\Daniel\Local Settings\Temp\~DF1184.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Internet Explorer cache folder emptied.

File delete failed. C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\535VW5IK\01[2].htm scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\535VW5IK\ADSAdClient31[2].htm scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

User's Temporary Internet Files folder emptied.

Local Service Temp folder emptied.

File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Local Service Temporary Internet Files folder emptied.

Network Service Temp folder emptied.

File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Network Service Temporary Internet Files folder emptied.

File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7d4.dat scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_830.dat scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_8d8.dat scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS\temp\ZLT076c7.TMP scheduled to be deleted on reboot.

Windows Temp folder emptied.

Java cache emptied.

FireFox cache emptied.

Opera cache emptied.

Temp folders emptied.

Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.14.0 log created on 04152009_181458

Files moved on Reboot...

C:\Documents and Settings\Daniel\Local Settings\Temp\~DF1184.tmp moved successfully.

File C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\535VW5IK\01[2].htm not found!

File C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\535VW5IK\ADSAdClient31[2].htm not found!

File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

File C:\WINDOWS\temp\Perflib_Perfdata_7d4.dat not found!

File C:\WINDOWS\temp\Perflib_Perfdata_830.dat not found!

File C:\WINDOWS\temp\Perflib_Perfdata_8d8.dat not found!

File C:\WINDOWS\temp\ZLT076c7.TMP not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites
Guest
This topic is now closed to further replies.