carolineseed Posted June 4, 2010 Posted June 4, 2010 Does anyone know how to remove W32/Xor.encoded.A? Norton Antivirus doesn't detect it. I don't want to have to buy another antivirus just to remove this malware. Quote
schrauber Posted June 4, 2010 Posted June 4, 2010 Hello, carolineseed Welcome to the FreePcHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems. Please take note of some guidelines for this fix: Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken. Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post. Please set your system to show all files. Click Start, open My Computer, select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders. Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Please download OTL from one of the following mirrors: This is THE Mirror [*]Save it to your desktop. [*]Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon on your desktop. [*]Under the Custom Scan box paste this in netsvcs %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys /md5stop %systemroot%\*. /mp /s CREATERESTOREPOINT [*]Push the Quick Scan button. [*]Two reports will open, copy and paste them in a reply here: OTL.txt <-- Will be opened Extra.txt <-- Will be minimized Quote regards,schrauber Proud Member of ASAP and UNITE since 2009 If you think I have helped you please consider making a donation to the forums. Thanks!
carolineseed Posted June 9, 2010 Author Posted June 9, 2010 Hi. Thank you very much. I have just received your instructions. I am not sure how to set my system to show all files. Could you clarify please? I am not in the UK at the moment and the wireless connection I am using doesn't support big downloads easily. Could you let me know what size the OTL download is? Thanks Quote
schrauber Posted June 11, 2010 Posted June 11, 2010 OTL has only a few MB. Please go to start >> system control panel >> folder options. There you can change the settings. Quote regards,schrauber Proud Member of ASAP and UNITE since 2009 If you think I have helped you please consider making a donation to the forums. Thanks!
jaykay Posted June 11, 2010 Posted June 11, 2010 Same problem, have to run in safe mode. Grateful for help. OTL logfile created on: 11/06/2010 20:27:27 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Jason\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 61.94 Gb Total Space | 10.51 Gb Free Space | 16.97% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.87 Gb Free Space | 48.67% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JASON-PC Current User Name: Jason Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/06/11 20:24:54 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe PRC - [2009/07/15 12:20:02 | 000,881,920 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2009\ApVxdWin.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/26 21:20:17 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe ========== Modules (SafeList) ========== MOD - [2010/06/11 20:24:54 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (stllssvr) SRV - File not found [Auto | Stopped] -- -- (Autodata Limited License Service) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc) SRV - [2008/10/26 21:20:17 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2008/09/25 07:28:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2008/07/17 13:35:58 | 000,157,440 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe -- (TPSrv) SRV - [2008/07/16 14:45:20 | 000,181,504 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe -- (Panda Software Controller) SRV - [2008/07/10 12:02:00 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe -- (PAVFNSVR) SRV - [2008/07/04 14:28:34 | 000,290,048 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrvx86.exe -- (PAVSRV) SRV - [2008/07/02 14:09:36 | 000,060,160 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\GWMsrv.dll -- (Gwmsrv) SRV - [2008/06/28 20:53:28 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - [2008/06/25 16:43:08 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe -- (PskSvcRetail) SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe -- (PSIMSVC) SRV - [2008/06/12 15:31:40 | 000,226,608 | ---- | M] (Panda Software International) [Auto | Stopped] -- c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE -- (PSHost) SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/11/12 12:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007/11/12 12:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing) SRV - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2007/02/08 16:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009/05/11 19:55:53 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\COMFiltr.sys -- (ComFiltr) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2008/09/15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008/09/15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008/09/15 08:56:24 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008/07/28 18:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus) DRV - [2008/07/11 14:58:26 | 000,158,848 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\Windows\System32\drivers\NETFLTDI.SYS -- (NETFLTDI) DRV - [2008/07/11 08:05:00 | 000,092,712 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\SENTINEL.SYS -- (Sentinel) DRV - [2008/07/11 08:05:00 | 000,037,088 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (SNTNLUSB) DRV - [2008/06/27 07:08:40 | 000,207,656 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2008/06/26 12:25:28 | 000,197,888 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\neti1634.sys -- (NETIMFLT01060034) DRV - [2008/06/25 15:42:18 | 000,073,728 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\APPFLT.SYS -- (APPFLT) DRV - [2008/06/20 06:41:38 | 000,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2008/06/18 16:06:10 | 000,046,720 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\wnmflt.sys -- (WNMFLT) DRV - [2008/06/18 16:06:04 | 000,193,792 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\idsflt.sys -- (IDSFLT) DRV - [2008/06/18 16:06:02 | 000,052,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\dsaflt.sys -- (DSAFLT) DRV - [2008/03/28 11:25:06 | 000,022,072 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\fnetmon.sys -- (FNETMON) DRV - [2008/03/04 16:59:42 | 000,041,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ShlDrv51.sys -- (ShldDrv) DRV - [2008/02/13 22:14:02 | 000,049,208 | ---- | M] (Panda Software International) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\amm8660.sys -- (AmFSM) DRV - [2008/02/07 21:11:41 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/02/07 21:11:41 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/02/07 21:11:41 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/02/07 13:03:08 | 000,179,640 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PavProc.sys -- (PavProc) DRV - [2008/01/02 17:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/12/12 08:03:12 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2007/11/16 16:52:22 | 000,054,400 | ---- | M] (Ross-Tech, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT-USB.SYS -- (RT-USB) DRV - [2007/11/12 12:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/09/29 06:31:54 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007/09/06 17:43:26 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor) DRV - [2007/09/06 17:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/09/06 17:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/09/06 17:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/08/13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2007/08/13 03:48:43 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2007/06/07 00:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV - [2007/06/01 14:57:18 | 000,178,176 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI) DRV - [2007/05/30 17:50:54 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50) DRV - [2007/04/10 22:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000) DRV - [2006/11/03 03:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006/11/03 03:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006/11/03 03:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/11/02 08:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel® DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2006/11/01 21:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2006/08/05 01:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = Google IE - HKLM\..\URLSearchHook: {f2257711-226b-4529-8e1d-e82e1c55ebd8} - C:\Program Files\Feboz\tbFebo.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Free UK Mainland Delivery on all Aerowalkers Orders. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "Free UK Mainland Delivery on all Aerowalkers Orders." FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/24 16:23:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/05 21:36:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.17\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/22 21:38:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.17\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/06/05 21:36:16 | 000,000,000 | ---D | M] [2010/03/18 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions [2010/06/09 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\euirp7hv.default\extensions [2010/03/19 20:09:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\euirp7hv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/03/18 16:53:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/01/16 01:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/01/16 01:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/01/16 01:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/01/16 01:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {01C9A06F-B062-486B-ABA8-9505F52259CF} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (Feboz Toolbar) - {f2257711-226b-4529-8e1d-e82e1c55ebd8} - C:\Program Files\Feboz\tbFebo.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Feboz Toolbar) - {f2257711-226b-4529-8e1d-e82e1c55ebd8} - C:\Program Files\Feboz\tbFebo.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Feboz Toolbar) - {F2257711-226B-4529-8E1D-E82E1C55EBD8} - C:\Program Files\Feboz\tbFebo.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\try\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sCANINICIO] C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [systray] C:\Program Files\Dell\Dell Mobile Broadband\systray.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [uDC Integration] File not found O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Compfast] C:\ProgramData\saveaxisaxis.udk File not found O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe () O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Seite nicht gefunden (Facebook Photo Uploader 5 Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4} http://sell.autotrader.co.uk/uk-ola/common/TraderMediaX.cab (TraderMediaImgX Control) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook.com/fbplugin/win32/axfbootloader.cab?1265746254767 (Reg Error: Key error.) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.com/download/vexcast.cab (VodClient Control Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O30 - LSA: Authentication Packages - (C:\Windows\system32\ssqRLFvS) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{07826156-dbca-11dc-b2a3-001d093b0d9b}\Shell - "" = AutoRun O33 - MountPoints2\{07826156-dbca-11dc-b2a3-001d093b0d9b}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{5d78f841-3b03-11dd-b68a-00038a000015}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{a7e6c5a3-01b6-11de-8a12-001d093b0d9b}\Shell\AutoRun\command - "" = H:\WDSetup.exe -- File not found O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\WDSetup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008/08/29 16:47:10 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 90 Days ========== [2010/06/11 20:24:49 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe [2010/06/11 07:29:45 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Adobe [2010/06/10 19:24:24 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8 [2010/04/12 19:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010/03/31 02:58:24 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl [2010/03/19 20:08:43 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\2XPDFStore [2010/03/18 16:53:20 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Mozilla [2010/03/18 16:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/03/18 12:06:20 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\2XClient [2010/03/18 12:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\2X [3 C:\Users\Jason\Desktop\*.tmp files -> C:\Users\Jason\Desktop\*.tmp -> ] [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/06/11 20:27:42 | 005,767,168 | -HS- | M] () -- C:\Users\Jason\ntuser.dat [2010/06/11 20:24:54 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe [2010/06/11 19:59:06 | 000,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/11 19:59:06 | 000,601,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/11 19:59:06 | 000,105,502 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/11 19:54:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/11 19:54:10 | 000,000,136 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg [2010/06/11 19:54:10 | 000,000,116 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt [2010/06/11 19:52:29 | 000,000,136 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg.bck [2010/06/11 19:51:36 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/11 19:51:35 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/11 07:46:40 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/11 07:43:07 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG.bck [2010/06/11 07:43:07 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG [2010/06/11 07:00:40 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\WnmFlt.cfg.bck [2010/06/11 07:00:40 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\WnmFlt.cfg [2010/06/11 07:00:39 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg.bck [2010/06/11 07:00:39 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg [2010/06/11 07:00:39 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg.bck [2010/06/11 07:00:39 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg [2010/06/11 07:00:39 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg.bck [2010/06/11 07:00:39 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg [2010/06/11 07:00:12 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt.bck [2010/06/11 07:00:12 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt [2010/06/11 06:59:19 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/11 06:59:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/11 06:58:16 | 000,524,288 | -HS- | M] () -- C:\Users\Jason\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms [2010/06/11 06:58:16 | 000,065,536 | -HS- | M] () -- C:\Users\Jason\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf [2010/06/10 21:55:12 | 000,024,736 | ---- | M] () -- C:\Users\Jason\Desktop\bitdefender scan.html [2010/06/10 07:12:28 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 22:02:14 | 001,893,926 | ---- | M] () -- C:\Windows\umcat_01.db [2010/06/09 20:52:55 | 000,135,168 | ---- | M] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/09 19:25:27 | 000,000,116 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt.bck [2010/06/07 21:54:15 | 000,424,280 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT.bck [2010/06/07 21:54:15 | 000,424,280 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT [2010/06/07 21:52:21 | 000,000,864 | ---- | M] () -- C:\Users\Jason\Desktop\Eusing Free Registry Cleaner.lnk [2010/06/07 21:47:06 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC [2010/06/04 13:24:20 | 000,000,638 | ---- | M] () -- C:\Users\Jason\Desktop\VCDS Release 908.lnk [2010/06/03 21:42:24 | 000,034,304 | ---- | M] () -- C:\Users\Jason\Documents\Jason Kay Resume 2 6 2010.doc [2010/05/27 19:42:54 | 005,097,600 | ---- | M] () -- C:\Users\Jason\Desktop\cardigans-lovefool.mp3 [2010/05/20 18:46:20 | 000,378,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/05/08 22:37:17 | 000,103,280 | ---- | M] () -- C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT [2010/05/08 22:37:07 | 000,002,880 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/04/24 16:19:12 | 000,000,128 | ---- | M] () -- C:\Users\Jason\998kcfm.asx [2010/04/12 19:48:26 | 000,001,396 | ---- | M] () -- C:\Users\Jason\Desktop\DivX Movies.lnk [2010/04/12 19:47:15 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010/04/12 19:46:41 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010/04/03 22:06:21 | 000,014,227 | ---- | M] () -- C:\Users\Jason\Documents\Award Application.docx [2010/03/31 02:58:24 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl [2010/03/18 16:53:14 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/18 12:04:46 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\2X Client.lnk [2010/03/18 12:03:55 | 002,917,888 | ---- | M] () -- C:\Users\Jason\2xclient.msi [3 C:\Users\Jason\Desktop\*.tmp files -> C:\Users\Jason\Desktop\*.tmp -> ] [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/10 22:00:42 | 000,024,736 | ---- | C] () -- C:\Users\Jason\Desktop\bitdefender scan.html [2010/06/09 22:01:45 | 001,893,926 | ---- | C] () -- C:\Windows\umcat_01.db [2010/06/04 13:24:20 | 000,000,638 | ---- | C] () -- C:\Users\Jason\Desktop\VCDS Release 908.lnk [2010/06/03 21:35:59 | 000,034,304 | ---- | C] () -- C:\Users\Jason\Documents\Jason Kay Resume 2 6 2010.doc [2010/05/27 19:41:31 | 005,097,600 | ---- | C] () -- C:\Users\Jason\Desktop\cardigans-lovefool.mp3 [2010/04/24 16:19:06 | 000,000,128 | ---- | C] () -- C:\Users\Jason\998kcfm.asx [2010/04/12 19:47:15 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010/04/12 19:46:41 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010/04/03 16:59:41 | 000,014,227 | ---- | C] () -- C:\Users\Jason\Documents\Award Application.docx [2010/03/18 16:53:14 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/18 12:04:46 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\2X Client.lnk [2010/03/18 12:03:47 | 002,917,888 | ---- | C] () -- C:\Users\Jason\2xclient.msi [2009/09/24 07:09:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/06/11 03:04:13 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2009/05/28 19:11:37 | 000,001,035 | ---- | C] () -- C:\Windows\JJTIS.INI [2009/02/23 11:04:28 | 000,013,880 | ---- | C] () -- C:\Windows\System32\drivers\COMFiltr.sys [2009/02/23 10:42:29 | 000,000,423 | ---- | C] () -- C:\Windows\AvDetected.ini [2009/01/23 15:12:41 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll [2009/01/23 15:12:41 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll [2009/01/23 15:12:41 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2009/01/23 15:12:41 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2008/12/05 17:36:27 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll [2008/12/05 17:36:26 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll [2008/11/28 12:02:41 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI [2008/11/22 22:50:33 | 001,621,106 | -HS- | C] () -- C:\Windows\System32\kribrumk.ini [2008/11/20 14:06:54 | 001,606,769 | -HS- | C] () -- C:\Windows\System32\jpnfaxye.ini [2008/11/18 17:55:50 | 001,555,500 | -HS- | C] () -- C:\Windows\System32\eiqvrgam.ini2 [2008/11/08 21:04:07 | 001,916,136 | -HS- | C] () -- C:\Windows\System32\blvhqeju.ini [2008/11/08 16:57:09 | 001,916,064 | -HS- | C] () -- C:\Windows\System32\dfyvbqvx.ini [2008/11/03 22:00:21 | 001,916,064 | -HS- | C] () -- C:\Windows\System32\xplylymn.ini [2008/11/01 14:14:50 | 000,702,120 | -HS- | C] () -- C:\Windows\System32\SvFLRqss.ini2 [2008/11/01 14:14:50 | 000,696,689 | -HS- | C] () -- C:\Windows\System32\SvFLRqss.ini [2008/10/25 19:44:55 | 000,000,080 | RHS- | C] () -- C:\Windows\System32\27829F2541.dll [2008/07/11 19:14:18 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll [2008/07/11 15:51:54 | 000,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI [2008/07/11 15:51:41 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL [2008/07/04 15:40:01 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI [2008/05/01 21:03:39 | 000,002,880 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2008/05/01 21:03:39 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\2BD0B7AF1E.sys [2008/04/28 17:13:33 | 000,000,310 | ---- | C] () -- C:\Windows\primopdf.ini [2008/02/15 22:06:25 | 000,000,904 | ---- | C] () -- C:\Windows\ODBC.INI [2008/02/07 21:12:14 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2008/02/07 21:12:14 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1253.dll [2008/02/07 21:12:13 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2008/02/07 21:12:12 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2008/02/07 13:35:12 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll [2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll [2007/04/10 22:46:48 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini [2006/11/02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll [1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== LOP Check ========== [2010/06/02 08:05:09 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\2XClient [2010/02/14 22:20:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Any Video Converter [2008/02/19 11:55:53 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\BitTorrent [2008/12/12 22:54:11 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DassaultSystemes [2009/02/23 17:25:32 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DNA [2008/12/24 13:47:04 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Doblon [2010/02/09 21:17:08 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Facebook [2009/12/07 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\FileZilla [2008/10/23 15:05:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\gtk-2.0 [2009/05/25 18:18:09 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ImgBurn [2008/11/26 14:32:49 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Imperial [2010/02/23 20:16:44 | 000,000,000 | -HSD | M] -- C:\Users\Jason\AppData\Roaming\lowsec [2008/08/21 17:09:37 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia [2008/08/25 10:12:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Nokia Multimedia Player [2008/08/21 17:22:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\NSeries [2009/02/23 11:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Panda Security [2008/08/21 17:09:08 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PC Suite [2010/04/03 16:50:54 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PPLive [2008/06/24 20:09:44 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Thunderbird [2010/06/11 06:58:14 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\uTorrent [2010/06/08 06:38:11 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2008/02/07 21:00:20 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys [2008/02/07 21:00:20 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys [2008/02/07 21:00:20 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys [2008/02/07 21:00:20 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2008/02/07 21:00:55 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_e6b2949c\atapi.sys [2008/02/07 21:00:55 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20544_none_dbb443eb3d9db847\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008/02/07 21:00:44 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys [2008/02/07 21:11:41 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys [2008/02/07 21:11:41 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys [2008/02/07 21:11:41 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys [2008/02/07 21:11:41 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys [2008/02/07 21:00:18 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys [2008/02/07 21:00:18 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys [2008/02/07 21:00:44 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys [2008/02/07 21:00:44 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys [2008/02/15 14:03:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/02/15 14:03:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/02/15 14:03:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys [2008/02/15 14:03:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007/09/06 17:43:26 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Drivers\storage\R166200\iastor.sys [2007/03/21 13:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys [2007/09/06 17:43:26 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys [2007/09/06 17:43:26 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys [2007/09/06 17:43:26 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_5f6e7be5\iaStor.sys [2007/03/21 13:59:30 | 000,381,720 | ---- | M] (Intel Corporation) MD5=9D7ED4275702E2FC409F2CC563245740 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys < MD5 for: IASTORV.SYS > [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Jason\Documents\My PSP Files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jason\Documents\My Corel Shows:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jason\Documents\Downloads:Roxio EMC Stream @Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > Quote
jaykay Posted June 11, 2010 Posted June 11, 2010 Extras.txt OTL Extras logfile created on: 11/06/2010 20:27:27 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Jason\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 61.94 Gb Total Space | 10.51 Gb Free Space | 16.97% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 4.87 Gb Free Space | 48.67% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JASON-PC Current User Name: Jason Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .js [@ = jsfile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) .jse [@ = JSEFile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) .vbe [@ = VBEFile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) .vbs [@ = VBSFile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) .wsf [@ = WSFFile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) .wsh [@ = WSHFile] -- C:\Program Files\Panda Security\Panda Internet Security 2009\PAVSCRIP.EXE (Panda Security, S.L.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05A6C4C3-7BDD-4B48-B914-1B3CF2B838CC}" = lport=139 | protocol=6 | dir=in | app=system | "{265C6E9E-29EC-456D-9FCA-8BE7B3F6D854}" = rport=139 | protocol=6 | dir=out | app=system | "{5BDA10B8-0560-41B1-8E40-C50093E62C8C}" = lport=138 | protocol=17 | dir=in | app=system | "{5C08BB34-96D2-4B00-B500-88EC30276CBA}" = lport=137 | protocol=17 | dir=in | app=system | "{84E9E430-BCCA-4F74-BEAC-829B19EACB66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{90B69B6B-FCA0-41A5-BC50-2C7228CA6D86}" = lport=445 | protocol=6 | dir=in | app=system | "{940E8482-E7F1-412E-8C39-98D4A38D5F2C}" = rport=445 | protocol=6 | dir=out | app=system | "{9AF24CC8-9A19-4E65-A58E-5E0377B18208}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{9F755616-29EB-4F79-B1E5-1E3B79BF728C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A0718845-45A1-41E2-B95C-2218E5B71D69}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{C1531431-A4DC-4F25-AAEC-6B41DAD8D195}" = lport=2869 | protocol=6 | dir=in | app=system | "{E28F3E0F-D221-4A50-BA9B-5083DDE971D0}" = lport=21617 | protocol=6 | dir=in | name=utorrent | "{F76CB280-CF22-4E50-9E16-D2F0D009E455}" = rport=138 | protocol=17 | dir=out | app=system | "{F7A34E51-12F8-47BC-B6A4-DCD483458D51}" = rport=137 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0616C86F-3C78-4D31-9995-4BC315483CA0}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbchannelscan.exe | "{0DBE4AE0-F70B-48A3-88FE-D38754D3D3F1}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{10C4ECE7-6760-4483-9BDA-62C717F5BA9B}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{13593E11-EBF9-4DC6-9A22-2C2C95F7083D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1A878CBA-853B-431A-AD23-667DB2B5037B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | "{252CB8F7-06FB-4AE8-AAAF-47AAF84F86D3}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe | "{278D3A55-C1D1-467F-96F9-9DC318C23E5E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{2CB87365-FA36-4C11-A559-598C5DAB53E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3552E525-F4D0-4380-945A-1F0CCB1CAF6C}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbtray.exe | "{39DAB9DF-1B9D-45DF-997C-8984BA251C13}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{3A3AE715-06FE-489C-9755-E3FAEF1FC070}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | "{3B62119B-8BF8-43F5-AD0E-6CC0D564FC56}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3F0F24F5-A450-4765-86DB-96E593274D6C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{43081FB6-B20D-4FA0-8264-B8270F22ED05}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbchannelscan.exe | "{4A85EF3B-ABF9-4899-912B-D29B0AA9E658}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5275D8AE-200C-4210-A8C6-55E4E941B399}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{55776531-BEB0-4597-959C-4109734C7D9D}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbtray.exe | "{564C995C-5BFA-4E16-B898-18A0F41BF56E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{589A7C48-4AF7-41BF-A9A8-0A9C320C69E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1203094247\ee\aolsoftware.exe | "{58EED7A2-F355-4CCF-997B-7C67E5506497}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe | "{58FD8EC2-B1BA-4E56-8D1D-0B96097B1168}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{590ECDB8-E588-4D5C-BC79-5CB743E4ABE3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{701578EB-B3C7-4BAB-A44A-F5FDD510F16D}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | "{73E02A93-BC04-4721-974B-04D8D64208F0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{74D5A3E6-C65F-439B-B01E-97F44A30C8D6}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | "{7BA3BA18-FE9F-4BD4-B126-D5F6D11C8EAC}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{7BC12963-B740-442B-91B2-2FCB9219A823}" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe | "{7C864780-4E43-446E-B1EA-0265186B058E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7CD46BB2-F22D-426C-A72B-5410328AA7EB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7F67BCB4-9182-4BCA-B801-B417A9D49720}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe | "{8153254B-729C-4F36-AF32-D06B5C3CAA95}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | "{889F3C73-1D66-49CC-93CC-3EBA90468269}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{88E3A306-2F48-4A07-A041-28E419C8EF36}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{89154A53-8024-43AB-87AD-3787FFE15FBC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{90B63438-2526-4B3A-86FF-53C2D7C9D224}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1203094247\ee\aolsoftware.exe | "{9DB5D3EA-DB06-4051-A073-CD960C48CEE6}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{9E0AB39F-D0AE-47BB-96E3-BA5AF6305AB0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{A51F394E-27E1-45F2-95CB-477DF939636B}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe | "{A5AB9617-5ECD-4D2C-9FC4-A501A6A9CE6D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{A709D75D-7C70-4432-B7DC-91F6C920799F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | "{A8C37AF5-1A0E-4D84-BADF-3058C6287430}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\xmltv.exe | "{AB7B379B-1095-4103-8B48-32F8CBA3DBAC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{ACD10EEA-B62A-49A3-A9C8-523489F4E5BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B4B19C59-8107-4785-9959-5F2C422AC258}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{B7E07023-0D01-456D-9F50-756D9A2FA272}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B91AD96B-8B5F-41B2-9359-C1B9795DE9E4}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{BDB1E352-C1AD-454D-9CAD-EF01A2E4A27B}" = protocol=17 | dir=in | app=c:\program files\pplive\pplive.exe | "{BF753310-8956-48A3-8431-018ECAC0EAA3}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{BFA7E5B6-BAE4-42DB-83FB-C4C15A9C7F76}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | "{C65EFC5C-29DE-407F-B607-438D831B3E26}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{CA2633C0-64C2-4EC1-BE4E-4C517BCC2D67}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\xmltv.exe | "{CA37ECC6-6C28-424C-89E2-F1161E1F8349}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{CB7F3459-2E4E-4FB3-9AD3-DB9D9ACEE4C5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{D70D48A4-4E32-4F29-9194-F2E655AEEEF5}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{DBE1B343-AFA0-4180-8F8C-DF851A4117F1}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{DC1FE532-D06E-4663-9067-B2B8839701D2}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | "{E5341D05-BE5B-4F9A-9001-F219B2E1D537}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E932DBAF-9FF7-4F0C-ACB0-1EC7EA5A2846}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{ED1C093F-99A9-4AE6-AF92-DEE4DCF434B2}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{3746E3C4-4B78-4BAC-ABC9-2A0A94BD3A88}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "TCP Query User{55BFACDE-7037-41F5-9540-916F4579B247}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{5B0AE8AC-19F5-4F94-82C3-8FCBADC69B91}C:\program files\2x\client\tsclient.exe" = protocol=6 | dir=in | app=c:\program files\2x\client\tsclient.exe | "TCP Query User{7AF05882-DEE0-4890-A2D2-7529D889CA73}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{8E7589C4-54BF-49EA-A061-BBDEF4381FFD}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{9E72CD06-D74E-42A7-BFD8-680639471204}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | "TCP Query User{A9FFC8D9-CCBA-45B4-B8D1-114C31C1855C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | "TCP Query User{AC99C10A-AB0A-4F48-B269-BB88A2933E79}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe | "TCP Query User{D1E6F570-CD45-47DD-8109-EBE4424FF041}C:\program files\pplive\pplive.exe" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe | "TCP Query User{E55A3BFD-E9F2-4487-94AD-E1DCA13D1C1D}C:\users\jason\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\jason\program files\dna\btdna.exe | "TCP Query User{E9DD7F0E-92B1-434F-B58D-55939AE22205}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{ED2FC9AD-D2BD-42D6-99A8-F17FFA195018}C:\program files\pplive\pplive.exe" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe | "TCP Query User{F86D06A7-5D30-4220-9565-980AEF31A516}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{166A5750-D90C-421C-8507-7CA8551D0B54}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{22155C21-A81D-4852-B471-71374BCEDED7}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{4318FB16-393C-443F-B9F8-35A3B3CD2934}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe | "UDP Query User{4EC4ABAF-9CC4-4841-A13F-83ECADF6845B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{4FDB3A11-9149-47AD-8E64-F8F7D374DD5A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{5C0ECC78-0351-48BF-B39F-4CDB1A0A657B}C:\users\jason\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\jason\program files\dna\btdna.exe | "UDP Query User{B2F8B0A3-D5BF-4EEF-869A-A58328E5190A}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | "UDP Query User{BCE3A97B-5837-491D-B541-0EE7B4261A60}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | "UDP Query User{E45423AF-D3AD-471D-9C95-58A9CEBCEDBC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{0650BB10-BCF4-400A-85EE-04097E3046C6}" = Adobe Setup "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{0DB87EAC-F695-4D59-9609-C93119AE6B35}" = SAMSUNG Dr. Printer "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1EFAF492-9A3B-48C3-9349-234B146FDA46}" = LCP 5.04 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}" = Windows Live Movie Maker Beta "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11 "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3DFDA58D-624D-47ED-97A9-74E817B6323F}" = 2X Client "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4160A344-5848-4332-919F-0CB063822AA3}" = Dell Mobile Broadband Card Utility "{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2 "{4E426404-8E81-4F4A-B6D9-1B9CD1487EA9}" = eDrawings 2008 "{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D3A2A6C-59CD-4A6D-9516-0A34C393ED95}" = Nokia MTP driver "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}" = Panda Internet Security 2009 "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3 "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96E94E18-54D6-42C1-8FC4-24DACEDC3395}" = Nokia NSeries System Utilities "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}" = Sentinel Protection Installer 7.5.0 "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes "{A8C856AD-63CD-4613-AA29-E6C85607EA06}" = Nokia Software Launcher "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module "{C139CB71-9615-4F70-AB3D-3365BDA018A3}" = Panda Internet Security 2009 "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{CBDCB339-21C1-4834-9572-51ECC329ABD7}" = MS.Net2.0 Check "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro "{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery "{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier "{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager "{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player "{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync "6D07236E1D2F8479C88537ED0B7EB5D15ABBF7D5" = Windows Driver Package - Ross-Tech USB Driver Package (11/16/2007 6.0.2.0) "AC3Filter" = AC3Filter (remove only) "ActiveScan 2.0" = Panda ActiveScan 2.0 "Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.2 Professional "Adobe Acrobat 8 Professional - English, Français, Deutsch_822" = Adobe Acrobat 8.2.2 - CPSID_53952 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe PageMaker 7.0" = Adobe PageMaker 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_7328fdfcb73660ec8b11d5a3d5c6232" = Adobe Dreamweaver CS3 "Any Video Converter_is1" = Any Video Converter 2.6.2 "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "B406677FA530D213D0B10B080DCD1080AE866D39" = Windows Driver Package - Ross-Tech USB Driver Package (05/21/2009 2.04.18) "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card "ChairGun2" = ChairGun2 "CMFQuote" = CMFQuote "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "D8F4D0E97D18692537E56F88DB4C16B9974FB603" = Windows Driver Package - Ross-Tech USB Driver Package (05/19/2006 6.0.1.0) "Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX Setup "Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner "Feboz Toolbar" = Feboz Toolbar "FileZilla Client" = FileZilla Client 3.1.3.1 "Google Chrome" = Google Chrome "HDMI" = Intel® Graphics Media Accelerator Driver "ImgBurn" = ImgBurn "JTIS" = JTIS "MagicDisc 2.7.105" = MagicDisc 2.7.105 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Mozilla Thunderbird (2.0.0.17)" = Mozilla Thunderbird (2.0.0.17) "PayPal Shopping Cart" = PayPal Shopping Cart "PPLive" = PPLive 1.9 "PrimoPDF4.0.2.5" = PrimoPDF "PROPLUS" = Microsoft Office Professional Plus 2007 "RealPlayer 12.0" = RealPlayer "Samsung CLP-310 Series" = Samsung CLP-310 Series "SopCast" = SopCast 3.0.3 "TVAnts 1.0" = TVAnts 1.0 "Universal Document Converter_is1" = Universal Document Converter "VAG-COM Release" = VAG-COM Release 704.1 "VCDS Release" = VCDS Release 805.0 "VCDS Release 805" = VCDS Release 805.1 "VCDS Release 908" = VCDS Release 908.2 "Veetle TV" = Veetle TV 0.9.17 "ViewpointMediaPlayer" = Viewpoint Media Player "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "d5e03e4075e98ca8" = SEL-Imperial Ltd Electronic Catalogue "Facebook Plug-In" = Facebook Plug-In "Roamnamebait" = CiD Help "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 07/06/2010 16:34:19 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 07/06/2010 16:50:42 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 07/06/2010 18:40:56 | Computer Name = Jason-PC | Source = Outlook | ID = 34 Description = Failed to get the Crawl Scope Manager with error=0x80070015. Error - 07/06/2010 18:40:58 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 08/06/2010 01:37:57 | Computer Name = Jason-PC | Source = EventSystem | ID = 4621 Description = Error - 08/06/2010 01:42:44 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 08/06/2010 01:43:56 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 08/06/2010 01:46:04 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = Error - 08/06/2010 16:27:52 | Computer Name = Jason-PC | Source = Application Error | ID = 1000 Description = Faulting application TPSrv.exe, version 9.0.0.0, time stamp 0x487f2dad, faulting module xapauthenticodesip.dll, version 4.0.50524.0, time stamp 0x4bf9f4b3, exception code 0xc0000005, fault offset 0x00002d66, process id 0x4c0, application start time 0x01cb06cce8bbd2f5. Error - 09/06/2010 01:34:21 | Computer Name = Jason-PC | Source = Windows Search Service | ID = 1006 Description = [ Broadcom Wireless LAN Events ] Error - 17/01/2009 15:18:28 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 19:18:28, Sat, Jan 17, 09 Error - Unable to gain access to user store Error - 22/01/2009 14:32:04 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 18:32:04, Thu, Jan 22, 09 Error - Unable to gain access to user store Error - 11/02/2009 09:14:22 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 13:14:22, Wed, Feb 11, 09 Error - Unable to gain access to user store Error - 11/02/2009 12:21:14 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 16:21:13, Wed, Feb 11, 09 Error - Unable to gain access to user store Error - 19/02/2009 07:59:21 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 11:59:20, Thu, Feb 19, 09 Error - Unable to gain access to user store Error - 23/02/2009 10:33:58 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 14:33:57, Mon, Feb 23, 09 Error - Unable to gain access to user store Error - 03/04/2009 13:39:37 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 18:39:36, Fri, Apr 03, 09 Error - Unable to gain access to user store Error - 13/06/2009 22:11:22 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 03:11:22, Sun, Jun 14, 09 Error - Unable to gain access to user store Error - 13/06/2009 22:17:10 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 03:17:10, Sun, Jun 14, 09 Error - Unable to gain access to user store Error - 20/07/2009 02:18:41 | Computer Name = Jason-PC | Source = WLAN-Tray | ID = 0 Description = 07:18:38, Mon, Jul 20, 09 Error - Unable to gain access to user store [ System Events ] Error - 11/06/2010 02:37:30 | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7011 Description = Error - 11/06/2010 02:43:46 | Computer Name = Jason-PC | Source = DCOM | ID = 10010 Description = Error - 11/06/2010 14:54:38 | Computer Name = Jason-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 19:51:33 on 11/06/2010 was unexpected. Error - 11/06/2010 14:55:04 | Computer Name = Jason-PC | Source = DCOM | ID = 10005 Description = Error - 11/06/2010 14:55:04 | Computer Name = Jason-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 11/06/2010 14:55:14 | Computer Name = Jason-PC | Source = DCOM | ID = 10005 Description = Error - 11/06/2010 14:55:27 | Computer Name = Jason-PC | Source = DCOM | ID = 10005 Description = Error - 11/06/2010 14:55:55 | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001 Description = Error - 11/06/2010 14:55:55 | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7026 Description = Error - 11/06/2010 14:56:08 | Computer Name = Jason-PC | Source = DCOM | ID = 10005 Description = < End of report > Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.