-
Part Two
DRV - [2009/02/09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/02/09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/06 07:01:28 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/02/25 13:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/01/18 22:52:52 | 000,077,696 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2005/08/02 17:35:00 | 003,198,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/11/03 14:14:26 | 000,267,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012) Service for AC'97 Sample Driver (WDM)
DRV - [2002/08/29 13:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql1280.sys -- (ql1280)
DRV - [2002/08/29 13:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql12160.sys -- (ql12160)
DRV - [2002/08/29 13:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql1080.sys -- (ql1080)
DRV - [2002/08/29 13:00:00 | 000,038,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2002/08/29 13:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ultra.sys -- (ultra)
DRV - [2002/08/29 13:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2002/08/29 13:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2002/08/29 13:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2002/08/29 13:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\asc.sys -- (asc)
DRV - [2002/08/29 13:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sparrow.sys -- (Sparrow)
DRV - [2002/08/29 13:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\mraid35x.sys -- (mraid35x)
DRV - [2002/08/29 13:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\symc810.sys -- (symc810)
DRV - [2002/08/29 13:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\asc3550.sys -- (asc3550)
DRV - [2002/08/29 13:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cmdide.sys -- (CmdIde)
DRV - [2002/08/29 13:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/18 05:58:02 | 000,026,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2001/07/12 15:54:20 | 000,584,304 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2001/07/12 15:52:38 | 000,427,167 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
DRV - [2001/07/12 15:52:10 | 000,310,739 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)
DRV - [2001/07/12 15:49:32 | 000,077,426 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
DRV - [2001/07/12 15:49:10 | 000,534,605 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
DRV - [2001/07/03 19:42:30 | 000,017,776 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cnxtdiag.sys -- (Cnxtdiag)
DRV - [2001/06/14 20:37:38 | 000,127,405 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
DRV - [2001/06/14 20:36:52 | 000,216,987 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
DRV - [2001/06/14 20:35:50 | 000,056,639 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
DRV - [2001/06/14 20:33:04 | 000,067,622 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/08/02 08:54:13 | 000,000,000 | ---D | M]
[2009/02/27 16:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2009/02/27 16:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\[email protected]
[2009/08/30 20:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\extensions
[2009/08/30 20:30:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
O1 HOSTS File: ([2010/08/02 12:54:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: //@signup.mar@/ ([]money in My Computer)
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
-
Part Three
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/03/27 08:40:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - lvcodec2.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
Unable to start service RpcSs!
========== Files/Folders - Created Within 90 Days ==========
[2102/01/04 03:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2102/01/04 02:10:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2102/01/03 14:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2102/01/02 02:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2102/01/02 02:33:46 | 000,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2102/01/02 02:33:45 | 000,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2102/01/02 02:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2102/01/02 02:33:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2102/01/01 15:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2102/01/01 15:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
[2102/01/01 15:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2102/01/01 15:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/08/02 17:29:14 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/07/25 11:44:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/19 15:05:14 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2010/07/19 15:05:05 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys
[2010/07/19 15:05:05 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/07/19 15:04:52 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/07/19 15:04:52 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/07/19 15:04:52 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/07/19 15:04:45 | 000,272,896 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/07/19 15:04:02 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys
[2010/07/19 15:04:02 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/07/19 15:01:54 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/07/19 15:01:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2010/07/19 15:01:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/07/19 13:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts
[2010/07/18 15:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/18 15:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/06/28 10:02:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2010/06/25 17:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Gran Diccionario Oxford
[2010/06/24 18:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
[2010/06/19 11:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\WorldUnlock Codes Calculator
[2010/06/03 06:53:36 | 000,453,164 | ---- | C] ( ) -- C:\Documents and Settings\User\Desktop\btv.exe
[2010/05/22 17:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2010/05/22 11:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/05/22 11:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2006/12/12 11:59:08 | 000,184,320 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.MSXML2.dll
[1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/08/02 17:33:48 | 000,000,302 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to New Text Document.lnk
[2010/08/02 17:29:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/08/02 17:26:44 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\User\Application Data\AtomicAlarmClock.ini
[2010/08/02 17:23:13 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/02 17:21:43 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\User\ntuser.dat
[2010/08/02 17:19:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/02 17:19:16 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/02 13:39:32 | 000,000,180 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/08/02 12:54:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/02 12:54:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/02 12:48:09 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010/07/30 14:35:11 | 000,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/27 04:45:35 | 000,294,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/25 14:13:13 | 000,089,261 | ---- | M] () -- C:\ComboFix.zip
[2010/07/25 11:44:10 | 000,000,264 | RHS- | M] () -- C:\boot.ini
[2010/07/25 08:40:05 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to ComboFix.zip.lnk
[2010/07/19 16:12:51 | 000,000,018 | ---- | M] () -- C:\SYSREST
[2010/07/19 06:38:34 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/07/17 18:58:10 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/13 03:34:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\FOXIT_PDF
[2010/07/12 18:37:23 | 000,044,780 | ---- | M] () -- C:\Documents and Settings\User\Application Data\wklnhst.dat
[2010/07/06 19:50:11 | 000,353,396 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Scooter Insurance.xps
[2010/07/05 15:19:05 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to Internet.lnk
[2010/06/24 21:38:18 | 000,017,659 | ---- | M] (TopLang Software) -- C:\WINDOWS\System32\drivers\InetLock.sys
[2010/06/24 18:33:53 | 000,000,163 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/06/22 18:26:00 | 002,801,748 | ---- | M] () -- C:\Documents and Settings\User\Desktop\British TV.exe
[2010/05/31 15:35:36 | 000,153,600 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/25 07:13:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/15 11:20:38 | 000,075,088 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/09 02:05:25 | 000,095,172 | ---- | M] () -- C:\Documents and Settings\User\Desktop\_=Demonoid.com=_-TV_UFO_Series_(1970)_1348087.9036.torrent
[1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/02 17:33:48 | 000,000,302 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to New Text Document.lnk
[2010/07/26 18:02:11 | 1341,706,240 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/25 14:13:13 | 000,089,261 | ---- | C] () -- C:\ComboFix.zip
[2010/07/25 11:44:10 | 000,000,193 | ---- | C] () -- C:\Boot.bak
[2010/07/25 11:44:07 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/25 08:40:05 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to ComboFix.zip.lnk
[2010/07/19 16:12:51 | 000,000,018 | ---- | C] () -- C:\SYSREST
[2010/07/19 15:05:46 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/07/19 15:05:46 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2010/07/19 15:05:44 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2010/07/19 15:05:39 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/07/19 15:05:35 | 000,032,674 | ---- | C] () -- C:\WINDOWS\System32\winhelp.hlp
[2010/07/19 15:05:35 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2010/07/19 15:05:33 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2010/07/19 15:05:32 | 001,325,568 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2010/07/19 15:05:32 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2010/07/19 15:05:31 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2010/07/19 15:05:31 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2010/07/19 15:05:31 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2010/07/19 15:05:31 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2010/07/19 15:05:30 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2010/07/19 15:05:30 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2010/07/19 15:05:30 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2010/07/19 15:05:20 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2010/07/19 15:05:20 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/07/19 15:05:18 | 000,089,588 | ---- | C] () -- C:\WINDOWS\System32\unicode.nls
[2010/07/19 15:05:16 | 000,262,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2010/07/19 15:05:16 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2010/07/19 15:05:11 | 000,352,020 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2010/07/19 15:05:11 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2010/07/19 15:05:10 | 000,379,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2010/07/19 15:05:10 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2010/07/19 15:05:10 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2010/07/19 15:05:08 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/07/19 15:05:08 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2010/07/19 15:05:07 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/07/19 15:05:06 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2010/07/19 15:05:00 | 000,262,148 | ---- | C] () -- C:\WINDOWS\System32\sortkey.nls
[2010/07/19 15:05:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2010/07/19 15:05:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2010/07/19 15:04:58 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/07/19 15:04:56 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2010/07/19 15:04:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2010/07/19 15:04:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2010/07/19 15:04:55 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2010/07/19 15:04:55 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2010/07/19 15:04:54 | 000,218,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2010/07/19 15:04:52 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/07/19 15:04:52 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/07/19 15:04:51 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2010/07/19 15:04:49 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
-
Part Four
[2010/07/19 15:04:49 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2010/07/19 15:04:48 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/07/19 15:04:47 | 001,142,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010/07/19 15:04:46 | 000,734,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010/07/19 15:04:46 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2010/07/19 15:04:46 | 000,357,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2010/07/19 15:04:46 | 000,266,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2010/07/19 15:04:46 | 000,184,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2010/07/19 15:04:46 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2010/07/19 15:04:46 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2010/07/19 15:04:46 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2010/07/19 15:04:39 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/07/19 15:04:39 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2010/07/19 15:04:39 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/07/19 15:04:38 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2010/07/19 15:04:35 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/07/19 15:04:35 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2010/07/19 15:04:35 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2010/07/19 15:04:35 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/07/19 15:04:35 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2010/07/19 15:04:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/07/19 15:04:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2010/07/19 15:04:29 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010/07/19 15:04:29 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2010/07/19 15:04:26 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2010/07/19 15:04:26 | 000,035,632 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio411.sys
[2010/07/19 15:04:26 | 000,035,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio412.sys
[2010/07/19 15:04:26 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio804.sys
[2010/07/19 15:04:26 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio404.sys
[2010/07/19 15:04:26 | 000,033,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio.sys
[2010/07/19 15:04:26 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2010/07/19 15:04:26 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2010/07/19 15:04:25 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2010/07/19 15:04:25 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2010/07/19 15:04:25 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2010/07/19 15:04:25 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2010/07/19 15:04:25 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2010/07/19 15:04:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/07/19 15:04:24 | 000,342,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/07/19 15:04:23 | 002,049,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/07/19 15:04:23 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2010/07/19 15:04:23 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2010/07/19 15:04:23 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2010/07/19 15:04:23 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2010/07/19 15:04:23 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2010/07/19 15:04:23 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2010/07/19 15:04:23 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2010/07/19 15:04:23 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2010/07/19 15:04:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/07/19 15:04:23 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2010/07/19 15:04:22 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/07/19 15:04:18 | 000,102,446 | ---- | C] () -- C:\WINDOWS\System32\net.hlp
[2010/07/19 15:04:18 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/07/19 15:04:13 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/07/19 15:04:09 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2010/07/19 15:04:09 | 000,010,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/07/19 15:04:08 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/07/19 15:04:08 | 000,182,198 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2010/07/19 15:04:05 | 000,842,268 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2010/07/19 15:04:05 | 000,842,268 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2010/07/19 15:04:05 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2010/07/19 15:04:05 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2010/07/19 15:04:04 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2010/07/19 15:04:04 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2010/07/19 15:04:02 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/07/19 15:03:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/07/19 15:03:58 | 000,305,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2010/07/19 15:03:58 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/07/19 15:03:56 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2010/07/19 15:03:56 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2010/07/19 15:03:54 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/07/19 15:03:54 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010/07/19 15:03:53 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/07/19 15:03:53 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2010/07/19 15:03:53 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\l_intl.nls
[2010/07/19 15:03:53 | 000,000,168 | ---- | C] () -- C:\WINDOWS\System32\l_except.nls
[2010/07/19 15:03:52 | 000,209,010 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010/07/19 15:03:52 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2010/07/19 15:03:06 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/07/19 15:03:05 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2010/07/19 15:03:05 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2010/07/19 15:03:04 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2010/07/19 15:03:04 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/07/19 15:03:04 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/07/19 15:03:01 | 000,766,934 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2010/07/19 15:03:00 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/07/19 15:02:59 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/07/19 15:02:58 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/07/19 15:02:57 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2010/07/19 15:02:55 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2010/07/19 15:02:55 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2010/07/19 15:02:53 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2010/07/19 15:02:53 | 000,024,772 | ---- | C] () -- C:\WINDOWS\System32\geo.nls
[2010/07/19 15:02:53 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/07/19 15:02:52 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2010/07/19 15:02:52 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2010/07/19 15:02:52 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2010/07/19 15:02:51 | 000,031,405 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/07/19 15:02:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2010/07/19 15:02:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2010/07/19 15:02:50 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2010/07/19 15:02:49 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2010/07/19 15:02:49 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2010/07/19 15:02:49 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2010/07/19 15:02:48 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2010/07/19 15:02:48 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2010/07/19 15:02:47 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2010/07/19 15:02:47 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2010/07/19 15:02:47 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2010/07/19 15:02:47 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2010/07/19 15:02:47 | 000,010,790 | ---- | C] () -- C:\WINDOWS\System32\edit.hlp
[2010/07/19 15:02:46 | 000,498,205 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2010/07/19 15:02:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/07/19 15:02:45 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2010/07/19 15:02:45 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2010/07/19 15:02:11 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2010/07/19 15:02:11 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dosx.exe
[2010/07/19 15:02:10 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2010/07/19 15:02:09 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2010/07/19 15:02:08 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2010/07/19 15:02:08 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2010/07/19 15:02:08 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2010/07/19 15:02:08 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2010/07/19 15:02:08 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2010/07/19 15:02:07 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_950.nls
[2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_949.nls
[2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_936.nls
[2010/07/19 15:02:06 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_932.nls
[2010/07/19 15:02:06 | 000,139,810 | ---- | C] () -- C:\WINDOWS\System32\c_20261.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_874.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_865.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_863.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_861.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_860.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_850.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_775.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_437.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_500.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28605.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28598.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
-
Part Five
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28593.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28592.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28591.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21866.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20905.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20866.nls
[2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1258.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1257.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1256.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1255.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1254.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1253.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1252.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1251.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1250.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1026.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10079.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10000.nls
[2010/07/19 15:02:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_037.nls
[2010/07/19 15:02:05 | 000,008,386 | ---- | C] () -- C:\WINDOWS\System32\ctype.nls
[2010/07/19 15:02:04 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2010/07/19 15:02:02 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2010/07/19 15:01:58 | 000,238,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2010/07/19 15:01:58 | 000,050,620 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2010/07/19 15:01:57 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2010/07/19 15:01:57 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2010/07/19 15:01:57 | 000,061,172 | ---- | C] () -- C:\WINDOWS\System32\cmmgr32.hlp
[2010/07/19 15:01:57 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2010/07/19 15:01:56 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2010/07/19 15:01:55 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2010/07/19 15:01:55 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2010/07/19 15:01:52 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2010/07/19 15:01:52 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/07/19 15:01:52 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2010/07/19 15:01:43 | 000,203,454 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/07/19 15:01:43 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2010/07/19 15:01:43 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2010/07/19 15:01:43 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2010/07/19 15:01:42 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010/07/19 15:01:40 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2010/07/19 15:01:40 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2010/07/19 15:01:40 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2010/07/19 15:01:40 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2010/07/07 06:55:10 | 000,168,792 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/07 06:34:11 | 000,353,396 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Scooter Insurance.xps
[2010/07/05 15:19:04 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to Internet.lnk
[2010/06/24 18:12:05 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\User\Application Data\AtomicAlarmClock.ini
[2010/06/22 08:13:56 | 002,801,748 | ---- | C] () -- C:\Documents and Settings\User\Desktop\British TV.exe
[2010/05/09 02:05:24 | 000,095,172 | ---- | C] () -- C:\Documents and Settings\User\Desktop\_=Demonoid.com=_-TV_UFO_Series_(1970)_1348087.9036.torrent
[2010/03/21 20:34:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/03/20 15:48:55 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/11/22 10:42:46 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/08/06 14:40:07 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2009/08/05 21:25:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RingtoneMaker.INI
[2009/08/05 21:14:22 | 000,002,770 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/04/16 16:00:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\hlinkprx.dll
[2009/04/16 16:00:47 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2009/03/31 16:52:02 | 000,000,512 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2008/12/28 13:12:14 | 000,001,431 | ---- | C] () -- C:\WINDOWS\QfnOnl.ini
[2008/12/28 13:12:14 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2008/12/28 13:12:11 | 000,000,326 | ---- | C] () -- C:\WINDOWS\QDQICK.INI
[2008/12/18 07:46:57 | 000,000,784 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/12/06 17:18:00 | 000,000,163 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/11/22 11:51:51 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/21 22:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 22:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 22:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 22:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/11/21 14:58:05 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/11/21 09:56:37 | 000,000,477 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/18 14:55:12 | 000,000,163 | ---- | C] () -- C:\WINDOWS\bi_group.ini
[2008/11/18 14:33:53 | 000,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2008/11/18 13:34:32 | 000,000,033 | ---- | C] () -- C:\WINDOWS\BiMonitor.ini
[2008/11/18 13:34:31 | 000,030,846 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008/05/29 14:16:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGCtrlEx.dll
[2008/05/29 14:16:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SageFolderBrowser.dll
[2008/05/29 14:16:30 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL
[2008/05/29 14:16:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGSTAT32.DLL
[2008/05/29 14:16:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGLOGO32.DLL
[2008/05/29 14:16:24 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\SGJPEG32.dll
[2008/05/29 14:16:20 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL
[2008/05/29 14:16:14 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\SGList32.dll
[2008/05/29 14:16:10 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\SGTool32.dll
[2008/05/29 14:16:06 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGIntl32.dll
[2008/05/29 14:16:04 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHelp32.dll
[2008/05/29 14:16:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDt32.dll
-
Part Six
[2008/05/29 14:16:02 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAPPBAR.DLL
[2008/05/29 14:16:00 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeXml.dll
[2008/05/29 14:16:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL
[2008/05/29 14:15:52 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeXP.dll
[2008/05/29 14:15:50 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeDefault.dll
[2008/05/29 14:15:46 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeManager.dll
[2008/05/29 14:15:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SGCom32.dll
[2008/05/29 14:15:08 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGSTDREG.dll
[2008/05/29 14:15:06 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SGRegister.dll
[2008/05/29 14:15:04 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SGWebBrowser.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/05/24 11:30:34 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\SgEData.dll
[2006/11/01 17:41:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL
[2006/11/01 17:41:16 | 001,712,128 | ---- | C] () -- C:\WINDOWS\System32\SGRep32.dll
[2006/09/28 19:55:50 | 000,077,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\WudfPf.sys
[2005/09/07 13:00:44 | 000,257,536 | ---- | C] () -- C:\WINDOWS\System32\BiImg.dll
[2005/09/07 13:00:44 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JPEG32.DLL
[2005/08/02 17:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/08/02 17:35:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/08/02 17:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/08/02 17:35:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/08/02 17:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/08/02 17:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/09/14 11:16:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ClassXps.dll
[2004/09/14 11:16:00 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ClassX.dll
[2003/03/27 09:50:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/03/27 07:28:14 | 000,001,610 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/02/19 02:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002/04/16 12:27:54 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\CdI5T.drv
[1998/03/26 02:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SgHmZLib.dll
[1997/11/17 17:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1996/04/10 01:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
========== LOP Check ==========
[2008/11/18 13:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/06/15 03:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/03/20 16:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/08/29 17:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2009/08/02 08:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/08/02 09:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/03/30 19:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PurePlay
[2009/05/23 06:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage
[2008/12/28 13:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2002/01/01 00:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/02 07:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/03/20 15:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/11/18 13:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2009/11/19 11:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/07/31 19:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2010/03/21 15:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Epson
[2009/12/29 16:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ethereal
[2009/06/04 16:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ImTOO Software Studio
[2009/05/17 01:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\LimeWire
[2009/10/09 16:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nokia
[2008/11/18 13:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org
[2009/08/02 09:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PC Suite
[2009/08/29 20:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Reg Tool
[2008/11/21 15:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ScanSoft
[2008/11/24 06:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Template
[2010/02/02 07:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Trusteer
[2010/02/21 10:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ultima Website
[2009/05/15 18:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2008/12/14 16:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Vso
[2010/05/04 09:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2010/05/04 09:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
[2008/11/18 13:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Zeon
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2003/03/27 08:40:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2003/03/27 09:50:12 | 000,000,193 | ---- | M] () -- C:\Boot.bak
[2010/07/25 11:44:10 | 000,000,264 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/08/02 13:07:04 | 000,012,638 | ---- | M] () -- C:\ComboFix.txt
[2010/07/25 14:13:13 | 000,089,261 | ---- | M] () -- C:\ComboFix.zip
[2003/03/27 08:40:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/14 16:06:59 | 000,015,373 | ---- | M] () -- C:\debug.log
[2009/01/19 17:46:07 | 000,001,419 | ---- | M] () -- C:\fminst.log
[2010/08/02 17:19:16 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/20 11:44:48 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml
[2003/03/27 08:40:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/06/22 21:06:02 | 000,006,079 | ---- | M] () -- C:\JavaRa.log
[2003/03/27 09:38:19 | 000,000,021 | ---- | M] () -- C:\LOCAL
[2003/03/27 09:38:19 | 000,000,021 | ---- | M] () -- C:\MINI
[2003/03/27 08:40:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2002/08/29 20:00:00 | 000,047,580 | RHS- | M] () -- C:\NTDETECT.COM
[2002/08/29 20:00:00 | 000,233,632 | RHS- | M] () -- C:\ntldr
[2010/08/02 17:19:12 | 2013,265,920 | -HS- | M] () -- C:\pagefile.sys
[2010/07/20 20:31:16 | 000,000,394 | ---- | M] () -- C:\rkill.log
[2008/12/18 05:26:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/16 08:10:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/01/17 22:12:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/02/15 17:09:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/02/16 07:01:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/03/04 20:08:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/03/19 07:36:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/03/19 16:31:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/04/03 05:57:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/04/03 06:29:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/04/03 12:48:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/04/04 14:01:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2008/12/18 05:26:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/16 08:10:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/01/17 22:12:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/02/15 17:09:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/02/16 07:01:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/03/04 20:08:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/03/19 07:36:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/03/19 16:31:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/04/03 05:57:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/04/03 06:29:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/04/03 12:48:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/04/04 14:01:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/07/19 16:12:51 | 000,000,018 | ---- | M] () -- C:\SYSREST
[2009/07/07 09:42:00 | 000,000,216 | ---- | M] () -- C:\temp.txt
[2003/03/27 18:02:31 | 000,000,008 | ---- | M] () -- C:\USER
[2003/03/27 18:02:31 | 000,181,592 | ---- | M] () -- C:\XP.DAT
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2005/09/07 13:00:48 | 000,015,016 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BiCProNT.dll
[2005/09/07 13:00:48 | 000,015,016 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BiMProNT.dll
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2003/03/27 00:31:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/03/27 00:31:42 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/03/27 00:31:42 | 000,368,640 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2002/08/29 13:00:00 | 000,560,128 | ---- | M] (Microsoft Corporation) MD5=DD9269230C21EE8FB7FD3FCCC3B1CFCB -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2002/08/29 13:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2002/08/29 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=235C7EF9AEDDE76801169DC61FA72DEF -- C:\WINDOWS\system32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-13 08:15:51
========== Alternate Data Streams ==========
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\User\My Documents\Terms Of Engagement.pdf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\User\My Documents\Handicaps.doc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\User\My Documents\Kenny.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\User\My Documents\Burton.pdf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\User\My Documents\aig.pdf:KAVICHS
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\User\My Documents\Cannabis.Grow.Bible.pdf:KAVICHS
< End of report >
-
OTL Extras logfile created on: 02/08/2010 17:35:14 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.23 Gb Total Space | 2.11 Gb Free Space | 5.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.62% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FAMILY
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\PFPortChecker\PFPortChecker.exe" = C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded. -- (portforward.com)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
-
color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004F0409-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 SR-1 Runtime
"{02E73E50-6513-4802-8600-B5A5BA185BE3}" = ScanSoft PaperPort 11
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{10B789D7-A205-4DFB-8197-563050FCE887}" = QBFC2CA
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E4AC9C-9E05-47D5-B7EB-A9FC1D762A7B}" = Quake Live Internet Explorer Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 14
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{57FEDDC5-376D-44CE-9A18-696A99CF0CFB}" = Ultrasoft MoneyLink
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{795F2EA4-9798-4BA5-B31A-C8F41A124FC8}" = QBFC2
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD1D8B40-F83C-41CA-BA08-9DB8D1653316}" = ScanSoft PDF Create! 3.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CA8AC9B9-AEEA-4078-9B34-5E7A160E6861}" = Free Grids for Word 2007
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB6BD5D5-8482-45C0-99CF-745C5B924497}" = WOT for Internet Explorer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED19FDBF-21F0-48EC-92AB-818BB1A600DB}" = COMODO System-Cleaner
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 5.9
"Belltech Business Card Designer Pro 4.0_is1" = Belltech Business Card Designer Pro 4.0
"CCleaner" = CCleaner (remove only)
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_8D8B155D" = Conexant SoftK56 Modem(M)
"ComandoDeinstKey" = Commando
"COMODO Internet Security" = COMODO Internet Security
"CoralPoker" = CoralPoker (remove only)
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX110_TX110 User’s Guide" = Epson Stylus SX110_TX110 Manual
"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"Fax Machine_is1" = Fax Machine 4.22
"Foxit Reader" = Foxit Reader
"GENEUIDE" = USB Storage Driver
"Gran Diccionario Oxford" = Gran Diccionario Oxford
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero8Lite_is1" = Nero 8 Lite
"NHEEstimator" = NHEEstimator
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PFPortChecker" = PFPortChecker 1.0.32
"PunkBusterSvc" = PunkBuster Services
"Rapport_msi" = Rapport
"SopCast" = SopCast 3.0.3
"Total Access Memo 2000" = Total Access Memo 2000
"Ultima Website_is1" = Ultima Website 1.5
"VLC media player" = VLC media player 1.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WorldUnlock Codes Calculator" = WorldUnlock Codes Calculator
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
-
[
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01/08/2010 18:39:16 | Computer Name = FAMILY | Source = Perflib | ID = 2002
Description = The open procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.
Error - 01/08/2010 18:44:28 | Computer Name = FAMILY | Source = WmiAdapter | ID = 4099
Description = Open of service failed.
Error - 01/08/2010 18:50:45 | Computer Name = FAMILY | Source = Perflib | ID = 2002
Description = The open procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.
Error - 02/08/2010 06:36:26 | Computer Name = FAMILY | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 02/08/2010 06:40:06 | Computer Name = FAMILY | Source = WmiAdapter | ID = 4099
Description = Open of service failed.
Error - 02/08/2010 07:54:24 | Computer Name = FAMILY | Source = Perflib | ID = 2002
Description = The open procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.
Error - 02/08/2010 07:59:05 | Computer Name = FAMILY | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 02/08/2010 07:59:44 | Computer Name = FAMILY | Source = WmiAdapter | ID = 4099
Description = Open of service failed.
Error - 02/08/2010 12:23:20 | Computer Name = FAMILY | Source = Perflib | ID = 2002
Description = The open procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.
Error - 02/08/2010 12:26:44 | Computer Name = FAMILY | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
[ ODiag Events ]
Error - 19/07/2010 08:17:31 | Computer Name = FAMILY | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kd0. Error code: 800706BA
Error - 30/07/2010 09:52:35 | Computer Name = FAMILY | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kd0. Error code: 800706BA
[ OSession Events ]
Error - 01/01/2102 04:15:52 | Computer Name = USER-C7FB1F275E | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08/07/2009 14:18:13 | Computer Name = USER-C7FB1F275E | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10/12/2009 02:11:50 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21/01/2010 01:51:50 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29/03/2010 06:10:10 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16/05/2010 04:13:22 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14/06/2010 20:27:54 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19/07/2010 08:17:30 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30/07/2010 09:52:34 | Computer Name = FAMILY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26/07/2010 16:52:10 | Computer Name = FAMILY | Source = NIC1394 | ID = 5002
Description = 1394 Net Adapter #3 : Has determined that the adapter is not functioning
properly.
Error - 26/07/2010 21:26:06 | Computer Name = FAMILY | Source = NIC1394 | ID = 5002
Description = 1394 Net Adapter #3 : Has determined that the adapter is not functioning
properly.
Error - 26/07/2010 22:58:41 | Computer Name = FAMILY | Source = NIC1394 | ID = 5002
Description = 1394 Net Adapter #3 : Has determined that the adapter is not functioning
properly.
Error - 31/07/2010 14:01:29 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 31/07/2010 16:27:37 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 01/08/2010 05:59:55 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 01/08/2010 18:45:30 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 02/08/2010 06:39:43 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 02/08/2010 08:13:27 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
Error - 02/08/2010 12:29:06 | Computer Name = FAMILY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
SHAZZY-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{8E825BF4-22A0-45C0. The master browser is stopping or an election is
being forced.
< End of report >
-
Before I review your logs, let try couple of fixes to see, if we can repair some of your problems.
Taskbar missing: http://www.kellys-korner-xp.com/taskbarplus!.htm
Copy/paste/drag: http://discussions.virtualdr.com/sho...89#post1245589
Internet....
Make sure, your computer is set to obtain IP address automatically.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol (TCP/IP), make sure it is checked, and then click Properties
6. Click Obtain an IP Address Automatically, and then click OK.
If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.
If that doesn't work, bypass router, and connect computer straight to the modem.
If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).
In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"
Restart computer.
If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).
At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.
Restart computer.
If that doesn't work...
Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/N...nSockFix.shtml (doesn't work in Vista)
Restart computer, and check again.
If that doesn't work...
Download Dial-A-Fix (DAF) (doesn't work in Vista):
http://wiki.lunarsoft.net/wiki/Dial-...C_and_articles
Have XP CD available in case DAF needs a file. Likely not!
Check all boxes on the screen (clear any restrictions if it shows any)
Then click GO!
When the entire page is finished click the HammerHead at bottom to go to the second DAF page.
Here, one at a time, do the below:
Reinstall BITS
Reinstall Windows Firewall
Repair Permissions
Reset networking
Watch for any File not found or other errors and make note as this may lead to the fix!
Restart computer.
-
Broni
Sorry been away so have not been able to post
I first tried the fix for the missing toolbar but all i got was
Run time error '-2147217387 (80041015)': Automation Error
Have not tried the copy paste drag fix as of yet
Regarding the internet i have tried all the fixes twice but none have worked
The internet did start up once but when i clicked back on the internet icon again it did not start
When i tried ipconfig /renew i got unable to contact DHCP Server reuest has timed out
When i start the infected computer up every time i receive the message
The procedure entry point SHREG GET VALUEW could not be located in the Dynamic link libary SHLWAPI.dll.
I tried running dial afix but it gets half way through and stops
Also got errors such as
the procedure entry point decodepointer could not be located in the dynamic library KERNEL32.dll
-
Also got this error
Error 127: C:\WINDOWS\system32\qmgr.dll is not unregisterable or the file is corrupted. Your version of qmgr.dll is: 6.2.2600.1106.
-
Go Start>Run ("Start Search" in Vista/7), type in:
sfc /scannow
Click OK (hold CTRL, and SHIFT, hit Enter in Vista/7).
Have Windows CD/DVD handy (with Vista/7, most likely, you won't need it).
If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista/7 case).
