Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows police Pro + Rootkit problems


  • This topic is locked This topic is locked
34 replies to this topic

#1 magusdark

magusdark

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 22 September 2009 - 12:21 PM

I am having some Virus troubles, which have been getting increasingly bad- I started off with Windos Police Pro, which I thought I had got rid of, but it seems not- and now I have these rootkit viruses too which are disabling my ability to run any malware/virus software. I have had this weird error box pop up every time Windows loads, unreadable garbled symbols mainly, which vanishes when you click ok- not sure if this is at all related? Though I'd mention it


DDS (Ver_09-07-30.01) - NTFSx86
Run by Robbie at 18:01:02.53 on 22/09/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.364 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! antivirus 4.8.1351 [VPS 090921-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Robbie\Local Settings\Temporary Internet Files\Content.IE5\MTSOK37R\dds[1].pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk
mStart Page = hxxp://www.google.co.uk
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\WidgiToolbarIE.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Wireless Manager] "c:\program files\virgin broadband wireless\Wireless Manager.exe" startup
mRun: [tsnp325] c:\windows\tsnp325.exe
mRun: [snp325] c:\windows\vsnp325.exe
mRun: [SearchSettings] c:\program files\pdfforge toolbar\SearchSettings.exe
mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [H2O] "c:\program files\syncrosoft\pos\h2o\cledx.exe"
mRun: [BJCFD] "c:\program files\broadjump\client foundation\CFD.exe"
mRun: [bacstray] c:\program files\broadcom\bacs\\BacsTray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www.freerealms.com/gamedata/FreeRealmsInstaller.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1}
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 IABFilt;Iomega Snapshot Volume Filter;c:\windows\system32\drivers\IABFilt.sys [2006-4-19 25344]
R1 atitray;atitray;c:\program files\ray adams\ati tray tools\atitray.sys [2007-5-22 18088]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-29 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-6-29 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-6-29 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-8-5 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-8-5 74480]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-4 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-4 297752]
R2 PARPEPPY;PARPEPPY;c:\windows\system32\PARPEPPY.SYS [1998-9-30 10256]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2006-5-7 33792]
S1 aswSP;avast! Self Protection; [x]
S1 SAVRKBootTasks;Boot Tasks Driver;\??\c:\windows\system32\savrkboottasks.sys --> c:\windows\system32\SAVRKBootTasks.sys [?]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswfsblk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?]
S2 avast! Antivirus;avast! Antivirus;"c:\program files\alwil software\avast4\ashserv.exe" --> c:\program files\alwil software\avast4\ashServ.exe [?]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\nsdriver.sys --> c:\windows\system32\drivers\NSDriver.sys [?]
S3 avast! Mail Scanner;avast! Mail Scanner;"c:\program files\alwil software\avast4\ashmaisv.exe" /service --> c:\program files\alwil software\avast4\ashMaiSv.exe [?]
S3 avast! Web Scanner;avast! Web Scanner;"c:\program files\alwil software\avast4\ashwebsv.exe" /service --> c:\program files\alwil software\avast4\ashWebSv.exe [?]
S3 filter;filter;c:\windows\system32\drivers\filter.sys --> c:\windows\system32\drivers\filter.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-6-14 13224]
S3 iatmunin;iatmunin; [x]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [2005-5-11 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [2005-5-11 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [2005-5-11 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [2005-5-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [2005-5-11 77072]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1.tmp --> c:\windows\system32\1.tmp [?]
S3 Partizan;Partizan;c:\windows\system32\drivers\partizan.sys --> c:\windows\system32\drivers\Partizan.sys [?]
S3 RegGuard;RegGuard;\??\c:\windows\system32\drivers\regguard.sys --> c:\windows\system32\drivers\regguard.sys [?]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2009-6-13 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2009-6-13 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2009-6-13 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2009-6-13 108200]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2009-6-13 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2009-6-13 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2009-6-13 109736]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-8-5 7408]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [2007-8-23 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [2007-8-23 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [2007-8-23 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [2007-8-23 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [2007-8-23 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [2007-8-23 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [2007-8-23 90800]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2007-10-27 10253056]

=============== Created Last 30 ================

2009-09-22 17:25 <DIR> a-dshr-- C:\cmdcons
2009-09-22 17:23 229,888 a------- c:\windows\PEV.exe
2009-09-22 17:23 161,792 a------- c:\windows\SWREG.exe
2009-09-22 17:23 98,816 a------- c:\windows\sed.exe
2009-09-22 16:54 <DIR> --d----- c:\documents and settings\robbie\Pavark
2009-09-22 16:33 0 a----r-- c:\windows\win32k.sys
2009-09-22 11:43 <DIR> --d----- c:\program files\Sophos
2009-09-22 11:00 <DIR> --d----- c:\program files\UnHackMe
2009-09-21 23:13 1 a------- c:\windows\system32\idm.dat
2009-09-21 23:13 1 a------- c:\windows\system32\c2d.dat
2009-09-21 23:13 1 a------- c:\windows\system32\jc.dat
2009-09-21 17:32 45 a------- c:\windows\system32\ca.dat
2009-09-21 16:26 28,323 a------- c:\windows\system32\glhg
2009-09-21 13:24 <DIR> --d----- C:\spoolerlogs
2009-09-14 14:16 407 a------- c:\windows\system32\tversity.cookies
2009-09-12 10:22 <DIR> --d----- c:\program files\Foxit Software
2009-09-09 21:02 136,172 a------- C:\rk.jpg
2009-09-09 14:33 <DIR> --d----- c:\windows\Recent
2009-09-09 12:15 <DIR> --d----- C:\XPCD
2009-09-09 12:00 <DIR> --d----- C:\UBCD4Win
2009-09-09 11:00 153,088 -------- c:\windows\system32\dllcache\triedit.dll
2009-09-05 15:12 444,701 a------- C:\MOVE%20ON%20UP%20TENOR[1].pdf
2009-08-31 10:31 <DIR> --d----- c:\docume~1\robbie\applic~1\Malwarebytes
2009-08-31 10:27 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-31 10:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

==================== Find3M ====================

2009-09-21 00:10 138,784 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-21 00:10 202,008 a------- c:\windows\system32\PnkBstrB.exe
2009-08-21 08:16 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-21 08:16 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-13 16:16 512,000 a------- c:\windows\system32\dllcache\jscript.dll
2009-08-05 10:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-05 10:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-19 14:33 3,597,824 a------- c:\windows\system32\dllcache\mshtml.dll
2009-07-19 14:32 6,067,200 a------- c:\windows\system32\dllcache\ieframe.dll
2009-07-17 20:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-17 20:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-13 10:08 5,537,792 a------- c:\windows\system32\dllcache\wmp.dll
2009-07-10 14:27 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
2009-07-05 11:40 139,152 a------- c:\docume~1\robbie\applic~1\PnkBstrK.sys
2009-07-05 11:39 794,408 a------- c:\windows\system32\pbsvc.exe
2009-06-29 12:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-06-29 12:07 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-29 09:35 634,632 a------- c:\windows\system32\dllcache\iexplore.exe
2009-06-29 09:33 2,452,872 a------- c:\windows\system32\dllcache\ieapfltr.dat
2009-06-29 09:33 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-06-25 09:25 730,112 a------- c:\windows\system32\lsasrv.dll
2009-06-25 09:25 301,568 a------- c:\windows\system32\kerberos.dll
2009-06-25 09:25 147,456 a------- c:\windows\system32\schannel.dll
2009-06-25 09:25 136,192 a------- c:\windows\system32\msv1_0.dll
2009-06-25 09:25 56,832 a------- c:\windows\system32\secur32.dll
2009-06-25 09:25 54,272 a------- c:\windows\system32\wdigest.dll
2009-06-25 09:25 730,112 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-06-25 09:25 301,568 -------- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 09:25 147,456 -------- c:\windows\system32\dllcache\schannel.dll
2009-06-25 09:25 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll
2009-06-25 09:25 56,832 -------- c:\windows\system32\dllcache\secur32.dll
2009-06-25 09:25 54,272 -------- c:\windows\system32\dllcache\wdigest.dll
2008-01-20 17:12 47,360 a------- c:\docume~1\robbie\applic~1\pcouffin.sys
2008-01-20 17:11 87,608 a------- c:\docume~1\robbie\applic~1\ezpinst.exe
2007-04-20 16:27 812,560 a------- c:\documents and settings\robbie\ppctl.dll
2005-01-18 00:03 174 a------- c:\documents and settings\robbie\favorites.dat
1996-07-24 05:00 44,608 a------- c:\documents and settings\robbie\SETUP.EXE
1996-04-29 09:25 5,984 a------- c:\documents and settings\robbie\_SETUP.DLL
1995-09-07 21:22 8,192 a------- c:\documents and settings\robbie\_ISDEL.EXE
2006-06-21 14:50 12,208 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 18:01:34.56 ===============

I hope I've attached everything and included all that is required, and I am extremely grateful in advance of any help you can give me :(

Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 09 October 2009 - 08:58 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 14 October 2009 - 05:37 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
_temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 16 October 2009 - 07:49 AM

Hi,

topic reopened at the request of magusdark. Please post your OTL logs.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 16 October 2009 - 08:56 AM

OTL logfile created on: 16/10/2009 14:42:01 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Robbie\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 254.07 Mb Available Physical Memory | 24.86% Memory free
2.40 Gb Paging File | 1.40 Gb Available in Paging File | 58.19% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.22 Gb Total Space | 25.04 Gb Free Space | 17.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 698.64 Gb Total Space | 10.43 Gb Free Space | 1.49% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBSON
Current User Name: Robbie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/10/16 14:41:33 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robbie\Desktop\OTL.exe
PRC - [2009/10/06 23:34:47 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/10/06 23:34:46 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/10/04 09:04:53 | 02,023,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/09/15 11:42:42 | 01,998,576 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/08/27 06:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/08/21 08:16:14 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/21 08:16:13 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/21 08:16:10 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/21 08:16:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/21 08:16:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/26 16:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/23 00:47:22 | 01,775,013 | ---- | M] () -- C:\Program Files\TVersity\Media Server\web\admin\TVersity.exe
PRC - [2009/05/23 00:34:34 | 00,851,968 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2008/11/09 12:04:51 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2008/05/26 16:14:56 | 00,143,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
PRC - [2007/05/11 03:09:48 | 01,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe
PRC - [2007/01/25 10:54:02 | 00,154,112 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
PRC - [2006/11/16 19:04:20 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/16 18:58:32 | 00,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/11/03 19:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/10/10 15:49:42 | 00,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2006/10/10 14:11:08 | 00,827,392 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2006/04/18 05:00:00 | 00,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
PRC - [2005/10/23 01:00:00 | 00,385,024 | ---- | M] (Team H2O) -- C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
PRC - [2005/08/04 04:02:57 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2004/08/25 12:52:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2004/02/25 11:55:34 | 01,123,440 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/12/15 13:08:52 | 00,118,784 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\BACS\BacsTray.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (rpcapd [Auto | Stopped])
SRV - [2009/10/06 23:34:46 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/08/21 08:16:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/21 08:16:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/06/02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2009/05/23 00:34:34 | 00,851,968 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2008/11/09 12:04:51 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2008/07/29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 20:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 20:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/05/26 16:14:56 | 00,143,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe -- (AffinegyService [Auto | Running])
SRV - [2008/05/12 10:49:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008/05/02 03:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2008/04/14 01:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
SRV - [2007/05/11 03:09:48 | 01,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe -- (O&O Defrag [Auto | Running])
SRV - [2007/03/12 04:35:02 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Stopped])
SRV - [2006/11/10 19:18:02 | 00,774,144 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2006/11/08 17:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [Auto | Running])
SRV - [2006/04/18 05:00:00 | 00,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01 [Auto | Running])
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005/10/06 18:12:30 | 00,855,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS [On_Demand | Stopped])
SRV - [2005/08/19 12:14:57 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005/08/04 04:02:57 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2004/02/25 11:55:34 | 01,123,440 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009/10/12 17:05:52 | 00,206,256 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Running])
DRV - [2009/09/22 16:25:48 | 00,000,752 | ---- | M] () -- C:\WINDOWS\System32\PARTIZAN.TXT -- (Partizan [On_Demand | Stopped])
DRV - [2009/09/15 11:42:48 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/09/15 11:42:46 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/09/15 11:42:44 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2009/08/21 08:16:14 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/08/21 08:16:14 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/06/14 12:21:21 | 00,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped])
DRV - [2009/06/14 12:21:21 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped])
DRV - [2009/06/02 19:01:55 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2009/02/09 08:37:48 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
DRV - [2009/02/09 08:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2009/02/09 08:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2008/11/04 02:45:46 | 00,109,736 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018unic.sys -- (s1018unic [On_Demand | Stopped])
DRV - [2008/11/04 02:45:46 | 00,108,200 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018mgmt.sys -- (s1018mgmt [On_Demand | Stopped])
DRV - [2008/11/04 02:45:46 | 00,104,616 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018obex.sys -- (s1018obex [On_Demand | Stopped])
DRV - [2008/11/04 02:45:44 | 00,114,472 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018mdm.sys -- (s1018mdm [On_Demand | Stopped])
DRV - [2008/11/04 02:45:44 | 00,086,696 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018bus.sys -- (s1018bus [On_Demand | Stopped])
DRV - [2008/11/04 02:45:44 | 00,026,024 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018nd5.sys -- (s1018nd5 [On_Demand | Stopped])
DRV - [2008/11/04 02:45:44 | 00,015,016 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s1018mdfl.sys -- (s1018mdfl [On_Demand | Stopped])
DRV - [2008/08/26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2008/05/26 16:09:42 | 00,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\AFGSp50.sys -- (AFGSp50 [On_Demand | Stopped])
DRV - [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2008/04/13 19:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2008/02/29 04:13:46 | 00,028,944 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LUsbFilt.Sys -- (LUsbFilt [On_Demand | Running])
DRV - [2008/02/29 04:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
DRV - [2008/02/29 04:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
DRV - [2008/02/18 17:29:16 | 00,096,256 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus [On_Demand | Stopped])
DRV - [2008/01/20 17:12:14 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
DRV - [2007/11/13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2007/05/22 10:04:54 | 00,018,088 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray [System | Running])
DRV - [2007/04/18 16:39:38 | 10,253,056 | ---- | M] (Sonix Co. Ltd.) -- C:\WINDOWS\System32\DRIVERS\snp325.sys -- (SNP325 [On_Demand | Stopped])
DRV - [2007/03/08 20:20:50 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007/02/08 12:56:20 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1unic.sys -- (sea1unic [On_Demand | Stopped])
DRV - [2007/02/08 12:56:06 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1obex.sys -- (sea1obex [On_Demand | Stopped])
DRV - [2007/02/08 12:56:02 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1nd5.sys -- (sea1nd5 [On_Demand | Stopped])
DRV - [2007/02/08 12:56:00 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1mgmt.sys -- (sea1mgmt [On_Demand | Stopped])
DRV - [2007/02/08 12:55:52 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1mdm.sys -- (sea1mdm [On_Demand | Stopped])
DRV - [2007/02/08 12:55:50 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1mdfl.sys -- (sea1mdfl [On_Demand | Stopped])
DRV - [2007/02/08 12:55:40 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\sea1bus.sys -- (sea1bus [On_Demand | Stopped])
DRV - [2007/01/29 02:11:48 | 00,646,392 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/01/25 11:12:22 | 00,302,336 | ---- | M] (Midiman/M-Audio) -- C:\WINDOWS\System32\drivers\delta.sys -- (DELTA [On_Demand | Running])
DRV - [2006/10/26 15:11:39 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi [On_Demand | Stopped])
DRV - [2006/03/28 17:56:06 | 00,027,008 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidKE.Sys -- (LHidKe [On_Demand | Stopped])
DRV - [2006/03/28 17:55:58 | 00,069,760 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])
DRV - [2006/03/28 17:55:20 | 00,036,736 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LHidUsbK.Sys -- (LHidUsbK [On_Demand | Stopped])
DRV - [2006/03/18 03:24:59 | 00,026,844 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
DRV - [2005/10/21 19:58:58 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005/10/21 19:58:52 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2005/08/04 04:10:16 | 01,273,344 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2005/07/01 10:15:06 | 00,025,344 | R--- | M] (Iomega) -- C:\WINDOWS\system32\DRIVERS\IABFilt.sys -- (IABFilt [Boot | Running])
DRV - [2005/05/09 21:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\WINDOWS\System32\DRIVERS\cledx.sys -- (CLEDX [On_Demand | Running])
DRV - [2005/03/04 19:15:54 | 00,077,072 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k600obex.sys -- (k600obex [On_Demand | Stopped])
DRV - [2005/03/04 19:11:26 | 00,087,456 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k600mdm.sys -- (k600mdm [On_Demand | Stopped])
DRV - [2005/03/04 19:11:20 | 00,006,096 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k600mdfl.sys -- (k600mdfl [On_Demand | Stopped])
DRV - [2005/03/04 18:13:46 | 00,079,248 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k600mgmt.sys -- (k600mgmt [On_Demand | Stopped])
DRV - [2005/03/04 18:08:50 | 00,052,384 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k600bus.sys -- (k600bus [On_Demand | Stopped])
DRV - [2005/01/27 04:22:00 | 00,088,016 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2005/01/11 11:41:22 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2004/10/29 15:14:44 | 00,260,096 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys -- (smwdm [On_Demand | Stopped])
DRV - [2004/09/17 11:02:54 | 00,732,928 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\senfilt.sys -- (senfilt [On_Demand | Stopped])
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/06/15 23:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\IntelC53.sys -- (IntelC53 [On_Demand | Stopped])
DRV - [2004/03/08 13:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2004/03/05 23:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\IntelC52.sys -- (IntelC52 [On_Demand | Stopped])
DRV - [2004/03/05 23:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\IntelC51.sys -- (IntelC51 [On_Demand | Stopped])
DRV - [2004/03/05 23:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\mohfilt.sys -- (mohfilt [On_Demand | Stopped])
DRV - [2004/01/28 00:34:56 | 00,140,416 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp [System | Running])
DRV - [2004/01/28 00:29:40 | 00,197,632 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr [System | Running])
DRV - [2003/09/26 10:41:10 | 00,044,032 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2003/08/11 11:07:46 | 00,014,604 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])
DRV - [2002/11/08 14:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\System32\DRIVERS\omci.sys -- (omci [System | Running])
DRV - [2002/04/11 21:21:38 | 00,013,335 | R--- | M] (Microsystems Corp) -- C:\WINDOWS\System32\DRIVERS\usbcm.sys -- (usbcm [On_Demand | Stopped])
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2001/08/17 14:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [1999/09/10 12:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32 [System | Running])
DRV - [1999/07/20 10:38:00 | 00,073,216 | ---- | M] () -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel [Auto | Running])
DRV - [1998/09/30 15:08:24 | 00,010,256 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\System32\PARPEPPY.SYS -- (PARPEPPY [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/lobby/search.asp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/lobby/search.asp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\S-1-5-21-3709549617-2133626838-1531606107-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/05 11:21:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/07/08 12:53:12 | 00,000,000 | ---D | M]


O1 HOSTS File: (22 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless Manager] C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe (Affinegy, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: En&queue current page with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: Open &link target with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: Open current page with BI&D - C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3709549617-2133626838-1531606107-1006\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} Reg Error: Value error. (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www.freerealms.com/gamedata/FreeRealmsInstaller.cab (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/25 17:40:22 | 00,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fc3393b0-e636-11dd-94cd-00038a000015}\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDSetup.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDSetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (Partizan) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/06 23:07:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/10/03 15:08:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robbie\Application Data\BID
[2009/10/06 23:07:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/22 16:23:46 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/10/05 09:23:32 | 00,000,000 | ---D | C] -- C:\Program Files\Batch File Renamer 2.51
[2009/10/03 15:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\Bulk Image Downloader
[2009/10/02 11:44:53 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/22 11:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos
[2009/10/06 23:07:15 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/10/01 15:09:24 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/09/22 11:00:31 | 00,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2009/10/01 15:53:35 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/10/16 14:41:17 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Robbie\Desktop\OTL.exe
[2009/10/06 23:08:40 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/10/06 23:08:19 | 00,206,256 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/10/06 23:08:19 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/10/06 23:07:52 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/10/03 15:09:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robbie\My Documents\Bulk Image Downloader
[2009/10/03 15:03:04 | 00,000,000 | ---D | C] -- C:\FavoritesCategories
[2009/10/03 02:22:40 | 00,195,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2009/10/01 17:20:09 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2009/10/01 17:20:05 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2009/10/01 17:20:03 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/10/01 17:20:00 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/10/01 17:19:56 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/10/01 17:19:54 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2009/10/01 17:19:50 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/10/01 17:19:48 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2009/10/01 17:19:46 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/10/01 17:19:42 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/10/01 17:19:42 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/10/01 16:06:21 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009/10/01 16:06:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009/10/01 16:05:27 | 00,000,000 | ---D | C] -- C:\!FixIEDef
[2009/10/01 16:04:49 | 01,130,036 | ---- | C] (Malwareteks.com) -- C:\Documents and Settings\Robbie\Desktop\FixIEDef.exe
[2009/10/01 15:10:27 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/01 15:10:25 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/22 18:02:37 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Robbie\Desktop\RootRepeal.exe
[2009/09/22 17:47:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/09/22 17:39:11 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/09/22 17:25:21 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/09/22 17:23:31 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/09/22 17:23:31 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/09/22 17:23:31 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/09/22 17:23:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/09/22 17:13:07 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/09/22 11:27:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RegRunInfo
[2009/09/22 11:00:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robbie\My Documents\RegRun2
[2009/09/21 13:24:06 | 00,000,000 | ---D | C] -- C:\spoolerlogs
[2007/10/27 16:19:07 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll
[2007/10/27 16:16:43 | 00,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll
[2007/10/27 16:16:43 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll
[2007/10/27 16:16:43 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll
[2007/04/12 15:44:42 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Robbie\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[30 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/16 14:41:33 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robbie\Desktop\OTL.exe
[2009/10/16 14:04:00 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/16 13:41:16 | 00,138,784 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/10/16 13:40:51 | 00,202,008 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/10/16 13:13:47 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/10/16 13:12:28 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/10/16 13:11:15 | 00,000,407 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies
[2009/10/16 13:10:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/16 13:10:38 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/10/16 13:10:36 | 10,717,96224 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/16 13:10:33 | 00,015,324 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2009/10/16 13:08:28 | 02,648,154 | -H-- | M] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\IconCache.db
[2009/10/16 13:05:37 | 00,503,132 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/16 13:05:37 | 00,442,466 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/10/16 13:05:37 | 00,071,732 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/10/16 12:51:19 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/16 09:35:01 | 42,960,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/16 09:35:01 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/16 04:09:23 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/16 04:09:22 | 00,164,352 | ---- | M] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/12 17:05:52 | 00,206,256 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/10/12 17:05:52 | 00,007,396 | ---- | M] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2009/10/09 21:21:07 | 00,001,920 | ---- | M] () -- C:\i only have eyes new Rendered.mp3
[2009/10/07 00:15:04 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/06 23:08:03 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/10/06 18:44:50 | 00,000,022 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2009/10/06 02:14:26 | 00,000,819 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\Shortcut to msnmsgr.lnk
[2009/10/05 09:23:38 | 00,000,829 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\Batch File Renamer.lnk
[2009/10/05 00:16:05 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/03 15:08:51 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\Bulk Image Downloader.lnk
[2009/10/02 19:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/10/01 18:25:27 | 00,002,258 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/10/01 18:25:18 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.cok.xxx
[2009/10/01 16:05:12 | 01,130,036 | ---- | M] (Malwareteks.com) -- C:\Documents and Settings\Robbie\Desktop\FixIEDef.exe
[2009/10/01 15:10:32 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/01 15:09:29 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/10/01 10:29:14 | 00,195,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2009/10/01 09:02:54 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/09/27 13:11:15 | 00,000,315 | RHS- | M] () -- C:\BOOT.INI
[2009/09/24 16:09:31 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Robbie\My Documents\dogsoup metadata.xls
[2009/09/24 16:03:45 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Robbie\My Documents\dogsoup Pre Alert Template.xls
[2009/09/22 19:35:45 | 00,001,475 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\Windows Explorer.lnk
[2009/09/22 18:02:57 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\settings.dat
[2009/09/22 18:02:42 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Robbie\Desktop\RootRepeal.exe
[2009/09/22 17:56:38 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Robbie\Desktop\dds.scr
[2009/09/22 17:19:20 | 00,001,248 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/09/22 17:15:17 | 03,317,785 | R--- | M] () -- C:\Documents and Settings\Robbie\Desktop\ComboFix.exe
[2009/09/22 11:01:41 | 00,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/09/21 18:42:59 | 00,000,245 | ---- | M] () -- C:\Boot.bak
[2009/09/21 17:01:13 | 00,028,323 | ---- | M] () -- C:\WINDOWS\System32\glhg
[2009/09/20 08:58:28 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/09/20 08:58:28 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz

========== Files - No Company Name ==========
[2009/10/12 17:05:52 | 00,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2009/10/09 21:21:07 | 00,001,920 | ---- | C] () -- C:\i only have eyes new Rendered.mp3
[2009/10/06 23:08:03 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/10/06 02:14:26 | 00,000,819 | ---- | C] () -- C:\Documents and Settings\Robbie\Desktop\Shortcut to msnmsgr.lnk
[2009/10/05 09:23:38 | 00,000,829 | ---- | C] () -- C:\Documents and Settings\Robbie\Desktop\Batch File Renamer.lnk
[2009/10/03 15:08:51 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\Robbie\Desktop\Bulk Image Downloader.lnk
[2009/10/01 18:38:02 | 00,015,324 | ---- | C] () -- C:\WINDOWS\System32\oodbs.lor
[2009/10/01 18:22:14 | 00,002,258 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/10/01 17:19:53 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/10/01 17:19:48 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/10/01 17:19:44 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2009/10/01 15:56:56 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/10/01 15:10:32 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/01 15:09:29 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/24 15:53:41 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Robbie\My Documents\dogsoup Pre Alert Template.xls
[2009/09/22 18:02:57 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Robbie\Desktop\settings.dat
[2009/09/22 17:56:34 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Robbie\Desktop\dds.scr
[2009/09/22 17:25:29 | 00,000,245 | ---- | C] () -- C:\Boot.bak
[2009/09/22 17:25:25 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/09/22 17:23:31 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/09/22 17:23:31 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/09/22 17:23:31 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/09/22 17:23:31 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/22 17:15:02 | 03,317,785 | R--- | C] () -- C:\Documents and Settings\Robbie\Desktop\ComboFix.exe
[2009/09/22 13:27:23 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Robbie\My Documents\dogsoup metadata.xls
[2009/09/21 16:26:17 | 00,028,323 | ---- | C] () -- C:\WINDOWS\System32\glhg
[2009/09/21 14:26:23 | 10,717,96224 | -HS- | C] () -- C:\hiberfil.sys
[2009/06/16 14:40:26 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/06/16 14:40:26 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/06/05 15:00:04 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/03/16 13:06:44 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/11/09 12:05:03 | 00,138,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/05/14 02:29:30 | 00,041,296 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2008/02/13 19:37:45 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\Robbie\Application Data\PnkBstrK.sys
[2008/01/16 02:52:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2007/12/17 16:42:24 | 00,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2007/12/17 16:42:24 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2007/12/17 16:42:24 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2007/12/11 23:48:40 | 02,648,154 | -H-- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\IconCache.db
[2007/12/05 12:09:12 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2007/12/05 12:09:12 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2007/12/05 12:09:12 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2007/12/05 12:09:12 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2007/10/27 16:16:48 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini
[2007/06/25 13:26:12 | 00,663,552 | ---- | C] () -- C:\WINDOWS\System32\libeay32_1-1-0_DDR.dll
[2007/06/25 13:26:12 | 00,532,594 | ---- | C] () -- C:\WINDOWS\System32\xerces-c_1_40_0_DDR.dll
[2007/06/25 13:26:12 | 00,524,377 | ---- | C] () -- C:\WINDOWS\System32\stlport_4_0_0_DDR.dll
[2007/06/25 13:26:12 | 00,307,329 | ---- | C] () -- C:\WINDOWS\System32\BJBase_2-2-2_DDR.dll
[2007/06/25 13:26:12 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32_1-1-0_DDR.dll
[2007/04/12 15:44:48 | 00,000,034 | ---- | C] () -- C:\Documents and Settings\Robbie\Application Data\pcouffin.log
[2007/04/12 15:44:42 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Robbie\Application Data\ezpinst.exe
[2007/04/12 15:44:42 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Robbie\Application Data\pcouffin.cat
[2007/04/12 15:44:42 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Robbie\Application Data\pcouffin.inf
[2007/03/16 02:23:59 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\FDlg.dll
[2006/11/24 12:17:07 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\srctrl.dll
[2006/11/16 16:31:13 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/11/07 14:05:37 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2006/11/07 14:05:37 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2006/11/07 14:02:48 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2006/09/07 14:19:03 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2006/08/12 14:07:52 | 01,117,184 | ---- | C] () -- C:\WINDOWS\System32\swfExt.dll
[2006/08/12 14:07:52 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\flash_lib.dll
[2006/08/01 15:13:38 | 00,000,055 | ---- | C] () -- C:\WINDOWS\custvoic.ini
[2006/07/27 14:14:16 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
[2006/07/24 15:18:16 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/07/24 15:18:16 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/06/21 14:50:50 | 00,012,208 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/15 00:33:21 | 00,520,267 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2006/05/03 12:35:39 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/04/29 17:57:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI
[2006/04/29 00:10:33 | 00,000,058 | ---- | C] () -- C:\WINDOWS\Tonka_Raceway.INI
[2006/04/10 15:14:22 | 00,000,057 | ---- | C] () -- C:\WINDOWS\movexe.ini
[2006/04/08 13:34:53 | 00,495,104 | ---- | C] () -- C:\WINDOWS\System32\mp3tsshx.dll
[2006/03/22 11:05:32 | 00,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2006/02/10 20:39:28 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/02/08 16:27:22 | 00,000,072 | ---- | C] () -- C:\WINDOWS\JascCmdPrint.INI
[2006/02/03 14:46:40 | 00,004,721 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2005/12/16 01:16:38 | 00,027,404 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\rx_audio.Cache
[2005/12/16 01:14:54 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\rx_image.Cache
[2005/12/16 00:34:18 | 00,000,396 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/12/15 12:38:06 | 00,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2005/11/12 21:09:40 | 00,001,177 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/09/28 12:42:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2005/08/30 07:29:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/07/04 19:00:58 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005/07/04 19:00:58 | 00,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005/07/04 19:00:58 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005/07/04 19:00:58 | 00,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005/05/27 13:38:15 | 00,000,006 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2005/05/15 18:22:13 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\fusioncache.dat
[2005/05/15 16:27:01 | 00,000,263 | ---- | C] () -- C:\WINDOWS\EDSNWAVE.INI
[2005/04/23 18:38:48 | 00,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Ripper.INI
[2005/04/23 14:56:03 | 00,000,067 | ---- | C] () -- C:\WINDOWS\AoADVDRipper.INI
[2005/04/22 20:07:41 | 27,143,612 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\imageCache7.db
[2005/04/18 14:45:07 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2005/04/18 14:45:07 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2005/04/18 14:45:06 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2005/04/18 10:56:06 | 00,091,648 | ---- | C] () -- C:\WINDOWS\System32\Mros416.dll
[2005/04/14 17:59:40 | 00,000,311 | ---- | C] () -- C:\WINDOWS\SoundGraffiti.INI
[2005/04/06 16:27:14 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/04/06 16:24:40 | 01,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/03/18 17:32:21 | 00,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/03/15 15:20:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\FXMPlay.INI
[2005/03/15 15:19:02 | 00,000,456 | ---- | C] () -- C:\WINDOWS\fractalx.INI
[2005/03/02 19:35:38 | 00,000,036 | ---- | C] () -- C:\WINDOWS\WPS.INI
[2005/03/01 15:47:21 | 00,000,445 | R--- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2005/02/05 14:20:03 | 00,001,090 | ---- | C] () -- C:\WINDOWS\Pixel3d.ini
[2005/01/21 13:48:44 | 00,000,736 | ---- | C] () -- C:\WINDOWS\VTruck2.ini
[2005/01/18 13:45:53 | 00,164,352 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/17 22:00:07 | 00,000,797 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005/01/17 19:32:08 | 00,083,736 | ---- | C] () -- C:\Documents and Settings\Robbie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2005/01/17 19:25:46 | 00,000,810 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2005/01/17 19:07:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Robbie\Application Data\DESKTOP.INI
[2005/01/11 11:44:55 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/11 11:11:52 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/11/30 05:10:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/10/26 23:39:05 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/10 14:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:04:08 | 00,001,248 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/08/10 13:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/10 13:57:42 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\DESKTOP.INI
[2004/05/28 04:21:46 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\FlashIcon.dll
[2004/05/12 06:31:54 | 00,008,307 | ---- | C] () -- C:\WINDOWS\PWRPLAY.INI
[2004/01/06 00:50:40 | 00,245,760 | ---- | C] () -- C:\WINDOWS\System32\ImxEx.dll
[2003/10/02 02:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2002/11/15 22:04:05 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\atsdrve.dll
[2002/11/01 17:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 16:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/10/04 18:50:06 | 00,000,056 | ---- | C] () -- C:\WINDOWS\SHSFTSET.INI
[2001/10/04 10:57:12 | 00,000,085 | ---- | C] () -- C:\WINDOWS\System32\AL8HSTMN.INI
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/08/19 01:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/19 01:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/08/14 01:00:00 | 00,031,232 | ---- | C] () -- C:\WINDOWS\System32\XLREC.DLL
[1997/08/14 01:00:00 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\RECNCL.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\weddingpics.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 6.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 5.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 4.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\tunes page 1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\scan1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\Nefertiti-correct chords.tiff:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\Nefertiti-correct chords.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\last soup.rcl:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\honeymoon1.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\dogsouplayout.jwl:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\cornwall vcd.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Robbie\My Documents\building control letter.jpg:Roxio EMC Stream
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

OTL Extras logfile created on: 16/10/2009 14:42:01 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Robbie\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 254.07 Mb Available Physical Memory | 24.86% Memory free
2.40 Gb Paging File | 1.40 Gb Available in Paging File | 58.19% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.22 Gb Total Space | 25.04 Gb Free Space | 17.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 698.64 Gb Total Space | 10.43 Gb Free Space | 1.49% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBSON
Current User Name: Robbie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.reg [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [BFR.Rename] -- C:\Program Files\Batch File Renamer 2.51\BatchFileRenamer.exe "%1" (www.cerebralsynergy.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [TVersity] -- "C:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2234:TCP" = 2234:TCP:*:Enabled:file sharing
"49152:UDP" = 49152:UDP:*:Enabled:azureus
"5534:TCP" = 5534:TCP:*:Enabled:soulseek
"5534:UDP" = 5534:UDP:*:Enabled:soulseek
"49152:TCP" = 49152:TCP:*:Enabled:azureus
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" = C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager -- (Affinegy, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\MSMSGS.EXE" = C:\Program Files\Messenger\MSMSGS.EXE:*:Disabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\RTCSHARE.EXE" = C:\WINDOWS\SYSTEM32\RTCSHARE.EXE:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\CONF.EXE" = C:\Program Files\NetMeeting\CONF.EXE:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe" = C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe:*:Disabled:Jasc Paint Shop Photo Album Application -- (Jasc Software)
"C:\Program Files\Java\j2re1.4.2_03\bin\javaw.exe" = C:\Program Files\Java\j2re1.4.2_03\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\WINDOWS\SYSTEM32\DPVSETUP.EXE" = C:\WINDOWS\SYSTEM32\DPVSETUP.EXE:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe:*:Disabled:Java™ 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- ()
"C:\Program Files\The All-Seeing Eye\eye.exe" = C:\Program Files\The All-Seeing Eye\eye.exe:*:Disabled:Yahoo! All-Seeing Eye -- (Yahoo! Inc.)
"C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\patchget.dat" = C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\patchget.dat:*:Enabled:patchgrabber -- (Electronic Arts)
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe" = C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Enabled:WolfMP -- ()
"C:\Program Files\Azureusold\Azureus.exe" = C:\Program Files\Azureusold\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\WINDOWS\SYSTEM32\PnkBstrA.exe" = C:\WINDOWS\SYSTEM32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\SYSTEM32\PnkBstrB.exe" = C:\WINDOWS\SYSTEM32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\sopvod.exe" = C:\Program Files\SopCast\sopvod.exe:*:Enabled:sopvod -- ()
"C:\Program Files\Steam\steamapps\green__shirt\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\green__shirt\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Return to Castle Wolfenstein\pb\PnkBstrB.exe" = C:\Program Files\Return to Castle Wolfenstein\pb\PnkBstrB.exe:*:Enabled:PnkBstrB.exe -- ()
"C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" = C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager -- (Affinegy, Inc.)
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"C:\Program Files\TVersity\Media Server\MediaServer.exe" = C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server -- ()
"C:\wolf2\Wolfenstein.2.MP.BETA\Wolf2MPLite.exe" = C:\wolf2\Wolfenstein.2.MP.BETA\Wolf2MPLite.exe:*:Enabled:Wolfenstein MP -- (Activision)
"C:\wolf2\Wolfenstein.2.MP.BETA\Wolf2MP.exe" = C:\wolf2\Wolfenstein.2.MP.BETA\Wolf2MP.exe:*:Enabled:Wolfenstein MP -- (Activision)
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe" = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Disabled:Sony Ericsson Media Manager 1.2 -- (Sony Creative Software Inc.)
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Free Edition -- (SUPERAntiSpyware.com)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D330013-4A99-46D6-83C6-2C959C68DBFF}" =
"{106B839C-DBA9-0AA9-07E9-9A2597151FF6}" = Catalyst Control Center Graphics Full Existing
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{191FD01E-1AB7-49BD-A88D-67244297950A}" = iDisk Utility for Windows
"{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235BBFC6-D863-4066-A01A-3BD504C31033}" = Nero 7 Ultra Edition
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26792CA7-D87A-4DBE-896B-C2F66B344511}" =
"{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
"{2A38B5AA-EA84-4F87-9937-2FB23982243A}" = Sonic Foundry ACID 4.0
"{2A6282FF-B75B-463F-90F5-0A43732F690D}" = Broadcom Management Programs
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth ™ II
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.1
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3389299C-9F50-D0C4-197C-A8804303B79F}" = Catalyst Control Center Graphics Light
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{36A9D3F8-3FCF-4FBA-A8AD-3C1CE56C8AF4}" = Philips Device Manager
"{3780136B-22BA-4327-A226-A39EB2636730}" = Roxio Easy Media Creator 8 Content
"{37A17F53-D058-267B-C256-19FB6DDF3843}" = ccc-core-preinstall
"{39586f4f-758d-4a92-a5df-33e9db9c09d9}" = CA eTrust PestPatrol
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3F8EB641-6AD2-45DE-A8DD-91D7BDD39CDE}" = Microsoft USB Flash Drive Manager
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4308AC0E-FA13-43BE-A0B5-30F018B783FF}" = TwistedPixel
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{47813E93-F2A0-484A-838E-47EC1B28D190}" = Adobe Stock Photos 1.0
"{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}" = Nokia PC Suite
"{559BA5B3-E3E1-C8A0-E301-5F50531BD44C}" = ccc-utility
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{62369F2F77534556AEF4C58152E3BDE5}" =
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{637099FB-45FD-4BC7-9651-6FB540DBB749}" =
"{668B2B3A-4241-409F-A4AE-79B5016A487E}" = Sony Ericsson PC Suite
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABAF1E2-BEB6-4C32-BD9F-0CA733EE7453}" = Iomega Automatic Backup Pro
"{6C1196CF-B4AD-4847-B70C-F034A781445E}" = GtkRadiant-1.4.0
"{6C3CE73B-E7B8-4979-8740-1476C5CBDEBA}" = Corona Visualization Plug-in for WMP
"{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}" =
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7739C506-74AE-48CF-991B-AB5E35A927FC}" = GameJack 5
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78EFA95D-3310-4035-815B-A46BA4D0C6FA}" = VOB2MPG 2.5
"{79E88160-A5E4-F7D2-1314-DEB8AADD9C29}" = ccc-core-static
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C5E4F1C-3ECC-465A-9A79-131EBB6B3AD0}" = SmitFraudFixTool
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}" =
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{83735930-0FB1-D871-8832-B5A9E27C93CA}" = CCC Help English
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}" =
"{8CD0B297-122D-4718-9CE1-B72E796F7B21}" = Sony Ericsson Media Manager 1.2
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.8
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B55EF832-4613-A19B-A222-DDB8B6CE1B52}" = Catalyst Control Center Core Implementation
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258h
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23B8C30-E05E-4CB5-8188-F27CC3B2DD3E}" = Sibelius 5
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}" = Sibelius Scorch (ActiveX Only)
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4544EA-C189-41FE-9E3A-76591DDB852B}" = Roxio Easy Media Creator 7
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE325D55-FCAF-4273-BB79-069BB8747270}" = TomTom HOME
"{CED5BB5B-2A24-2F7F-61B1-2B557484084B}" = Catalyst Control Center Graphics Previews Common
"{CF0C0E58-2C1A-4645-85FC-D3DF9686EF60}" = Mp3-Tag Studio 3.05
"{CF72DC2F-F292-4D2B-B4E8-7D2060F095DA}" = ArtRage
"{D1268F56-DE79-19A8-C8EC-961D48FFD2FE}" = Skins
"{D40491E3-35AB-4757-B1F0-94C9100C2F4E}" = Line Speed Meter
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{DEB6C5B9-D5BB-D8AC-20F7-F1E0F8A67D5A}" = Catalyst Control Center Graphics Full New
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}" =
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}" =
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6F272EF-6239-45A6-B9DC-D2C11CFF73C5}" = Dolet Light for Finale 2005
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"1D183828-C834-484E-AE37-1E4181330C80" = Cleanup Assistant
"2B0D8F3C-18AD-4D8E-879A-74A867C5C3CB_is1" = Wireless Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"Ableton Live v5.0.3" = Ableton Live v5.0.3
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AKAI professional VST Collection v1.0" = AKAI professional VST Collection v1.0
"AKAIprofessional DCVocoder" = AKAI professional DCVocoder (remove only)
"AKAIprofessional DecaBuddy" = AKAI professional DecaBuddy (remove only)
"Alambik Viewer" = Alambik Viewer
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon DVD Shrinker_is1" = Amazon DVD Shrinker 2.6.2
"America Online uk" = AOL UK (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"AOL Spyware Protection" = AOL Spyware Protection
"AOLCoach uk" = AOL Coach Version 1.0(Build:20040201.2 uk)
"Arturia Moog Modular V v1.1" = Arturia Moog Modular V v1.1
"Arturia.Minimoog.V.v1.5-DAC" = Arturia.Minimoog.V.v1.5-DAC
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.4
"AudioRealism BassLine VSTi v1.51" = AudioRealism BassLine VSTi v1.51
"AVG8Uninstall" = AVG Free 8.5
"AVIcodec" = AVIcodec (remove only)
"aVis" = aVis
"Azureus" = Azureus
"BatchFileRenamer2.51" = Batch File Renamer 2.51
"BombThatBeat.v2.4-OxYGeN" = BombThatBeat.v2.4-OxYGeN
"Branding" =
"BroadJump Client Foundation" = BroadJump Client Foundation
"Bulk Image Downloader_is1" = Bulk Image Downloader v2.18.0.1
"Camel Audio Cameleon 5000 VSTi v1.6" = Camel Audio Cameleon 5000 VSTi v1.6
"CDisplay_is1" = CDisplay 1.8
"CDSheetMusic" = CD Sheet Music
"Connection Manager" =
"Cycling '74 MAXMSP v4.5.2" = Cycling '74 MAXMSP v4.5.2
"dBpowerAMP AAC Codec" = dBpowerAMP AAC Codec
"dBpowerAMP AAC to Mp4 Codec" = dBpowerAMP AAC to Mp4 Codec
"dBpowerAMP DirectShow Decoder Codec" = dBpowerAMP DirectShow Decoder Codec
"dBpowerAMP FLAC Codec" = dBpowerAMP FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpowerAMP Monkeys Audio Codec" = dBpowerAMP Monkeys Audio Codec
"dBpowerAMP mp3PRO Input Codec" = dBpowerAMP mp3PRO Input Codec
"dBpowerAMP Mp4 Codec" = dBpowerAMP Mp4 Codec
"dBpowerAMP Musepack Codec" = dBpowerAMP Musepack Codec
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpowerAMP Ogg Vorbis Codec" = dBpowerAMP Ogg Vorbis Codec
"dBPowerAMP Real Audio Encoder R3" = dBPowerAMP Real Audio Encoder R3
"dBpowerAMP Shorten Codec" = dBpowerAMP Shorten Codec
"dBpowerAMP Tag From Filename" = dBpowerAMP Tag From Filename
"dBpowerAMP Update ID Tag" = dBpowerAMP Update ID Tag
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"DellSupport" = Dell Support 5.0.0 (630)
"DISCODSP DISCOVERY v2.3 (NORD EDITION)" = DISCODSP DISCOVERY v2.3 (NORD EDITION)
"discoDSP Discovery VSTi v2.2" = discoDSP Discovery VSTi v2.2
"DivX Content Uploader" = DivX Content Uploader
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"Dynamic Library" = Dynamic Library v1.03
"East West Stormdrum Kompakt" = East West Stormdrum Kompakt
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"Edirol SuperQuartet v1.5" = Edirol SuperQuartet v1.5
"ElectricSheep" = ElectricSheep 2.6.6
"EphPod" = EphPod
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Excel" = Microsoft Excel 97
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"Finale 2005" = Finale 2005
"Finale Performance Assessment" = Finale Performance Assessment
"FLAC" = FLAC Installer 1.1.2a (remove only)
"Foxit PDF Creator" = Foxit PDF Creator
"Garritan Jazz Big Band" = Garritan Jazz Big Band
"GENERIC USB Card Reader Driver" = GENERIC USB Card Reader Driver v2.3
"GENEUIDE" = USB Storage Driver
"G-Force" = G-Force
"GForce.Software.Minimonsta.v1.01.VSTi.RTAS-DAC" = GForce.Software.Minimonsta.v1.01.VSTi.RTAS-DAC
"GMedia Music impOSCar VSTi v1.0.0.1" = GMedia Music impOSCar VSTi v1.0.0.1
"Google Updater" = Google Updater
"Harry's Filters 3" = Harry's Filters 3
"HijackThis" = HijackThis 1.99.1
"HP Photo & Imaging" = HP Image Zone 4.2
"Hypersonic 1.1.1" = Hypersonic 1.1.1
"iArt_is1" = iArt 2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"iJenAPE" = SYFi - iJenAPE (remove only)
"InstallShield Uninstall Information" =
"InstallShield_{0B9E0BD1-328D-415C-80A5-6B0028F0C104}" =
"InstallShield_{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite
"InstallShield_{2A6282FF-B75B-463F-90F5-0A43732F690D}" = Broadcom Management Programs
"InstallShield_{4308AC0E-FA13-43BE-A0B5-30F018B783FF}" = TwistedPixel Visualization for Windows Media Player
"InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"IrfanView" = IrfanView (remove only)
"Jasc Paint Shop Pro 9 GDI+ Patch" = Jasc Paint Shop Pro 9 GDI+ Patch
"Jasc Paint Shop Pro 9.01 - (9.0.1.1)" = Jasc Paint Shop Pro 9.01 - (9.0.1.1)
"Jasc Paint Shop Pro 9.01 Patch" = Jasc Paint Shop Pro 9.01 Patch
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Korg Legacy Collection VSTi v1.0.02" = Korg Legacy Collection VSTi v1.0.02
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Magic ISO Maker v5.4 (build 0255)" = Magic ISO Maker v5.4 (build 0255)
"MagicDisc 2.6.93" = MagicDisc 2.6.93
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" =
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Interactive Training" =
"MKV Minimum Set (LD-Anime) - MatroskaSplitter & VSFilter_is1" = Matroska Pack - Lazy Man's MKV 0.9.9
"Mp3tag" = Mp3tag v2.35
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MSNINST" = MSN
"MSPUB5" = Microsoft Publisher 98
"MyEmo" = MyEmoticons
"Native Instruments - Traktor 1.06" = Native Instruments - Traktor 1.06
"Native Instruments Absynth v3.0" = Native Instruments Absynth v3.0
"Native Instruments B4 v1.11" = Native Instruments B4 v1.11
"Native Instruments Battery" = Native Instruments Battery
"Native Instruments Battery v2.1" = Native Instruments Battery v2.1
"Native Instruments DFD extension" =
"Native Instruments FM7" = Native Instruments FM7
"Native Instruments FM7 Presets Addon 1" = Native Instruments FM7 Presets Addon 1
"Native Instruments Intakt" = Native Instruments Intakt
"Native Instruments Kontakt v1.5.3 Incl Keygen" = Native Instruments Kontakt v1.5.3 Incl Keygen
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Sibelius Player" = Native Instruments Sibelius Player
"Nero - Burning Rom!UninstallKey" =
"NeroBackItUp!UninstallKey" =
"NeroMediaHome!UninstallKey" =
"NeroRecode!UninstallKey" =
"NeroShowTime!UninstallKey" =
"NeroVision!UninstallKey" =
"NetMeeting" =
"Neuratron PhotoScore Lite" = Neuratron PhotoScore Lite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Nomad Factory Blue Tubes Bundle v2.0" = Nomad Factory Blue Tubes Bundle v2.0
"Novation Bass-Station VSTi v1.10" = Novation Bass-Station VSTi v1.10
"Ohmforce Hematohm PRO VST v1.22" = Ohmforce Hematohm PRO VST v1.22
"Ohmforce Mobilohm PRO VST v1.12" = Ohmforce Mobilohm PRO VST v1.12
"Ohmforce Ohmboyz PRO VST v1.42" = Ohmforce Ohmboyz PRO VST v1.42
"Ohmforce Predatohm PRO VST v1.32" = Ohmforce Predatohm PRO VST v1.32
"Ohmforce Quad Frohmage PRO VST v1.20" = Ohmforce Quad Frohmage PRO VST v1.20
"OpenAL" = OpenAL
"PCHealth" =
"PhotoScore Professional Demo" = PhotoScore Professional Demo
"PixDiscount" = PixDiscount 2.00
"Pixel 3D" = Pixel 3D
"Plugin Galaxy DEMO 1.50_is1" = Plugin Galaxy DEMO 1.50
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 1.95
"R4" = R4
"Rainbow Sentinel Driver" = Sentinel System Driver
"rayatitray" = Ray Adams ATI Tray Tools
"RealPlayer 6.0" = RealPlayer Basic
"Reason Adapted M-Audio Express_is1" = Reason Adapted M-Audio Express 2.5
"Reason_is1" = Reason 3.0
"ReCycle v2.1" = ReCycle v2.1
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"rgcAudio z3ta+ v1.1" = rgcAudio z3ta+ v1.1
"Rob Papen Albino 2" = Rob Papen Albino 2
"SBEWIN32.EXE" =
"Security Task Manager" = Security Task Manager 1.7
"Shockwave" =
"Sibelius 4" =
"Sibelius Scorch" = Sibelius Scorch
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.01
"SopCast" = SopCast 3.0.1
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 13
"SoundGraffiti 2.0_is1" = SoundGraffiti 2.0
"Spyware Doctor" = Spyware Doctor 6.0
"Stamp" = Stamp Uninstall
"Steinberg Cubase SX v3.1.1.944" = Steinberg Cubase SX v3.1.1.944
"Steinberg D'Cota VSTi v1.01" = Steinberg D'Cota VSTi v1.01
"Steinberg HALion v3.1.0.947" = Steinberg HALion v3.1.0.947
"Steinberg Nuendo v2.0.1" = Steinberg Nuendo v2.0.1
"Steinberg SX Unlocked VST Plugins Pack 1" = Steinberg SX Unlocked VST Plugins Pack 1
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Superwave Bundle VSTi v2.0" = Superwave Bundle VSTi v2.0
"Synapse Hydra VSTi V1.0" = Synapse Hydra VSTi V1.0
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"SystemRequirementsLab" = System Requirements Lab
"Tag&Rename_is1" = Tag&Rename 3.2 rc 2
"The Cleaner 3.1" = The Cleaner 3.1
"Tonka Raceway" = Tonka Raceway
"Toxic DEMO_is1" = Toxic DEMO v2.1
"Transcribe!_is1" = Transcribe! 7.31
"TVersity Codec Pack" = TVersity Codec Pack 1.2
"TVersity Media Server " = TVersity Media Server 1.6 Beta
"Tweak UI 2.10" = Tweak UI
"UBCD4Win_is1" = UBCD4Win 3.50
"UltraISO_is1" = UltraISO Premium V8.12
"Undisker" = Undisker
"Update Service" = Update Service
"Virsyn TERA v2.0" = Virsyn TERA v2.0
"vis_geiss2.dllWinamp" = Geiss2 for Winamp 2x (remove only)
"vis_milk.dllWinamp" = MilkDrop for Winamp 2x (remove only)
"Visual Thesaurus 3" = Visual Thesaurus 3
"VSO ConvertXtoDVD_is1" = ConvertXtoDVD 2.0.10b
"Waves Diamond Bundle 4.05" = Waves Diamond Bundle 4.05
"Wdf01000" =
"Wdf01001" =
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Winamp3" =
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinFF_is1" = WinFF 0.32
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"WOLAPI" = Westwood Shared Internet Components
"Word8.0" = Microsoft Word 97
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xfire" = Xfire (remove only)
"XoftSpy" = XoftSpy
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD" = XviD MPEG-4 Codec
"YAWn!" = YAWn!.NET (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05/10/2009 06:03:51 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 05/10/2009 06:20:07 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 05/10/2009 21:16:00 | Computer Name = ROBSON | Source = Windows Live Messenger | ID = 5000
Description =

Error - 13/10/2009 07:58:49 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application nero.exe, version 7.5.9.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/10/2009 07:59:08 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application DXEnum.exe, version 3.5.6.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/10/2009 08:04:14 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application nero.exe, version 7.5.9.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/10/2009 08:04:50 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application DXEnum.exe, version 3.5.6.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/10/2009 08:10:01 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application nero.exe, version 7.5.9.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/10/2009 08:10:02 | Computer Name = ROBSON | Source = Application Hang | ID = 1002
Description = Hanging application DXEnum.exe, version 3.5.6.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 15/10/2009 21:05:12 | Computer Name = ROBSON | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240016, P2 begininstall, P3 install, P4
1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL,
P10 NIL.

[ System Events ]
Error - 06/10/2009 18:39:55 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PC Tools Security Service
service to connect.

Error - 06/10/2009 18:39:55 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7000
Description = The PC Tools Security Service service failed to start due to the following
error: %%1053

Error - 06/10/2009 18:39:55 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SAVRKBootTasks

Error - 06/10/2009 18:55:25 | Computer Name = ROBSON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00114312F6D3 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 06/10/2009 18:56:31 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7000
Description = The Nsynas32 service failed to start due to the following error: %%2

Error - 06/10/2009 18:56:31 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7000
Description = The Remote Packet Capture Protocol v.0 (experimental) service failed
to start due to the following error: %%3

Error - 06/10/2009 18:58:10 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SAVRKBootTasks

Error - 06/10/2009 19:31:50 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7000
Description = The Nsynas32 service failed to start due to the following error: %%2

Error - 06/10/2009 19:31:50 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7000
Description = The Remote Packet Capture Protocol v.0 (experimental) service failed
to start due to the following error: %%3

Error - 06/10/2009 19:32:28 | Computer Name = ROBSON | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SAVRKBootTasks


< End of report >

#6 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 18 October 2009 - 06:24 AM

since posting this last log my computer started getting a bluescreen error on startup.

***stop : 0x0000007e (0xc0000005, 0x86ed83b2, 0xf78dc26c, 0xf78dbf68)

I googled the error code, but it said that the problem could be caused by a number of things- one of which being ram failure. I can still get into windows via a boot disc (ultimate boot cd for windows), so I suppose that would rule that out? Thanks in advance for your help :(

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 18 October 2009 - 11:28 AM

Hi,

if you suspect the reason to be RAM failure, I would advise, that you run a Memtest, for example memtest86: http://www.memtest86.com/

Could you please retrieve the logs from Combofix, FixIEDef and Smitfraudfix you ran earlier. Please also post the complete error message of the BSOD, especially the type of error.

Have you tried booting into safe mode? Does that still work?

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 18 October 2009 - 05:57 PM

ran the memtest, no problems found. I can't retrieve those previous logs as I can only get my computer running via the Ultimate Boot Cd for Windows- safe mode takes me to the same blue screen. The error message says some warnings about why the problem may have occured, checking disk space, bios updates. Then just the ***stop : 0x0000007e (0xc0000005, 0x86ed83b2, 0xf78dc26c, 0xf78dbf68) code. Is there a way I can get those those which were previously saved on my desktop?

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 19 October 2009 - 05:49 AM

Hi,

you should be able to access your harddrive from UBCD. Your desktop will be located under: C:\Documents and Settings\Robbie\Desktop

Could you please try to boot into Recovery Console and tell me if this works?
  • Restart your computer
  • Before Windows loads, you will be prompted to choose which Operating System to start
  • Use the up and down arrow key to select Microsoft Windows Recovery Console
  • You must enter which Windows installation to log onto. Type 1 and press enter.
  • It will prompt you for your Administrator password, if it is blank, just hit enter.
  • For now I only want to see if you can start RC, so just leave it again, by typing:
    exit
Windows will now begin loading.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 19 October 2009 - 06:26 AM

The recovery console works, I have been into it to try and restore a backup of my registry. I have a feeling I may have stupidly deleted a registry entry a couple of days ago, and so this blue screen problem has only become apparent on reboot. I followed a guide using the recovery console to replace the existing hives with the backups but it didn't work, took me to the same blue screen of death. I'll try to find those logs shortly and post them.

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 19 October 2009 - 08:56 AM

Let me know if you can't find them, I'll try to give you more detailed instructions to find them.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 19 October 2009 - 09:36 AM

I have checked the desktop folder, and could only find an OTL logfile and OLT extras, and a Rootrepeal log. I have a suspicion I deleted the previous logs from my desktop as I thought once they were posted that I wouldn't need them. Are these not the same logs I posted at the top of my post? (sorry if that's a stupid question).

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 19 October 2009 - 10:11 AM

Hi,

I had asked for the logs from Combofix, Smitfraudfix and FixIEDef, which you seem to have run while waiting for a reply. When you mentioned you saved the logs on your Desktop I thought you were talking about the logs from those tools.

You should find the log from Combofix under C:\combofix.txt or C:\qoobox\combofix.txt, the log from Smitfraudfix should be in C:\rapport.txt and the log from FixIEDef should actually be on your Desktop named FixIEDef.

Do you recall if you rebooted between running those tools and getting the BSOD?

EDIT: Quick question: You did try the "registry fix" from Recovery Console after the BSOD appeared? Are these the steps you used: link?

regards _temp_

Edited by _temp_, 19 October 2009 - 10:21 AM.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 magusdark

magusdark
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 19 October 2009 - 10:41 AM

Here are the combofix and smitfraud logs attached. I must have deleted the fixiedef one because I have searched the whole computer and cannot find it. The operation I did via the recovery console was shorter than the instructions in your link- it just involved copying the hives from a recent backup over the original hives. I am wary of doing the steps in the link you provided- am I right in thinking that if the registry is restored to how it was when the computer was initially set up, then I might lose some data? What happens to all the programs that were installed more recently than the old registry?

Attached Files



#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:00 PM

Posted 19 October 2009 - 10:58 AM

Hi,

I don't want you to take any steps right now. I just wanted to know if those were the steps you used to repair your registry. Where did you get that registry backup? From System restore?

regards -temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users