Login | Live Chat & Podcast at 1:00PM Eastern on Sunday! |
 Search | |
| |
| Thread Tools |
23-Oct-2009, 04:50 PM
#16 | ||||||
| Hello again miller330i,
|
| |
23-Oct-2009, 08:18 PM
#17 | ||||||
| OTL again. It is hard to break up the file. How do you do it? OTL logfile created on: 10/23/2009 4:10:49 PM - Run 4 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 49.22% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279.46 Gb Total Space | 156.16 Gb Free Space | 55.88% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DESKTOP1 Current User Name: Desktop Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\DAODx.exe () PRC - C:\Windows\runservice.exe () PRC - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () ========== Win32 Services (SafeList) ========== SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe () SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe () SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M] SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG) SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe () SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs) SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof () SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof () SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys () DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.) DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M] DRV - (is-US5VGdrv [System | Stopped]) -- C:\Windows\SysWow64\DRIVERS\34972332.sys (Kaspersky Lab) DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof () DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI () DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software) DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys () DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof () DRV - (utm3mzg3 [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\utm3mzg3.sys () DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices) DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.) DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB) DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation) DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation) DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (pavboot [Boot | Running]) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.) DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.) DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek ) DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software) DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" FF - prefs.js..browser.startup.homepage: " " FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M] [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions [2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] File not found |
23-Oct-2009, 08:21 PM
#18 | ||||||
| OTL again. It is hard to break up the file. How do you do it? OTL logfile created on: 10/23/2009 4:10:49 PM - Run 4 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 49.22% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279.46 Gb Total Space | 156.16 Gb Free Space | 55.88% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DESKTOP1 Current User Name: Desktop Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\DAODx.exe () PRC - C:\Windows\runservice.exe () PRC - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () ========== Win32 Services (SafeList) ========== SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe () SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe () SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M] SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG) SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe () SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs) SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof () SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof () SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys () DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.) DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M] DRV - (is-US5VGdrv [System | Stopped]) -- C:\Windows\SysWow64\DRIVERS\34972332.sys (Kaspersky Lab) DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof () DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI () DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software) DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys () DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof () DRV - (utm3mzg3 [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\utm3mzg3.sys () DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices) DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.) DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB) DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation) DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation) DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (pavboot [Boot | Running]) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.) DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.) DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek ) DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software) DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 |
23-Oct-2009, 08:22 PM
#19 | ||||||
| ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" FF - prefs.js..browser.startup.homepage: " " FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M] [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions [2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk = C:\Users\Desktop\Desktop\Virus Removal Tool\is-US5VG\startup.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIBV5 = 17 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWow64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWow64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) |
23-Oct-2009, 08:23 PM
#20 | ||||||
| O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation) O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWow64\browseui.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - Reg Error: Key error. File not found O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/07/30 15:36:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/10/29 10:18:56 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007/06/25 06:29:25 | 00,000,045 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2 C:\Windows\SysWow64\*.tmp files] [1 C:\Windows\*.tmp files] [2009/10/20 23:12:51 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2009/10/14 12:06:06 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI [2009/10/22 21:51:09 | 00,000,000 | ---D | C] -- C:\ProgramData\is-US5VG [2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2009/10/03 10:29:12 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/10/13 09:13:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games [2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2009/10/17 22:46:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt [2009/10/17 08:55:20 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP [2009/10/18 23:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\WebRoot [2009/10/17 08:55:09 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional [2009/10/07 20:09:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Canon [2009/10/15 14:12:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\FastStone [2009/10/16 08:48:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\ICQ [2009/10/18 11:00:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Malwarebytes [2009/10/13 09:12:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Microsoft Game Studios [2009/10/17 22:46:11 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Sunbelt [2009/10/11 21:54:08 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\vlc [2009/10/19 00:28:44 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Webroot [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/21 12:49:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Apple [2009/10/03 10:29:33 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\LogiShrd [2009/10/13 09:13:25 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Microsoft Game Studios [2009/10/22 14:35:45 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Visual Business Cards [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap [2009/10/13 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2009/10/17 08:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Converter Professional [2009/10/15 14:12:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer [2009/10/16 08:48:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5 [2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2009/10/13 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc [2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2009/10/13 23:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2009/10/01 16:26:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware [2009/10/01 23:16:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [2009/10/13 09:13:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2009/10/13 23:03:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2009/10/02 10:49:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP [2009/10/22 20:52:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2009/10/18 17:46:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2009/10/17 22:30:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sunbelt Software [2009/10/17 22:10:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2009/10/15 08:40:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2009/10/22 14:32:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Visual Business Cards [2009/10/18 00:26:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot [2009/10/03 10:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2009/10/14 11:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2009/10/01 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2009/10/23 16:01:58 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe [2009/10/22 21:49:19 | 00,200,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysWow64\drivers\34972332.sys [2009/10/22 21:49:19 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Virus Removal Tool [2009/10/22 14:35:46 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Visual Business Cards [2009/10/21 11:19:47 | 00,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2009/10/19 21:25:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2009/10/19 21:25:40 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2009/10/19 19:25:19 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys [2009/10/19 19:25:11 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll [2009/10/19 19:22:24 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys [2009/10/18 12:06:58 | 00,000,000 | --SD | C] -- C:\TheHammer3533T [2009/10/18 12:06:26 | 00,000,000 | --SD | C] -- C:\TheHammer [2009/10/18 12:06:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009/10/17 22:21:11 | 00,000,000 | ---D | C] -- C:\sbtemp [2009/10/17 10:17:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\OJOsoft Corporation [2009/10/17 08:55:21 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Any DVD Converter Professional [2009/10/13 23:32:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2009/10/13 23:03:07 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2009/10/13 22:58:55 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2009/10/13 22:58:53 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2009/10/13 22:58:52 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2009/10/13 22:58:52 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2009/10/13 22:58:51 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll [2009/10/13 22:58:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll [2009/10/13 22:58:51 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2009/10/13 22:58:50 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll [2009/10/13 22:58:48 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2009/10/13 22:58:47 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll [2009/10/13 22:58:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll [2009/10/13 22:58:45 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2009/10/13 22:58:45 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2009/10/13 22:58:34 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2009/10/13 22:58:33 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL [2009/10/13 22:58:33 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL [2009/10/13 22:58:32 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll [2009/10/13 22:58:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll [2009/10/13 22:57:46 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys [2009/10/13 22:57:45 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2009/10/13 22:57:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll [2009/10/13 16:59:22 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2009/10/13 09:52:53 | 00,000,000 | ---D | C] -- C:\Windows\pss [2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys [2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys [2009/10/12 20:08:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Halo.2.XP-TheBabeLover [2009/10/03 12:38:47 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\SightSpeed Recordings [2009/10/01 16:40:24 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe [2009/08/09 23:14:51 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\Desktop\AppData\Roaming\pcouffin.sys |
23-Oct-2009, 08:23 PM
#21 | ||||||
| ========== Files - Modified Within 30 Days ========== [2 C:\Windows\SysWow64\*.tmp files] [1 C:\Windows\*.tmp files] [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/23 16:02:01 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe [2009/10/23 15:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2009/10/23 14:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/10/23 14:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/10/23 12:48:48 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009/10/23 12:48:48 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009/10/23 12:48:48 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009/10/23 12:40:39 | 00,001,377 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys [2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/10/23 12:40:25 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/10/23 12:28:33 | 02,842,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2009/10/22 23:15:45 | 00,038,400 | ---- | M] () -- C:\Users\Desktop\Desktop\Polarity.doc [2009/10/22 23:15:41 | 00,030,720 | ---- | M] () -- C:\Users\Desktop\Desktop\Geometry.doc [2009/10/22 23:15:36 | 00,027,136 | ---- | M] () -- C:\Users\Desktop\Desktop\Calorimetry.doc [2009/10/22 23:15:30 | 00,035,840 | ---- | M] () -- C:\Users\Desktop\Desktop\Thermo.doc [2009/10/22 23:15:25 | 00,034,304 | ---- | M] () -- C:\Users\Desktop\Desktop\Lewis.doc [2009/10/22 23:11:28 | 00,000,680 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat [2009/10/22 22:05:49 | 00,007,168 | ---- | M] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys [2009/10/22 21:51:09 | 00,001,803 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk [2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job [2009/10/19 19:25:12 | 00,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe [2009/10/19 19:22:58 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat [2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys [2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys [2009/10/19 19:05:56 | 00,000,732 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat [2009/10/19 00:24:55 | 00,000,164 | ---- | M] () -- C:\install.dat [2009/10/13 16:59:22 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2009/10/12 21:16:04 | 00,000,133 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\default.pls [2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009/10/12 11:36:22 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2009/10/02 11:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe [2009/10/01 10:29:14 | 00,238,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe ========== Files - No Company Name ========== [2009/10/22 23:15:45 | 00,038,400 | ---- | C] () -- C:\Users\Desktop\Desktop\Polarity.doc [2009/10/22 23:15:41 | 00,030,720 | ---- | C] () -- C:\Users\Desktop\Desktop\Geometry.doc [2009/10/22 23:15:36 | 00,027,136 | ---- | C] () -- C:\Users\Desktop\Desktop\Calorimetry.doc [2009/10/22 23:15:30 | 00,035,840 | ---- | C] () -- C:\Users\Desktop\Desktop\Thermo.doc [2009/10/22 23:15:24 | 00,034,304 | ---- | C] () -- C:\Users\Desktop\Desktop\Lewis.doc [2009/10/22 22:05:49 | 00,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys [2009/10/22 21:51:09 | 00,001,803 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk [2009/10/21 17:14:19 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2009/10/20 23:20:09 | 00,001,840 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI3C6B.txt [2009/10/20 23:20:04 | 00,012,862 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI3C6B.txt [2009/10/19 20:58:52 | 00,001,698 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 20:58:51 | 00,001,684 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job [2009/10/19 19:25:15 | 00,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe [2009/10/19 19:22:57 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat [2009/10/18 23:23:57 | 00,000,164 | ---- | C] () -- C:\install.dat [2009/10/18 21:43:33 | 00,000,680 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat [2009/10/12 11:36:22 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/01 23:15:42 | 00,231,562 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924MSI6C8A.txt [2009/10/01 23:15:41 | 00,014,524 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924UI6C8A.txt [2009/10/01 23:15:11 | 00,557,508 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6C25.txt [2009/10/01 23:15:10 | 00,014,540 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6C25.txt [2009/10/01 23:14:50 | 00,541,238 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6BD6.txt [2009/10/01 23:14:46 | 00,014,492 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6BD6.txt [2009/09/23 12:09:15 | 00,704,282 | ---- | C] () -- C:\Program Files (x86)\unins000.exe [2009/09/23 12:09:15 | 00,018,052 | ---- | C] () -- C:\Program Files (x86)\unins000.dat [2009/09/18 12:18:50 | 00,000,612 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/08/15 09:27:07 | 00,016,384 | ---- | C] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/12 14:35:43 | 00,001,377 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys [2009/08/12 14:35:41 | 00,048,640 | ---- | C] () -- C:\Windows\mmfs.dll [2009/08/11 18:59:20 | 00,000,133 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\default.pls [2009/08/10 09:22:01 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009/08/09 23:15:35 | 00,000,034 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.log [2009/08/09 23:14:51 | 00,099,384 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\inst.exe [2009/08/09 23:14:51 | 00,007,859 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.cat [2009/08/09 23:14:51 | 00,001,167 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.inf [2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009/08/06 13:06:48 | 00,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2009/08/06 13:02:40 | 00,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll [2009/08/06 13:02:22 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll [2009/08/03 18:57:18 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009/08/03 16:03:41 | 00,598,240 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI2007.txt [2009/08/03 16:03:39 | 00,020,488 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI2007.txt [2009/08/03 15:22:47 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/08/03 15:22:28 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/08/03 14:50:59 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2009/08/03 14:39:34 | 00,000,327 | ---- | C] () -- C:\Windows\RefreshLock.ini [2009/08/03 10:30:45 | 00,000,000 | ---- | C] () -- C:\Windows\LCDMedia.INI [2009/08/02 22:36:17 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL [2009/08/02 22:35:19 | 00,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll [2009/08/02 22:33:44 | 00,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI [2009/08/02 22:28:02 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2009/08/02 22:28:02 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2009/08/02 22:28:00 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2009/08/02 22:28:00 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2009/08/02 22:19:34 | 00,000,989 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini [2009/08/02 22:19:34 | 00,000,928 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini [2009/08/02 22:19:12 | 00,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009/08/02 22:19:11 | 00,127,488 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009/08/02 21:03:00 | 00,041,125 | ---- | C] () -- C:\Windows\Ascd_log.ini [2009/08/02 21:02:40 | 00,034,721 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009/08/02 21:02:40 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2009/08/02 21:00:48 | 00,051,960 | ---- | C] () -- C:\Users\Desktop\AppData\Local\GDIPFONTCACHEV1.DAT [2009/08/02 21:00:30 | 00,000,732 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat [2009/06/02 18:11:16 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009/05/29 16:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009/05/29 16:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009/04/21 18:26:56 | 00,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll [2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008/09/12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2007/09/04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2007/02/05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 05:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini ========== LOP Check ========== [2009/10/19 00:28:44 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming [2009/08/06 20:00:07 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Ahead [2009/10/17 08:55:20 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional [2009/08/03 07:49:43 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ATI [2009/10/07 20:09:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Canon [2009/08/09 09:55:53 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DAEMON Tools Lite [2009/08/05 09:54:51 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Download Manager [2009/08/07 19:11:21 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DzSoft [2009/10/16 10:26:09 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ICQ [2009/09/23 11:36:52 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IGN_DLM [2009/08/03 15:46:02 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IObit [2006/11/02 08:06:33 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Media Center Programs [2009/08/12 13:34:34 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\NewSoft [2009/08/09 08:42:28 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\RegRun [2009/08/02 22:33:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ScanSoft [2009/08/06 08:28:22 | 00,000,000 | RH-D | M] -- C:\Users\Desktop\AppData\Roaming\SecuROM [2009/09/10 08:30:29 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\teamspeak2 [2009/10/22 19:07:25 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\uTorrent [2009/08/09 18:28:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\VistaCodecs [2009/08/09 23:15:35 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Vso [2009/09/22 10:04:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Wargaming.Net [2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2009/10/23 15:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009/10/22 22:03:28 | 00,019,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report > |
23-Oct-2009, 09:49 PM
#22 | ||||||
| Hello miller330i, Please disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent our tools from working. Please disable TeaTimer for now. TeaTimer can be re-activated once we have finished cleaning your machine.
Step 2 How to turn Windows Defender on or off 1. Open Windows Defender by clicking the Start button , clicking All Programs, and then clicking Windows Defender. 2. Click Tools, and then click Options. 3. Under Administrator options, select or clear the Use Windows Defender check box, and then click Save. Administrator permission required. If you are prompted for an administrator password or confirmation, type the password or provide confirmation. If those instructions are not appropriate for your version of Windows go to this link for instructions on how to enable/disable Windows Defender http://windowshelp.microsoft.com/Win...bf0dc1033.mspx Now Please run OTL.exe
Please run a free online scan with the ESET Online Scanner Note: You will need to use Internet Explorer for this scan
__________________ Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much. |
23-Oct-2009, 11:40 PM
#23 | ||||||
| OTL Extras logfile created on: 10/23/2009 7:30:02 PM - Run 5 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 47.93% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279.46 Gb Total Space | 156.14 Gb Free Space | 55.87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DESKTOP1 Current User Name: Desktop Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\ieframe.DLL (Microsoft Corporation) .js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\SysWow64\ieframe.DLL (Microsoft Corporation) .js [@ = jsfile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* File not found batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* File not found batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- rundll32.exe C:\Windows\SysWOW64\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = E6 FF 13 44 88 14 CA 01 [binary data] "VistaSp2" = A9 2A 8B 0D 8C 14 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 |
23-Oct-2009, 11:41 PM
#24 | ||||||
| ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules] "{09748B8F-26C9-4268-92E9-35BE33AF3044}" = lport=138 | protocol=17 | dir=in | app=system | "{2334317D-D528-4568-8C23-343EE8E7B2C9}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server | "{3E58BD70-B61A-4AD5-9320-DAF56D6F12ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{47722031-9846-4F8C-A406-FA4D24DAC35A}" = lport=445 | protocol=6 | dir=in | app=system | "{4B78BE52-2A59-4C73-A5D9-F118B1A5B2CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{58BA6704-E600-4D52-A75B-5A92291013F6}" = lport=137 | protocol=17 | dir=in | app=system | "{5A435A10-F92C-4F57-BB1D-2DFCA6DB15C7}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server | "{66BF2411-C284-48FB-AFF8-E9F49A48E9E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6F147C7A-EF0C-4A0D-8E50-041A7D8AEA05}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{758AC075-E538-43B5-A8A0-ABE75D41F6CA}" = rport=139 | protocol=6 | dir=out | app=system | "{7809BD24-A907-417D-AF20-BB84044A96A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7DC87543-0A6A-469F-AA55-8D141C462393}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7EACDB09-8289-4171-8623-F0D8F3700999}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server | "{87EA6957-08C5-4235-9E03-891F161CA5D2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A599463B-28C8-45ED-9A6E-AD91108AB607}" = rport=138 | protocol=17 | dir=out | app=system | "{A6A9E4AC-B78C-4BE1-B673-26B2B22B35B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AD95E2DA-683F-4A01-BCA2-900D25966741}" = lport=139 | protocol=6 | dir=in | app=system | "{B0795E3B-B712-4040-BEE0-85ED8FE14304}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{C8605B3E-14E9-4CF1-84C2-1EE5ED797DA6}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{D3FD7F1E-4516-40F2-B77E-0A4451353A72}" = rport=137 | protocol=17 | dir=out | app=system | "{D4C7E0A3-665D-41A4-8DAB-336835E3E708}" = rport=445 | protocol=6 | dir=out | app=system | "{EADF0E51-13E5-4F21-A0A1-4F42ADBBCA85}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server | "{F8D62D61-5831-4991-829D-800140C331BD}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules] "{03382DE7-CAF2-4117-9DDD-80CE5885AC2C}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{09CD19F0-AB1B-4E08-9116-FF3746726492}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | "{0F9F8460-7593-4C93-A576-2500BBA16E4B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{199D83D0-AE2A-479C-93BD-B9F836852568}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{1DD6C9D9-A915-497D-A25F-B1B9D93FA16E}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | "{2DBC174A-2167-4AA1-BDCD-D518C14F3DD5}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | "{3302345F-8EFE-404F-8462-7E459DCFACC9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{35C579FD-2AB2-4FF0-8D0B-998FE090F2EF}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | "{3E997488-CE4F-4161-BD20-4DA9DE2D4BBF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{502D6675-35EE-49ED-89AD-0A35125F572D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{51D6766B-5D9A-4B51-9EBE-C244AE30DD07}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe | "{55A3A6E9-5579-4C81-B5CA-8206AF882FF3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{590CB188-7A67-4C7F-8326-256033F36A71}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{66474F59-8306-43D1-A30B-C0BA6AEACD3C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{68124CD8-0D50-44FF-B88C-6B3660965989}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{6B9B57AB-E6E9-4EC2-831B-24348E462DD6}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{7E9157AA-599E-4117-BEC8-FAF0C60DB749}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{83B98A47-E5E0-4FEB-867B-E9A1470FAC98}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | "{938358D8-D1FB-4905-9B0B-F273E3D0E8F8}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{9A68E73C-AB62-4510-8B63-185F8ECE18F7}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{9F9E07B2-B2AE-4986-94E0-036CCB0FF9AB}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | "{A51EE574-A61D-465F-846F-21326C367CCB}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{AEC7B1C9-4C41-4867-9F0E-C1A20192C892}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | "{B4009947-B834-49F0-84E2-6706DF1C3A4E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{B943441E-D7CE-4991-A22B-F31B5BDC05FC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{C42EFB38-7EDC-4495-BB22-8503263D14CC}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{C46046D1-84F0-4CF3-BF5C-BD3C185E7A7E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CA3D664D-E7D9-4F35-AB64-E9287DDD40AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{DC4B4001-B096-40A6-BA8F-DCE05E4070F1}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe | "{EA114F4E-C41F-4848-820F-CAC06B1EF6F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{F052132A-2FAF-48F5-930B-5CD84F28252F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{F1218826-9D28-461A-A978-670B9B9FB7FD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | "{F26D4724-C123-4657-A59B-B275CACB5C04}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{FFAA5CE1-8590-4FBE-9AC2-C4E34878E9DB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "TCP Query User{0405B8DA-BF66-4FD4-9220-1E72F522020A}C:\program files (x86)\thq\1company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\1company of heroes\reliccoh.exe | "TCP Query User{0C16A5CD-40EF-426E-826D-4307FDE13428}C:\program files (x86)\thq\1company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\1company of heroes\relicdownloader\relicdownloader.exe | "TCP Query User{1F902532-FF85-4DF1-9E51-45F2DDF01115}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{54B0BAFB-B703-4425-BADE-E1F22248F379}E:\games\company.of.heroes.tales.of.valor.fullrip-kaos\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=e:\games\company.of.heroes.tales.of.valor.fullrip-kaos\relicdownloader\relicdownloader.exe | "TCP Query User{70CE9441-1187-4AA5-A0E4-CCD521790655}E:\games\company.of.heroes.tales.of.valor.fullrip-kaos\reliccoh.exe" = protocol=6 | dir=in | app=e:\games\company.of.heroes.tales.of.valor.fullrip-kaos\reliccoh.exe | "TCP Query User{8487473E-0681-4EAE-AC94-6A5A99E7CE89}C:\program files (x86)\square enix\order of war (demo)\oow_final.bin" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\order of war (demo)\oow_final.bin | "TCP Query User{972BB5E9-02AF-477C-AF0B-0E16CF274A56}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{EFA80E47-E823-4ABC-9243-AB5978A3C84D}E:\games\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=e:\games\call of duty - world at war\codwawmp.exe | "UDP Query User{4925BF1A-4C98-490F-86EC-EB6E3C23A4D6}E:\games\company.of.heroes.tales.of.valor.fullrip-kaos\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=e:\games\company.of.heroes.tales.of.valor.fullrip-kaos\relicdownloader\relicdownloader.exe | "UDP Query User{4E931B66-B3D5-4276-84C5-262BEE0A92B9}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{51610B32-369B-4599-B3F0-661EC23D2706}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{55D7EB18-8E29-45B5-BE19-4908D676009F}E:\games\company.of.heroes.tales.of.valor.fullrip-kaos\reliccoh.exe" = protocol=17 | dir=in | app=e:\games\company.of.heroes.tales.of.valor.fullrip-kaos\reliccoh.exe | "UDP Query User{748E0354-3AB2-46D7-8114-D2F4DAFDBFC0}C:\program files (x86)\thq\1company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\1company of heroes\relicdownloader\relicdownloader.exe | "UDP Query User{A5B8B9C1-A2CE-453E-8D02-EDB26C464366}C:\program files (x86)\thq\1company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\1company of heroes\reliccoh.exe | "UDP Query User{E5F9EBAD-57B7-4962-83C4-98258B6981F3}E:\games\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=e:\games\call of duty - world at war\codwawmp.exe | "UDP Query User{F3B9ABA5-212A-4ADC-ADD6-668728010208}C:\program files (x86)\square enix\order of war (demo)\oow_final.bin" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\order of war (demo)\oow_final.bin | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition) "{239A8D60-270B-42e8-82D3-60D70A2942E0}" = Canon MF4100 Series "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{5759E649-E281-46C2-BB4B-50413623DCDF}" = iTunes "{59B4B93D-FC47-4F16-AE8E-CD103F022654}" = Microsoft Security Essentials "{5AC267EB-6FBC-D3DC-1C09-EF62556092FD}" = ccc-utility64 "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support "{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}" = Microsoft Antimalware "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B88F5E68-B0FB-950F-EC6F-82FB18DF3E5D}" = ATI Catalyst Install Manager "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{EB731227-8AC5-4889-ACE9-7D87864A9F19}" = Logitech GamePanel Software 3.02.173 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{07E1A8A8-EEE0-198D-9AB7-8CBE42A830F4}" = Catalyst Control Center Core Implementation "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.9.1.1.mf04 "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only) "{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_update1.11.3.0" = Update 1.11.3.0 for "Men of War" "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{186326B4-AF94-B714-7A5C-678524061EFD}" = CCC Help English "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1CA7ACD6-B21B-4240-AA05-4FC55F6E1033}" = Nero 8 "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1F5B0A0A-ACBA-1C8D-DD8C-AB20597DABE9}" = ccc-core-static "{20AEA7B1-6155-44A2-B58E-430F2C9F4ABD}" = AMD OverDrive "{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en "{22E9CF2B-4063-4dab-A251-93FA46F7DECC}_is1" = Webroot Internet Security Essentials "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0 "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3A94E148-9C8B-4FE9-99DD-93072F99BE20}" = Sound Blaster X-Fi MB "{3BDDF462-8A95-4C50-86DA-4D41F3483EA5}" = Canon MF Toolbox 4.9.1.1.mf04 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4 "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4 "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D1ACE56-38B1-1055-5926-EADFB056F2F2}" = Catalyst Control Center InstallProxy "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73877A89-A11E-43D6-9A15-A77FF0F48C8F}" = AMD GPU Clock Tool "{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4 "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.6.4.158 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en "{79FAE709-37BC-FBAD-53DB-6B8609231007}" = Catalyst Control Center Graphics Full Existing "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AB445D0-CD91-47CC-B1A9-A654B4B261E4}" = AMD CPUInfo "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{922A36F5-6663-45C0-A515-B63C4E585195}" = TweakIt "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4 "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch "{AC76BA86-1033-F400-7760-000000000004}_913" = Adobe Acrobat 9.1.3 - CPSID_49522 "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0 "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com "{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content "{CC67C580-EFEA-1B4C-F86C-C360C0593FE3}" = Catalyst Control Center Graphics Previews Vista "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0 "{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}" = Catalyst Control Center - Branding "{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D27DBCEF-7D01-C5DF-659E-F27A24AC2181}" = Catalyst Control Center Graphics Previews Common "{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14 "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DA52CFD6-183B-4C45-B36F-4A59750427CB}_is1" = Rise of Flight "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DD929BD3-5D41-4407-BE04-119B4A631869}" = Canon MF Toolbox 4.9.1.1.mf04 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E0DFA6F8-C275-823C-9A73-A1608D84E333}" = Catalyst Control Center Graphics Full New "{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup "{EC4899D2-9915-4603-ABEE-8B15CACE2888}" = AMD LCD Keyboard Applet "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4A06E47-FD0D-CCB2-CEDA-659131E90F3C}" = Catalyst Control Center Graphics Light "{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4 "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package "{FABB748F-B1AA-ECD0-11CC-28DCAEA2EAA5}" = Catalyst Control Center HydraVision Full "{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.07 beta "Absolute Uninstaller Pro_is1" = Absolute Uninstaller Pro v5.0.1.3 "ActiveScan 2.0" = Panda ActiveScan 2.0 |
23-Oct-2009, 11:41 PM
#25 | ||||||
| Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection "ALchemy X-FiMB" = Creative ALchemy (X-Fi MB Edition) "Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.7.8 "AnyDVD" = AnyDVD "ArmA 2" = ArmA 2 Uninstall "Automatch test for "Men of War"_is1" = Automatch test 1.12.3 for "Men of War" "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6 "CAL" = Canon Camera Access Library "CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Company of Heroes" = Company of Heroes "CSCLIB" = Canon Camera Support Core Library "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Download Manager" = Download Manager 2.3.9 "DPP" = Canon Utilities Digital Photo Professional 2.1 "DzSoftWebPhotoResizer_is1" = Quick Photo Resizer 2.6.2 "eCalc Calculator" = eCalc Calculator "EndItAll_is1" = EndItAll 2.0 "EOS Utility" = Canon Utilities EOS Utility "FastStone Photo Resizer" = FastStone Photo Resizer 2.8 "Google Chrome" = Google Chrome "Halo 2" = Halo 2 for Windows Vista "Hearts of Iron III Sprite Packs" = Hearts of Iron III Sprite Packs "HijackThis" = HijackThis 2.0.2 "ImageConverter Plus_is1" = ImageConverter Plus 7.1 "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "IrfanView" = IrfanView (remove only) "IsoBuster_is1" = IsoBuster 2.6 Beta Test Version "MagicDisc 2.7.106" = MagicDisc 2.7.106 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MediaMonkey_is1" = MediaMonkey 3.1 "Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3) "oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.7.0 "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "RivaTuner" = RivaTuner v2.24 "Smart Defrag_is1" = Smart Defrag 1.20 "StarBurn_is1" = StarBurn Version 12r8 (Build 0x20090731) "System Recon 2.1" = System Recon 2.1 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "uTorrent" = µTorrent "Visual Business Cards 4_is1" = Visual Business Cards 4 "VLC media player" = VLC media player 1.0.2 "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 10/23/2009 3:28:44 PM | Computer Name = Desktop1 | Source = EventSystem | ID = 4609 Description = Error - 10/23/2009 3:28:48 PM | Computer Name = Desktop1 | Source = PerfNet | ID = 2004 Description = Error - 10/23/2009 3:29:00 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 10/23/2009 3:29:04 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 10/23/2009 3:29:04 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 10/23/2009 3:30:51 PM | Computer Name = Desktop1 | Source = PerfNet | ID = 2004 Description = Error - 10/23/2009 3:36:51 PM | Computer Name = Desktop1 | Source = PerfNet | ID = 2004 Description = Error - 10/23/2009 3:40:53 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 10/23/2009 3:41:07 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 10/23/2009 3:41:07 PM | Computer Name = Desktop1 | Source = SideBySide | ID = 16842830 Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. [ Media Center Events ] Error - 8/15/2009 3:34:56 AM | Computer Name = Desktop1 | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 10/12/2009 3:33:10 PM | Computer Name = Desktop1 | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. [ System Events ] Error - 10/23/2009 1:05:15 AM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 1:05:15 AM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:28:37 PM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:28:42 PM | Computer Name = Desktop1 | Source = Service Control Manager | ID = 7001 Description = Error - 10/23/2009 3:28:42 PM | Computer Name = Desktop1 | Source = Service Control Manager | ID = 7026 Description = Error - 10/23/2009 3:28:44 PM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:28:47 PM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:28:50 PM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:28:50 PM | Computer Name = Desktop1 | Source = DCOM | ID = 10005 Description = Error - 10/23/2009 3:40:43 PM | Computer Name = Desktop1 | Source = Service Control Manager | ID = 7026 Description = < End of report > |
23-Oct-2009, 11:43 PM
#26 | ||||||
| OTL logfile created on: 10/23/2009 7:30:02 PM - Run 5 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 47.93% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279.46 Gb Total Space | 156.14 Gb Free Space | 55.87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DESKTOP1 Current User Name: Desktop Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe (Skype Technologies) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\DAODx.exe () PRC - C:\Windows\runservice.exe () PRC - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () ========== Win32 Services (SafeList) ========== SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe () SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe () SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M] SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG) SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe () SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs) SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof () SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof () SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com)) SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. ) SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys () DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.) DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M] DRV - (is-US5VGdrv [System | Stopped]) -- C:\Windows\SysWow64\DRIVERS\34972332.sys (Kaspersky Lab) DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof () DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI () DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software) DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys () DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof () DRV - (utm3mzg3 [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\utm3mzg3.sys () DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices) DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.) DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB) DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation) DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation) DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (pavboot [Boot | Running]) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.) DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.) DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.) DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek ) DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com)) DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software) DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 |
23-Oct-2009, 11:44 PM
#27 | ||||||
| ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" FF - prefs.js..browser.startup.homepage: " " FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M] [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions [2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions [2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk = C:\Users\Desktop\Desktop\Virus Removal Tool\is-US5VG\startup.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIBV5 = 17 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134 O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/07/30 15:36:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/10/29 10:18:56 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007/06/25 06:29:25 | 00,000,045 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2 C:\Windows\SysWow64\*.tmp files] [1 C:\Windows\*.tmp files] [2009/10/20 23:12:51 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2009/10/14 12:06:06 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI [2009/10/22 21:51:09 | 00,000,000 | ---D | C] -- C:\ProgramData\is-US5VG [2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2009/10/03 10:29:12 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/10/13 09:13:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games [2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2009/10/17 22:46:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt [2009/10/17 08:55:20 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP [2009/10/18 23:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\WebRoot [2009/10/17 08:55:09 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional [2009/10/07 20:09:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Canon [2009/10/15 14:12:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\FastStone [2009/10/16 08:48:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\ICQ [2009/10/18 11:00:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Malwarebytes [2009/10/13 09:12:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Microsoft Game Studios [2009/10/17 22:46:11 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Sunbelt [2009/10/11 21:54:08 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\vlc [2009/10/19 00:28:44 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Webroot [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/23 16:47:24 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Adobe [2009/10/21 12:49:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Apple [2009/10/03 10:29:33 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\LogiShrd [2009/10/13 09:13:25 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Microsoft Game Studios [2009/10/22 14:35:45 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Visual Business Cards [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap [2009/10/13 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2009/10/17 08:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Converter Professional [2009/10/15 14:12:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer [2009/10/16 08:48:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5 [2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2009/10/13 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc [2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2009/10/13 23:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2009/10/01 16:26:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware [2009/10/01 23:16:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [2009/10/13 09:13:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2009/10/13 23:03:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2009/10/02 10:49:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP [2009/10/22 20:52:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2009/10/18 17:46:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2009/10/17 22:30:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sunbelt Software [2009/10/17 22:10:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2009/10/15 08:40:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2009/10/22 14:32:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Visual Business Cards [2009/10/18 00:26:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot [2009/10/03 10:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2009/10/14 11:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2009/10/01 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2009/10/23 16:01:58 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe [2009/10/22 21:49:19 | 00,200,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysWow64\drivers\34972332.sys [2009/10/22 21:49:19 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Virus Removal Tool [2009/10/22 14:35:46 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Visual Business Cards [2009/10/21 11:19:47 | 00,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2009/10/19 21:25:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2009/10/19 21:25:40 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2009/10/19 19:25:19 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys [2009/10/19 19:25:11 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll [2009/10/19 19:22:24 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys [2009/10/18 12:06:58 | 00,000,000 | --SD | C] -- C:\TheHammer3533T [2009/10/18 12:06:26 | 00,000,000 | --SD | C] -- C:\TheHammer [2009/10/18 12:06:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009/10/17 22:21:11 | 00,000,000 | ---D | C] -- C:\sbtemp [2009/10/17 10:17:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\OJOsoft Corporation [2009/10/17 08:55:21 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Any DVD Converter Professional [2009/10/13 23:32:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2009/10/13 23:03:07 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2009/10/13 22:58:55 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2009/10/13 22:58:53 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2009/10/13 22:58:52 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2009/10/13 22:58:52 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2009/10/13 22:58:51 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll [2009/10/13 22:58:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll [2009/10/13 22:58:51 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2009/10/13 22:58:50 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll [2009/10/13 22:58:48 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2009/10/13 22:58:47 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll [2009/10/13 22:58:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll [2009/10/13 22:58:45 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2009/10/13 22:58:45 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2009/10/13 22:58:34 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2009/10/13 22:58:33 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL [2009/10/13 22:58:33 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL [2009/10/13 22:58:32 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll [2009/10/13 22:58:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll [2009/10/13 22:57:46 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys [2009/10/13 22:57:45 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2009/10/13 22:57:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll [2009/10/13 16:59:22 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2009/10/13 09:52:53 | 00,000,000 | ---D | C] -- C:\Windows\pss [2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys [2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys [2009/10/12 20:08:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Halo.2.XP-TheBabeLover [2009/10/03 12:38:47 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\SightSpeed Recordings [2009/10/01 16:40:24 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe [2009/08/09 23:14:51 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\Desktop\AppData\Roaming\pcouffin.sys |
23-Oct-2009, 11:44 PM
#28 | ||||||
| ========== Files - Modified Within 30 Days ========== [2 C:\Windows\SysWow64\*.tmp files] [1 C:\Windows\*.tmp files] [1 C:\Users\Desktop\AppData\Local\*.tmp files] [2009/10/23 18:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/10/23 18:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/10/23 18:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2009/10/23 16:02:01 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe [2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2009/10/23 12:48:48 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009/10/23 12:48:48 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009/10/23 12:48:48 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009/10/23 12:40:39 | 00,001,377 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys [2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/10/23 12:40:25 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/10/23 12:28:33 | 02,842,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2009/10/22 23:15:45 | 00,038,400 | ---- | M] () -- C:\Users\Desktop\Desktop\Polarity.doc [2009/10/22 23:15:41 | 00,030,720 | ---- | M] () -- C:\Users\Desktop\Desktop\Geometry.doc [2009/10/22 23:15:36 | 00,027,136 | ---- | M] () -- C:\Users\Desktop\Desktop\Calorimetry.doc [2009/10/22 23:15:30 | 00,035,840 | ---- | M] () -- C:\Users\Desktop\Desktop\Thermo.doc [2009/10/22 23:15:25 | 00,034,304 | ---- | M] () -- C:\Users\Desktop\Desktop\Lewis.doc [2009/10/22 23:11:28 | 00,000,680 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat [2009/10/22 22:05:49 | 00,007,168 | ---- | M] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys [2009/10/22 21:51:09 | 00,001,803 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk [2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job [2009/10/19 19:25:12 | 00,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe [2009/10/19 19:22:58 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat [2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys [2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys [2009/10/19 19:05:56 | 00,000,732 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat [2009/10/19 00:24:55 | 00,000,164 | ---- | M] () -- C:\install.dat [2009/10/13 16:59:22 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2009/10/12 21:16:04 | 00,000,133 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\default.pls [2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009/10/12 11:36:22 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2009/10/02 11:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe [2009/10/01 10:29:14 | 00,238,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe ========== Files - No Company Name ========== [2009/10/22 23:15:45 | 00,038,400 | ---- | C] () -- C:\Users\Desktop\Desktop\Polarity.doc [2009/10/22 23:15:41 | 00,030,720 | ---- | C] () -- C:\Users\Desktop\Desktop\Geometry.doc [2009/10/22 23:15:36 | 00,027,136 | ---- | C] () -- C:\Users\Desktop\Desktop\Calorimetry.doc [2009/10/22 23:15:30 | 00,035,840 | ---- | C] () -- C:\Users\Desktop\Desktop\Thermo.doc [2009/10/22 23:15:24 | 00,034,304 | ---- | C] () -- C:\Users\Desktop\Desktop\Lewis.doc [2009/10/22 22:05:49 | 00,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys [2009/10/22 21:51:09 | 00,001,803 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk [2009/10/21 17:14:19 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2009/10/20 23:20:09 | 00,001,840 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI3C6B.txt [2009/10/20 23:20:04 | 00,012,862 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI3C6B.txt [2009/10/19 20:58:52 | 00,001,698 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 20:58:51 | 00,001,684 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job [2009/10/19 19:25:15 | 00,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe [2009/10/19 19:22:57 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat [2009/10/18 23:23:57 | 00,000,164 | ---- | C] () -- C:\install.dat [2009/10/18 21:43:33 | 00,000,680 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat [2009/10/12 11:36:22 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/01 23:15:42 | 00,231,562 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924MSI6C8A.txt [2009/10/01 23:15:41 | 00,014,524 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924UI6C8A.txt [2009/10/01 23:15:11 | 00,557,508 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6C25.txt [2009/10/01 23:15:10 | 00,014,540 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6C25.txt [2009/10/01 23:14:50 | 00,541,238 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6BD6.txt [2009/10/01 23:14:46 | 00,014,492 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6BD6.txt [2009/09/23 12:09:15 | 00,704,282 | ---- | C] () -- C:\Program Files (x86)\unins000.exe [2009/09/23 12:09:15 | 00,018,052 | ---- | C] () -- C:\Program Files (x86)\unins000.dat [2009/09/18 12:18:50 | 00,000,612 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/08/15 09:27:07 | 00,016,384 | ---- | C] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/12 14:35:43 | 00,001,377 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys [2009/08/12 14:35:41 | 00,048,640 | ---- | C] () -- C:\Windows\mmfs.dll [2009/08/11 18:59:20 | 00,000,133 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\default.pls [2009/08/10 09:22:01 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009/08/09 23:15:35 | 00,000,034 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.log [2009/08/09 23:14:51 | 00,099,384 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\inst.exe [2009/08/09 23:14:51 | 00,007,859 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.cat [2009/08/09 23:14:51 | 00,001,167 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.inf [2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009/08/06 13:06:48 | 00,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2009/08/06 13:02:40 | 00,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll [2009/08/06 13:02:22 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll [2009/08/03 18:57:18 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009/08/03 16:03:41 | 00,598,240 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI2007.txt [2009/08/03 16:03:39 | 00,020,488 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI2007.txt [2009/08/03 15:22:47 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/08/03 15:22:28 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/08/03 14:50:59 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2009/08/03 14:39:34 | 00,000,327 | ---- | C] () -- C:\Windows\RefreshLock.ini [2009/08/03 10:30:45 | 00,000,000 | ---- | C] () -- C:\Windows\LCDMedia.INI [2009/08/02 22:36:17 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL [2009/08/02 22:35:19 | 00,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll [2009/08/02 22:33:44 | 00,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI [2009/08/02 22:28:02 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2009/08/02 22:28:02 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2009/08/02 22:28:00 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2009/08/02 22:28:00 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2009/08/02 22:19:34 | 00,000,989 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini [2009/08/02 22:19:34 | 00,000,928 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini [2009/08/02 22:19:12 | 00,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009/08/02 22:19:11 | 00,127,488 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009/08/02 21:03:00 | 00,041,125 | ---- | C] () -- C:\Windows\Ascd_log.ini [2009/08/02 21:02:40 | 00,034,721 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009/08/02 21:02:40 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2009/08/02 21:00:48 | 00,051,960 | ---- | C] () -- C:\Users\Desktop\AppData\Local\GDIPFONTCACHEV1.DAT [2009/08/02 21:00:30 | 00,000,732 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat [2009/06/02 18:11:16 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009/05/29 16:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009/05/29 16:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009/04/21 18:26:56 | 00,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll [2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008/09/12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2007/09/04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2007/02/05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 05:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini ========== LOP Check ========== |
23-Oct-2009, 11:45 PM
#29 | ||||||
| [2009/10/19 00:28:44 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming [2009/08/06 20:00:07 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Ahead [2009/10/17 08:55:20 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional [2009/08/03 07:49:43 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ATI [2009/10/07 20:09:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Canon [2009/08/09 09:55:53 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DAEMON Tools Lite [2009/08/05 09:54:51 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Download Manager [2009/08/07 19:11:21 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DzSoft [2009/10/16 10:26:09 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ICQ [2009/09/23 11:36:52 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IGN_DLM [2009/08/03 15:46:02 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IObit [2006/11/02 08:06:33 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Media Center Programs [2009/08/12 13:34:34 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\NewSoft [2009/08/09 08:42:28 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\RegRun [2009/08/02 22:33:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ScanSoft [2009/08/06 08:28:22 | 00,000,000 | RH-D | M] -- C:\Users\Desktop\AppData\Roaming\SecuROM [2009/09/10 08:30:29 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\teamspeak2 [2009/10/22 19:07:25 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\uTorrent [2009/08/09 18:28:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\VistaCodecs [2009/08/09 23:15:35 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Vso [2009/09/22 10:04:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Wargaming.Net [2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2009/10/23 18:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009/10/22 22:03:28 | 00,019,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job [2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job ========== Purity Check ========== ========== Custom Scans ========== < Code: > < --------- > <  rocesses >< > < :OTL > < FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" > < FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" > < O4 - HKLM..\Run: [] File not found > < O4 - HKCU..\Run: [AdobeBridge] File not found > < O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun > < O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation) > < > < :Services > < > < :Reg > < > < :Files > < C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini > [2009/09/03 15:01:18 | 00,016,384 | ---- | M] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1 C:\Users\Desktop\AppData\Local\*.tmp files] < > < :Commands > < [purity] > < [emptytemp] > < [resethosts] > < [Reboot] > ========== Alternate Data Streams ========== @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report > |
24-Oct-2009, 12:12 AM
#30 | ||||||
| Hello miller330i, Doesn't look like that OTL script ran. Let's try again. Tell me if you are not sure about anything. Please run OTL.exe
__________________ Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much. |
|
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
| You Are Using:  |
Advertisements do not imply our endorsement of that product or service. All times are GMT -4. The time now is 05:21 PM. Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved. |  |
Facebook
Twitter
TechGuy.tv
TSG Mobile