Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

requires a missing windows codec


  • This topic is locked This topic is locked
8 replies to this topic

#1 HelpMe?

HelpMe?

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 08 May 2010 - 11:20 AM

I'm having the exact same problems sad.gif

The same as these people: http://answers.yahoo.com/question/index?qi...04183025AAPYjg1

It even happens with some games :x


I ran HiJackThis, here is the file:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:48, on 8-5-2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
B:\Program Files (x86)\Steam\steam.exe
B:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
B:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
B:\Windows\SysWOW64\Ctxfihlp.exe
B:\Windows\SysWOW64\CTXFISPI.EXE
B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
B:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
B:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
B:\Users\germania\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = B:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - B:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - B:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - B:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - B:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - B:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "B:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OCAudioIni] B:\Program Files (x86)\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [GrooveMonitor] "B:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [B2C_AGENT] B:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "B:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files (x86)\EVGA Precision\EVGAPrecisionWrapper.exe" /s
O4 - HKCU\..\Run: [Steam] "b:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] B:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "B:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [Google Update] "B:\Users\germania\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "B:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\RunServices: [tnavdecEurope] B:\Users\germania\AppData\Local\Temp\pTFB.exe
O4 - HKCU\..\RunServices: [pTFB] B:\Users\germania\AppData\Local\Temp\pTFB.exe
O4 - Startup: MagicDisc.lnk = B:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = B:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://B:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video as MP3 - res://B:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - B:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - B:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - B:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - B:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - B:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: b:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: b:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGam...S.cab109791.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareup...15109/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - B:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - B:\Program Files (x86)\Norton2009Reset.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - B:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - B:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - B:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - B:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - B:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - B:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - B:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - B:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - B:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - B:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - B:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - B:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - B:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - B:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - B:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - B:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - B:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - B:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - B:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - B:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - B:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - B:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - B:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - B:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - B:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - B:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - B:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - B:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - B:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - B:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - B:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - B:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - B:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - B:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11024 bytes

Images:

http://img693.imageshack.us/img693/2672/25009569.png
--> Clicking it gets me to 'http://totalcodec.com/'
When opening Oblivion (game), I get the same message..

Edited by HelpMe?, 08 May 2010 - 11:26 AM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:22 PM

Posted 10 May 2010 - 04:51 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 HelpMe?

HelpMe?
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 10 May 2010 - 05:58 PM

I still have the problem... I wil do that OTL tomorrow, going to bed now (it's 1AM where I live ^^)

Edit:

The problem is that I, and many others with me on the web, removed (at least, we thought that we did) System Security 2010 in the last couple of weeks.
We removed the program itself, which is spyware, with malwarebytes.
But the program left roque software on the computer that made the pc's unable to play mp3's.
Many people only complained about their music, but they didn't notice that any game or program that uses mp3's (such as: Oblivion, Fallout 3, Windows Live Messenger, etc.) isn't acting normal now.

If you try to play mp3's there comes a message that says there are Windows codecs missing (see: http://img693.imageshack.us/img693/2672/25009569.png) and it leads you to http://www.totalcodec.com/, where you need to pay for a codec pack that should help you get rid of your problem. (They pretend that that is Microsoft helping you...)



Here are the OTL Logs:

QUOTE(Extras.txt)
OTL Extras logfile created on: 5/11/2010 12:18:03 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = B:\Users\germania\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = B: | %SystemRoot% = B:\Windows | %ProgramFiles% = B:\Program Files (x86)
Drive C: | 875.73 Gb Total Space | 112.37 Gb Free Space | 12.83% Space Free | Partition Type: NTFS
Drive D: | 4.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive N: | 600.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MW_INC
Current User Name: germania
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- B:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- B:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "B:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "B:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "B:\Windows\System32\rundll32.exe" "B:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "B:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- B:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "B:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "B:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "B:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "B:\Windows\System32\rundll32.exe" "B:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "B:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- B:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "B:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"81AE60DDD229A248055515E311406D86F7E4012A" = Windows Driver Package - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Ogg Codecs" = Ogg Codecs 0.81.15562
"SP6" = Logitech SetPoint 6.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{035186F3-D2D5-46A0-BB90-0956B98E5A4B}" = NVIDIA System Update
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 18
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5887D64D-2663-43FB-B4BD-7464C56AB425}" = NVIDIA System Monitor
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AC4E434-8126-4840-BBD3-6B1EB78BBFF5}" = Solstice
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEBFFF0-15A1-48A9-88F3-06604486C7C9}" = WMPTagSupportExtender
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0413-1000-0000000FF1CE}_ENTERPRISE_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_ENTERPRISE_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_ENTERPRISE_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout™ Paradise The Ultimate Box
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1043-7B44-A91000000001}" = Adobe Reader 9.1.3 - Nederlands
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}" = Enemy Territory - Quake Wars™
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CDCA3C32-FCE7-40E8-8CB5-7B0E87ADDFC9}_is1" = Majesty 2: The Fantasy Kingdom Sim
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DA2C31A1-D5E6-4472-A143-A323CECEE1C5}_is1" = One-click Audio Converter 3.13
"{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}" = Heroes of Might and Magic V Collector Edition
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{ECFCC0F4-649F-4544-AB74-1DEA35350216}" = LG PC Suite III
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"3DMIDI" = Creative 3DMIDI Player
"8461-7759-5462-8226" = Vuze
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Akamai" = Akamai NetSession Interface
"ALchemy" = Creative ALchemy
"ASIO4ALL" = ASIO4ALL
"AudioCS" = Creative Configuratiescherm voor geluid
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Console Launcher" = Creative Opstart-console
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diagnostics 4_5" = Creative Diagnostics
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FL Studio 9" = FL Studio 9
"FlorensiaEN" = FlorensiaEN 1.10.26
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.2
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{035186F3-D2D5-46A0-BB90-0956B98E5A4B}" = NVIDIA System Update
"InstallShield_{5887D64D-2663-43FB-B4BD-7464C56AB425}" = NVIDIA System Monitor
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"Just Cause 2_is1" = Just Cause 2
"Kings Bounty Armored Princess_is1" = Kings Bounty Armored Princess
"M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player_is1" = M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NAV" = Norton AntiVirus
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"Sawer" = Sawer
"SFBM" = SoundFont-bankbeheer
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.43
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.5.0
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chivalry II - The Sicilian Vespers 3.3" = Chivalry II - The Sicilian Vespers 3.3
"Chivalry II - The Sicilian Vespers 3.3 (HotFix2)" = Chivalry II - The Sicilian Vespers 3.3 (HotFix2)
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2010 1:52:43 PM | Computer Name = MW_Inc | Source = System.ServiceModel 3.0.0.0 | ID = 131075
Description = WebHost failed to process a request. Sender Information: System.ServiceModel.Activation.HostedHttpRequestAsyncResult/37489757

Exception:
System.Web.HttpException: The service '/OnlineConfigService.svc' does not exist.
---> System.ServiceModel.EndpointNotFoundException: The service '/OnlineConfigService.svc'
does not exist. at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String
normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String
relativeVirtualPath) at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()

at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()

--- End of inner exception stack trace --- at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult
result) at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult
result) Process Name: w3wp Process ID: 1068

Error - 5/8/2010 6:00:47 AM | Computer Name = MW_Inc | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.0.5.0, time stamp:
0x4b64ae05 Faulting module name: vlc.exe, version: 1.0.5.0, time stamp: 0x4b64ae05
Exception
code: 0xc0000005 Fault offset: 0x00001749 Faulting process id: 0x15cc Faulting application
start time: 0x01caee95537d68d0 Faulting application path: B:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting
module path: B:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: 92a1fd50-5a88-11df-9d00-001fbc0048ab

Error - 5/8/2010 6:02:35 AM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "B:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "B:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/8/2010 1:28:03 PM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "b:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "b:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/8/2010 1:28:16 PM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "b:\program files (x86)\id
software\enemy territory - quake wars\serverlauncher.exe".Error in manifest or
policy file "" on line . A component version required by the application conflicts
with another component version already active. Conflicting components are:. Component
1: B:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component
2: B:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Error - 5/9/2010 8:07:09 AM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "b:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "b:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/9/2010 8:07:30 AM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "b:\program files (x86)\id
software\enemy territory - quake wars\serverlauncher.exe".Error in manifest or
policy file "" on line . A component version required by the application conflicts
with another component version already active. Conflicting components are:. Component
1: B:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component
2: B:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Error - 5/10/2010 5:20:32 AM | Computer Name = MW_Inc | Source = System.ServiceModel 3.0.0.0 | ID = 131075
Description = WebHost failed to process a request. Sender Information: System.ServiceModel.Activation.HostedHttpRequestAsyncResult/37489757

Exception:
System.Web.HttpException: The service '/OnlineConfigService.svc' does not exist.
---> System.ServiceModel.EndpointNotFoundException: The service '/OnlineConfigService.svc'
does not exist. at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String
normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String
relativeVirtualPath) at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()

at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()

--- End of inner exception stack trace --- at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult
result) at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult
result) Process Name: w3wp Process ID: 5188

Error - 5/10/2010 6:33:45 AM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "b:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "b:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/10/2010 6:34:05 AM | Computer Name = MW_Inc | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "b:\program files (x86)\id
software\enemy territory - quake wars\serverlauncher.exe".Error in manifest or
policy file "" on line . A component version required by the application conflicts
with another component version already active. Conflicting components are:. Component
1: B:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component
2: B:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

[ Media Center Events ]
Error - 11/24/2009 1:58:49 AM | Computer Name = MW_Inc | Source = MCUpdate | ID = 0
Description = 6:58:49 - Error connecting to the internet. 6:58:49 - Unable to
contact server..

Error - 11/24/2009 1:59:23 AM | Computer Name = MW_Inc | Source = MCUpdate | ID = 0
Description = 6:59:18 - Error connecting to the internet. 6:59:18 - Unable to
contact server..

[ System Events ]
Error - 5/10/2010 10:21:07 AM | Computer Name = MW_Inc | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:18:25 on ?10-?5-?2010 was unexpected.

Error - 5/10/2010 10:21:08 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Norton2009
Reset service to connect.

Error - 5/10/2010 10:21:08 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7000
Description = The Norton2009 Reset service failed to start due to the following
error: %%1053

Error - 5/10/2010 10:21:51 AM | Computer Name = MW_Inc | Source = BugCheck | ID = 1001
Description =

Error - 5/10/2010 10:21:52 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Akamai service.

Error - 5/10/2010 5:43:24 PM | Computer Name = MW_Inc | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 5/10/2010 6:59:19 PM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Stereoscopic 3D Driver Service service has reported an
invalid current state 0.

Error - 5/11/2010 5:42:19 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Norton2009
Reset service to connect.

Error - 5/11/2010 5:42:19 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7000
Description = The Norton2009 Reset service failed to start due to the following
error: %%1053

Error - 5/11/2010 5:43:04 AM | Computer Name = MW_Inc | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Akamai service.


< End of report >


QUOTE(OTL.txt)
OTL logfile created on: 5/11/2010 12:18:03 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = B:\Users\germania\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = B: | %SystemRoot% = B:\Windows | %ProgramFiles% = B:\Program Files (x86)
Drive C: | 875.73 Gb Total Space | 112.37 Gb Free Space | 12.83% Space Free | Partition Type: NTFS
Drive D: | 4.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive N: | 600.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MW_INC
Current User Name: germania
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/11 12:17:02 | 000,570,880 | ---- | M] (OldTimer Tools) -- B:\Users\germania\Downloads\OTL.exe
PRC - [2010/05/08 11:10:32 | 000,390,952 | ---- | M] (Valve Corporation) -- B:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/05/07 10:28:32 | 001,238,352 | ---- | M] (Valve Corporation) -- B:\Program Files (x86)\Steam\steam.exe
PRC - [2010/05/05 20:43:58 | 000,834,248 | ---- | M] (Lavasoft) -- B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/05/05 20:43:57 | 001,285,864 | ---- | M] (Lavasoft) -- B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- B:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/31 21:39:54 | 000,908,248 | ---- | M] (Mozilla Corporation) -- B:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/03/07 18:48:38 | 000,654,648 | ---- | M] (BitTorrent, Inc.) -- B:\Program Files (x86)\BitTorrent\bittorrent.exe
PRC - [2010/03/07 18:38:55 | 000,075,064 | ---- | M] () -- B:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/01/20 22:30:02 | 000,117,640 | R--- | M] (Symantec Corporation) -- B:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/10/23 00:36:16 | 002,923,192 | ---- | M] () -- B:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2009/07/14 00:28:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- B:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009/07/14 00:22:08 | 001,263,616 | ---- | M] (Creative Technology Ltd) -- B:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009/04/28 03:19:02 | 000,298,000 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe
PRC - [2009/02/23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- B:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/02/04 01:34:00 | 000,172,032 | ---- | M] () -- B:\Users\germania\My Documents\Realtemp\RealTemp.exe


========== Modules (SafeList) ==========

MOD - [2010/05/11 12:17:02 | 000,570,880 | ---- | M] (OldTimer Tools) -- B:\Users\germania\Downloads\OTL.exe
MOD - [2009/07/14 03:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- B:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- B:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- B:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 03:14:51 | 002,175,488 | ---- | M] (Microsoft Corporation) -- B:\Windows\AppPatch\AcGenral.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- B:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- B:\Windows\SysWOW64\sfc.dll
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- B:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/01/29 23:18:20 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- B:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- B:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 03:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2009/07/14 03:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- B:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 03:40:01 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- B:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/05/10 20:52:41 | 002,478,640 | ---- | M] () [Auto | Running] -- b:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai)
SRV - [2010/05/08 11:10:32 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Running] -- B:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/05 20:43:57 | 001,285,864 | ---- | M] (Lavasoft) [Auto | Running] -- B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- B:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/07 18:38:55 | 000,075,064 | ---- | M] () [Auto | Running] -- B:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/01/20 22:30:02 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- B:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -- (Norton AntiVirus)
SRV - [2009/08/23 00:02:28 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- B:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/08/22 23:59:20 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- B:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009/07/26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- B:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- B:\Windows\Vss -- (VSS)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- B:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- B:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 03:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- B:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- B:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/02/23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- B:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- B:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/10/24 02:40:46 | 000,291,255 | RH-- | M] () [Auto | Stopped] -- B:\Program Files (x86)\Norton2009Reset.exe -- (.norton2009Reset)
SRV - [2008/02/04 11:29:30 | 000,216,576 | ---- | M] (NVIDIA) [Auto | Running] -- B:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2008/01/30 14:45:12 | 000,163,328 | ---- | M] (NVIDIA) [Auto | Running] -- B:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/10 13:29:52 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/05/10 13:29:45 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/05/10 13:29:45 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/02/04 17:53:02 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- B:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/01/23 00:18:44 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- B:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/01/23 00:18:44 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- B:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/01/20 22:30:03 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/01/20 22:30:03 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/01/20 22:30:03 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2010/01/20 22:30:03 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symfw.sys -- (SYMFW)
DRV:64bit: - [2010/01/20 22:30:03 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2010/01/20 22:30:03 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/01/20 22:30:03 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/11/10 13:53:16 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/11/10 13:53:00 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/09/29 09:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
DRV:64bit: - [2009/09/29 09:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
DRV:64bit: - [2009/09/29 09:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)
DRV:64bit: - [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/08/23 01:18:05 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- B:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/14 02:54:52 | 001,613,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2009/07/14 02:54:38 | 001,568,792 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009/07/14 02:54:28 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009/07/14 02:54:18 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009/07/14 02:54:12 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009/07/14 02:54:04 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009/07/14 02:53:54 | 000,696,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009/07/14 02:53:46 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009/07/14 02:53:36 | 001,445,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009/07/14 02:53:36 | 001,445,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009/07/14 02:53:24 | 000,095,256 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009/07/14 02:53:24 | 000,095,256 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009/07/14 02:53:16 | 000,230,424 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009/07/14 02:53:16 | 000,230,424 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- B:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- B:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 04:38:20 | 000,966,144 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/04/30 13:06:58 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/04/09 21:06:02 | 000,590,848 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/04/22 08:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- B:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV - [2010/05/10 10:00:00 | 001,773,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100510.025\EX64.SYS -- (NAVEX15)
DRV - [2010/05/10 10:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100510.025\ENG64.SYS -- (NAVENG)
DRV - [2010/05/08 09:57:18 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/05/08 09:57:18 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- B:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/22 00:49:32 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- B:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- B:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- B:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- B:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- B:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009/04/28 03:19:02 | 000,014,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- B:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/07/26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- B:\Users\germania\My Documents\Realtemp\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2008/02/04 11:32:18 | 000,040,480 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- B:\Windows\nvoclk64.sys -- (NVR0Dev)
DRV - [2008/01/30 14:41:58 | 000,040,480 | ---- | M] (NVidia Corp.) [Kernel | Auto | Running] -- B:\Windows\nvflsh64.sys -- (NVR0FLASHDev)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = B:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-3600984590-206117935-2791398722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 7B C4 11 8C 80 CA 01 [binary data]
IE - HKU\S-1-5-21-3600984590-206117935-2791398722-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: B:\Program Files (x86)\Mozilla Firefox\components [2010/05/06 09:00:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: B:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/06 09:00:43 | 000,000,000 | ---D | M]

[2010/01/07 20:20:35 | 000,000,000 | ---D | M] -- B:\Users\germania\AppData\Roaming\Mozilla\Extensions
[2010/05/10 23:32:39 | 000,000,000 | ---D | M] -- B:\Users\germania\AppData\Roaming\Mozilla\Firefox\Profiles\a6zorr2f.default\extensions
[2010/05/05 19:36:20 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- B:\Users\germania\AppData\Roaming\Mozilla\Firefox\Profiles\a6zorr2f.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/25 00:45:02 | 000,000,000 | ---D | M] -- B:\Users\germania\AppData\Roaming\Mozilla\Firefox\Profiles\a6zorr2f.default\extensions\openmedspel@e-medtools.com
[2010/05/11 11:42:21 | 000,000,000 | ---D | M] -- B:\Program Files (x86)\Mozilla Firefox\extensions
[2009/10/23 00:36:16 | 000,238,776 | ---- | M] (Pando Networks) -- B:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/12/22 05:35:01 | 000,001,892 | ---- | M] () -- B:\Program Files (x86)\Mozilla Firefox\searchplugins\bolcom-nl.xml
[2009/12/22 05:35:01 | 000,004,558 | ---- | M] () -- B:\Program Files (x86)\Mozilla Firefox\searchplugins\marktplaats-nl.xml
[2009/12/22 05:35:01 | 000,001,111 | ---- | M] () -- B:\Program Files (x86)\Mozilla Firefox\searchplugins\vandale-nl.xml
[2009/12/22 05:35:01 | 000,001,049 | ---- | M] () -- B:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-nl.xml
[2009/12/22 05:35:01 | 000,000,802 | ---- | M] () -- B:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-nl.xml

O1 HOSTS File: ([2010/04/25 11:06:52 | 000,001,050 | ---- | M]) - B:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - B:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - B:\Program Files (x86)\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - B:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - B:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] B:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [B2C_AGENT] B:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [CTxfiHlp] B:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EVGAPrecision] C:\Program Files (x86)\EVGA Precision\EVGAPrecisionWrapper.exe ()
O4 - HKLM..\Run: [GrooveMonitor] B:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OCAudioIni] B:\Program Files (x86)\One-click Audio Converter\OCAudioIni.exe (Streamware Development)
O4 - HKU\S-1-5-19..\Run: [Sidebar] B:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] B:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\Run: [DAEMON Tools Lite] B:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\Run: [NVIDIA nTune] B:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\Run: [Pando Media Booster] B:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\Run: [Steam] b:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] B:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] B:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\RunServices: [pTFB] B:\Users\germania\AppData\Local\Temp\pTFB.exe File not found
O4 - HKU\S-1-5-21-3600984590-206117935-2791398722-1000..\RunServices: [tnavdecEurope] B:\Users\germania\AppData\Local\Temp\pTFB.exe File not found
O4 - Startup: B:\Users\germania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = B:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: B:\Users\germania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk = B:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Save YouTube Video as MP3 - B:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O8 - Extra context menu item: Save YouTube Video as MP3 - B:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - B:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - B:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - B:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - B:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - B:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - B:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - B:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - B:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGam...S.cab109791.cab ()
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareup...15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - B:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - B:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - B:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - B:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - B:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - B:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - B:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - b:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - B:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - B:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - B:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - B:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - B:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/21 19:26:21 | 000,000,057 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/12/21 21:10:41 | 000,000,000 | ---D | M] - N:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2009/12/21 21:10:41 | 002,863,104 | R--- | M] (BioWare® - a Division of Electronic Arts) - N:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/12/21 21:10:41 | 000,000,073 | R--- | M] () - N:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{005c8b17-137e-11df-9adc-001fbc0048ab}\Shell\AutoRun\command - "" = N:\autorun.exe -- [2009/12/21 21:10:41 | 002,863,104 | R--- | M] (BioWare® - a Division of Electronic Arts)
O33 - MountPoints2\{7d0a389b-8f6b-11de-8fbe-001fbc0048ab}\Shell\AutoRun\command - "" = H:\USBAutoRun.exe -- File not found
O33 - MountPoints2\{7d0a38ba-8f6b-11de-8fbe-001fbc0048ab}\Shell\AutoRun\command - "" = H:\USBAutoRun.exe -- File not found
O33 - MountPoints2\{8ace2d4a-8fa1-11de-9cbd-806e6f6e6963}\Shell\AutoRun\command - "" = D:\OblivionLauncher.exe -- [2006/02/27 17:33:32 | 001,662,976 | R--- | M] (Bethesda Softworks)
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\USBAutoRun.exe -- File not found
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\USBAutoRun.exe -- File not found
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\USBAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Power - B:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: RpcEptMapper - B:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: SymEFA.sys - B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymEFA64.sys (Symantec Corporation)
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - B:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: WudfPf - B:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - B:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - B:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - B:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - B:\Windows\system32\Rundll32.exe B:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - B:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "B:\Windows\System32\rundll32.exe" "B:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - B:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - B:\Windows\SysWOW64\Rundll32.exe B:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - B:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "B:\Windows\SysWOW64\rundll32.exe" "B:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: aux - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - B:\Windows\SysNative\midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - B:\Windows\SysNative\imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - B:\Windows\SysNative\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - B:\Windows\SysNative\msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - B:\Windows\SysNative\msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - B:\Windows\SysNative\msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - B:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - B:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - B:\Windows\SysNative\msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - B:\Windows\SysNative\msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - B:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - B:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - B:\Windows\SysNative\tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - B:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - B:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - B:\Windows\SysNative\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.divxa32 - B:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - B:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - B:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - B:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - B:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - B:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - B:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - B:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.xvid - B:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - B:\Windows\SysWow64\DivX.dll (DivX, Inc.)

NetSvcs:64bit: Ias - B:\Windows\SysNative\ias [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - B:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - B:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - B:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - B:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - B:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - B:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2010/05/10 13:29:51 | 000,476,720 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtsp64.sys
[2010/05/10 13:29:51 | 000,402,992 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymEFA64.sys
[2010/05/10 13:29:51 | 000,278,576 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symtdi.sys
[2010/05/10 13:29:51 | 000,120,880 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symfw.sys
[2010/05/10 13:29:51 | 000,056,880 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symndisv.sys
[2010/05/10 13:29:51 | 000,044,080 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symndis.sys
[2010/05/10 13:29:51 | 000,043,568 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symids.sys
[2010/05/10 13:29:51 | 000,032,304 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtspx64.sys
[2010/05/10 13:29:45 | 000,583,296 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\cchpx64.sys
[2010/05/10 13:29:45 | 000,334,384 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.sys
[2010/05/10 13:29:44 | 000,000,000 | ---D | C] -- B:\Windows\SysNative\drivers\NAVx64\1008000.029
[2010/05/09 11:09:46 | 000,031,280 | R--- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\SymIMV.sys
[2010/05/09 11:09:45 | 000,172,592 | ---- | C] (Symantec Corporation) -- B:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/05/09 11:09:45 | 000,000,000 | ---D | C] -- B:\Program Files\Common Files\Symantec Shared
[2010/05/09 11:09:45 | 000,000,000 | ---D | C] -- B:\Program Files\Symantec
[2010/05/09 11:09:24 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Norton AntiVirus
[2010/05/09 11:09:24 | 000,000,000 | ---D | C] -- B:\Windows\SysNative\drivers\NAVx64
[2010/05/09 11:09:07 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\NortonInstaller
[2010/05/08 03:34:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- B:\Users\germania\Desktop\HiJackThis.exe
[2010/05/06 22:15:04 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\NVIDIA
[2010/05/06 09:40:45 | 000,000,000 | ---D | C] -- B:\Windows\SysWow64\custom matrices
[2010/05/06 09:40:44 | 000,000,000 | ---D | C] -- B:\Windows\SysWow64\C2MP
[2010/05/06 09:02:27 | 000,000,000 | ---D | C] -- B:\Windows\SysWow64\QuickTime
[2010/05/06 01:28:38 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\vlc
[2010/05/05 20:44:17 | 000,069,152 | ---- | C] (Lavasoft AB) -- B:\Windows\SysNative\drivers\Lbd.sys
[2010/05/05 20:44:16 | 000,000,000 | ---D | C] -- B:\Windows\SysNative\DRVSTORE
[2010/05/05 20:44:11 | 000,095,024 | ---- | C] (Sunbelt Software) -- B:\Windows\SysNative\drivers\SBREDrv.sys
[2010/05/05 19:46:19 | 000,000,000 | -H-D | C] -- B:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/05/05 19:46:03 | 000,000,000 | ---D | C] -- B:\ProgramData\Lavasoft
[2010/05/05 19:46:03 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Lavasoft
[2010/05/05 19:33:37 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\CCleaner
[2010/05/05 15:08:22 | 000,000,000 | ---D | C] -- B:\Windows\pss
[2010/05/04 16:23:04 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Windows Media Player
[2010/05/04 16:22:59 | 000,000,000 | ---D | C] -- B:\Windows\ehome
[2010/05/04 16:22:56 | 000,000,000 | ---D | C] -- B:\Program Files\Windows Media Player
[2010/05/04 13:18:30 | 000,000,000 | ---D | C] -- B:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
[2010/05/04 13:17:34 | 004,503,144 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvwgf2um.dll
[2010/05/04 13:17:34 | 000,064,616 | ---- | C] (Khronos Group) -- B:\Windows\SysNative\OpenCL.dll
[2010/05/04 13:17:34 | 000,056,424 | ---- | C] (Khronos Group) -- B:\Windows\SysWow64\OpenCL.dll
[2010/05/04 13:17:34 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\drivers\nvBridge.kmd
[2010/05/04 13:17:33 | 021,005,928 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvoglv64.dll
[2010/05/04 13:17:33 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvoglv32.dll
[2010/05/04 13:17:33 | 002,907,752 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvencodemft.dll
[2010/05/04 13:17:32 | 011,906,664 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvd3dumx.dll
[2010/05/04 13:17:32 | 009,386,600 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvd3dum.dll
[2010/05/04 13:17:32 | 003,215,464 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvencodemft.dll
[2010/05/04 13:17:32 | 002,106,472 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcuvid.dll
[2010/05/04 13:17:32 | 002,009,704 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvcuvid.dll
[2010/05/04 13:17:32 | 000,384,616 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvdecodemft.dll
[2010/05/04 13:17:32 | 000,316,008 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvdecodemft.dll
[2010/05/04 13:17:31 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvcompiler.dll
[2010/05/04 13:17:31 | 005,444,200 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcuda.dll
[2010/05/04 13:17:31 | 004,029,544 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvcuda.dll
[2010/05/04 13:17:31 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcuvenc.dll
[2010/05/04 13:17:31 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysWow64\nvcuvenc.dll
[2010/05/04 13:17:29 | 016,061,032 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcompiler.dll
[2010/05/04 13:17:29 | 000,254,056 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcod1914.dll
[2010/05/04 13:17:29 | 000,254,056 | ---- | C] (NVIDIA Corporation) -- B:\Windows\SysNative\nvcod.dll
[2010/05/03 11:47:05 | 000,223,448 | ---- | C] (Microsoft Corporation) -- B:\Windows\SysNative\drivers\fvevol.sys
[2010/05/03 11:46:59 | 001,446,912 | ---- | C] (Microsoft Corporation) -- B:\Windows\SysNative\lsasrv.dll
[2010/05/03 11:46:59 | 000,153,160 | ---- | C] (Microsoft Corporation) -- B:\Windows\SysNative\drivers\ksecpkg.sys
[2010/05/02 23:30:43 | 000,000,000 | ---D | C] -- B:\Users\germania\Documents\Realtemp
[2010/05/02 23:26:31 | 000,000,000 | ---D | C] -- B:\Users\germania\Documents\Onzin
[2010/05/02 21:59:13 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\Malwarebytes
[2010/05/02 21:59:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- B:\Windows\SysNative\drivers\mbam.sys
[2010/05/02 21:59:06 | 000,000,000 | ---D | C] -- B:\ProgramData\Malwarebytes
[2010/05/01 08:14:50 | 000,000,000 | ---D | C] -- B:\Users\germania\Tracing
[2010/05/01 01:02:56 | 000,000,000 | ---D | C] -- B:\KM900
[2010/05/01 00:33:17 | 001,164,728 | ---- | C] (NuMedia Soft, Inc.) -- B:\Windows\SysWow64\NMSDVDXU.dll
[2010/05/01 00:33:17 | 000,630,784 | ---- | C] (ComponentOne) -- B:\Windows\SysWow64\vsflex8u.ocx
[2010/05/01 00:33:17 | 000,419,240 | ---- | C] (VideoSoft) -- B:\Windows\SysWow64\Vsflex7L.ocx
[2010/05/01 00:33:17 | 000,244,416 | ---- | C] (Microsoft Corporation) -- B:\Windows\SysWow64\Msflxgrd.ocx
[2010/05/01 00:32:44 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\InstallShield
[2010/05/01 00:04:12 | 000,000,000 | ---D | C] -- B:\Program Files\DIFX
[2010/05/01 00:04:11 | 000,020,480 | ---- | C] (Danish Wireless Design A/S) -- B:\Windows\SysWow64\drivers\FlashUsb_x64.sys
[2010/05/01 00:04:11 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\infineon
[2010/04/30 23:59:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- B:\Windows\SysWow64\msxml4a.dll
[2010/04/30 23:59:16 | 000,000,000 | ---D | C] -- B:\ProgramData\LGMOBILEAX
[2010/04/30 18:42:10 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Local\Oblivion
[2010/04/28 20:28:25 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\Hardcore
[2010/04/25 17:15:23 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\ASIO4ALL v2
[2010/04/25 17:15:10 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- B:\Windows\SysWow64\rewire.dll
[2010/04/25 17:15:08 | 000,000,000 | ---D | C] -- B:\Users\germania\Documents\Image-Line
[2010/04/25 17:14:57 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- B:\Windows\SysWow64\vorbis.acm
[2010/04/25 17:14:44 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\VstPlugins
[2010/04/25 17:14:42 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Outsim
[2010/04/25 17:13:17 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Image-Line
[2010/04/25 11:06:55 | 000,000,000 | ---D | C] -- B:\Users\germania\AppData\Roaming\Ubisoft
[2010/04/25 11:06:55 | 000,000,000 | ---D | C] -- B:\ProgramData\Ubisoft
[2010/04/20 20:03:58 | 000,000,000 | ---D | C] -- B:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/07/14 00:30:56 | 000,014,336 | ---- | C] ( ) -- B:\Windows\SysWow64\a3d.dll
[5 B:\Windows\*.tmp files -> B:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/11 12:20:17 | 014,417,920 | -HS- | M] () -- B:\Users\germania\NTUSER.DAT
[2010/05/11 12:11:06 | 000,215,128 | ---- | M] () -- B:\Windows\SysWow64\PnkBstrB.xtr
[2010/05/11 12:11:06 | 000,215,128 | ---- | M] () -- B:\Windows\SysWow64\PnkBstrB.exe
[2010/05/11 12:06:05 | 000,488,184 | ---- | M] () -- B:\Users\germania\Desktop\Gegen Nazi's!.xspf
[2010/05/11 11:49:25 | 000,019,312 | -H-- | M] () -- B:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/11 11:49:25 | 000,019,312 | -H-- | M] () -- B:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/11 11:43:12 | 000,000,394 | ---- | M] () -- B:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/05/11 11:42:19 | 000,000,006 | -H-- | M] () -- B:\Windows\tasks\SA.DAT
[2010/05/11 11:42:16 | 000,067,584 | --S- | M] () -- B:\Windows\bootstat.dat
[2010/05/11 11:42:13 | 2146,332,671 | -HS- | M] () -- B:\hiberfil.sys
[2010/05/11 00:59:25 | 000,062,868 | ---- | M] () -- B:\Windows\SysNative\BMXStateBkp-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/05/11 00:59:25 | 000,062,868 | ---- | M] () -- B:\Windows\SysNative\BMXState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/05/11 00:59:25 | 000,000,820 | ---- | M] () -- B:\Windows\SysNative\DVCState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/05/11 00:59:07 | 023,320,117 | -H-- | M] () -- B:\Users\germania\AppData\Local\IconCache.db
[2010/05/11 00:32:00 | 000,001,076 | ---- | M] () -- B:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3600984590-206117935-2791398722-1000UA.job
[2010/05/10 16:22:24 | 001,129,220 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\Cat.DB
[2010/05/10 16:21:16 | 000,002,399 | ---- | M] () -- B:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/05/10 16:20:56 | 708,614,624 | ---- | M] () -- B:\Windows\MEMORY.DMP
[2010/05/10 16:05:29 | 000,002,425 | ---- | M] () -- B:\Users\germania\vba.ini
[2010/05/10 13:29:52 | 000,172,592 | ---- | M] (Symantec Corporation) -- B:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/05/10 13:29:52 | 000,007,440 | ---- | M] () -- B:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/05/10 13:29:52 | 000,000,855 | ---- | M] () -- B:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/05/10 13:29:45 | 000,583,296 | ---- | M] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\cchpx64.sys
[2010/05/10 13:29:45 | 000,334,384 | ---- | M] (Symantec Corporation) -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.sys
[2010/05/10 13:29:44 | 000,009,412 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symnetv.cat
[2010/05/10 13:29:44 | 000,007,362 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.CAT
[2010/05/10 13:29:44 | 000,001,481 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymNetV.inf
[2010/05/10 13:29:44 | 000,000,640 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.inf
[2010/05/10 13:29:44 | 000,000,172 | ---- | M] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\isolate.ini
[2010/05/08 03:34:55 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- B:\Users\germania\Desktop\HiJackThis.exe
[2010/05/06 20:29:20 | 000,000,010 | ---- | M] () -- B:\Windows\SysWow64\kr_done1
[2010/05/06 09:05:24 | 000,007,631 | ---- | M] () -- B:\Users\germania\AppData\Local\Resmon.ResmonCfg
[2010/05/06 06:32:00 | 000,001,024 | ---- | M] () -- B:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3600984590-206117935-2791398722-1000Core.job
[2010/05/05 20:44:09 | 000,095,024 | ---- | M] (Sunbelt Software) -- B:\Windows\SysNative\drivers\SBREDrv.sys
[2010/05/05 20:44:08 | 000,015,880 | ---- | M] () -- B:\Windows\SysNative\lsdelete.exe
[2010/05/05 19:17:40 | 000,001,080 | ---- | M] () -- B:\Windows\SysNative\settingsbkup.sfm
[2010/05/05 19:17:40 | 000,001,080 | ---- | M] () -- B:\Windows\SysNative\settings.sfm
[2010/05/05 16:09:07 | 000,852,906 | ---- | M] () -- B:\Windows\SysNative\PerfStringBackup.INI
[2010/05/05 16:09:07 | 000,705,996 | ---- | M] () -- B:\Windows\SysNative\perfh009.dat
[2010/05/05 16:09:07 | 000,139,340 | ---- | M] () -- B:\Windows\SysNative\perfc009.dat
[2010/05/01 00:13:40 | 000,002,412 | ---- | M] () -- B:\Windows\SysWow64\lgAxconfig.ini
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- B:\Windows\SysNative\drivers\mbam.sys
[5 B:\Windows\*.tmp files -> B:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/11 12:06:05 | 000,488,184 | ---- | C] () -- B:\Users\germania\Desktop\Gegen Nazi's!.xspf
[2010/05/10 16:22:15 | 001,129,220 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\Cat.DB
[2010/05/10 16:21:57 | 000,000,394 | ---- | C] () -- B:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/05/10 16:20:56 | 708,614,624 | ---- | C] () -- B:\Windows\MEMORY.DMP
[2010/05/10 13:29:51 | 000,009,415 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymNet.cat
[2010/05/10 13:29:51 | 000,007,410 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtsp64.cat
[2010/05/10 13:29:51 | 000,007,401 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtspx64.cat
[2010/05/10 13:29:51 | 000,007,399 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymEFA64.cat
[2010/05/10 13:29:51 | 000,007,345 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\ccHPx64.cat
[2010/05/10 13:29:51 | 000,003,373 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymEFA.inf
[2010/05/10 13:29:51 | 000,001,836 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\ccHPx64.inf
[2010/05/10 13:29:51 | 000,001,480 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymNet.inf
[2010/05/10 13:29:51 | 000,001,437 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtsp64.inf
[2010/05/10 13:29:51 | 000,001,421 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\srtspx64.inf
[2010/05/10 13:29:44 | 000,009,412 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\symnetv.cat
[2010/05/10 13:29:44 | 000,007,362 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.CAT
[2010/05/10 13:29:44 | 000,001,481 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\SymNetV.inf
[2010/05/10 13:29:44 | 000,000,640 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\BHDrvx64.inf
[2010/05/10 13:29:44 | 000,000,172 | ---- | C] () -- B:\Windows\SysNative\drivers\NAVx64\1008000.029\isolate.ini
[2010/05/09 11:09:45 | 000,007,440 | ---- | C] () -- B:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/05/09 11:09:45 | 000,000,855 | ---- | C] () -- B:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/05/09 11:09:37 | 000,002,399 | ---- | C] () -- B:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/05/06 20:26:57 | 000,000,010 | ---- | C] () -- B:\Windows\SysWow64\kr_done1
[2010/05/05 22:59:18 | 000,015,880 | ---- | C] () -- B:\Windows\SysNative\lsdelete.exe
[2010/05/05 15:34:19 | 000,001,324 | ---- | C] () -- B:\Users\germania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
[2010/05/05 15:34:19 | 000,001,003 | ---- | C] () -- B:\Users\germania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2010/05/05 09:19:51 | 000,178,176 | ---- | C] () -- B:\Windows\SysWow64\unrar.dll
[2010/05/05 09:18:40 | 000,606,208 | ---- | C] () -- B:\Windows\SysNative\CoreAAC.ax
[2010/05/04 13:17:34 | 000,009,832 | ---- | C] () -- B:\Windows\SysNative\nvinfo.pb
[2010/05/03 11:13:03 | 000,421,888 | ---- | C] () -- B:\Windows\SysNative\ac3filter.acm
[2010/04/30 23:59:18 | 000,053,248 | ---- | C] () -- B:\Windows\SysWow64\CommonDL.dll
[2010/04/30 23:59:18 | 000,002,412 | ---- | C] () -- B:\Windows\SysWow64\lgAxconfig.ini
[2010/03/03 02:00:00 | 004,555,278 | ---- | C] () -- B:\Windows\SysWow64\libavcodec.dll
[2010/03/03 02:00:00 | 001,449,935 | ---- | C] () -- B:\Windows\SysWow64\ffmpegmt.dll
[2010/03/03 02:00:00 | 000,882,688 | ---- | C] () -- B:\Windows\SysWow64\xvidcore.dll
[2010/03/03 02:00:00 | 000,877,385 | ---- | C] () -- B:\Windows\SysWow64\ff_x264.dll
[2010/03/03 02:00:00 | 000,556,491 | ---- | C] () -- B:\Windows\SysWow64\libmplayer.dll
[2010/03/03 02:00:00 | 000,336,384 | ---- | C] () -- B:\Windows\SysWow64\ff_libfaad2.dll
[2010/03/03 02:00:00 | 000,324,096 | ---- | C] () -- B:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/03/03 02:00:00 | 000,248,320 | ---- | C] () -- B:\Windows\SysWow64\ff_kernelDeint.dll
[2010/03/03 02:00:00 | 000,216,576 | ---- | C] () -- B:\Windows\SysWow64\ff_libdts.dll
[2010/03/03 02:00:00 | 000,169,984 | ---- | C] () -- B:\Windows\SysWow64\ff_samplerate.dll
[2010/03/03 02:00:00 | 000,151,552 | ---- | C] () -- B:\Windows\SysWow64\ff_libmad.dll
[2010/03/03 02:00:00 | 000,145,408 | ---- | C] () -- B:\Windows\SysWow64\libmpeg2_ff.dll
[2010/03/03 02:00:00 | 000,121,856 | ---- | C] () -- B:\Windows\SysWow64\ff_liba52.dll
[2010/03/03 02:00:00 | 000,116,736 | ---- | C] () -- B:\Windows\SysWow64\ff_tremor.dll
[2010/03/03 02:00:00 | 000,100,864 | ---- | C] () -- B:\Windows\SysWow64\ff_wmv9.dll
[2010/03/03 02:00:00 | 000,097,792 | ---- | C] () -- B:\Windows\SysWow64\ff_unrar.dll
[2010/03/03 02:00:00 | 000,085,504 | ---- | C] () -- B:\Windows\SysWow64\ff_vfw.dll
[2010/01/23 17:06:39 | 000,000,328 | ---- | C] () -- B:\Windows\game.ini
[2009/11/14 20:37:08 | 000,154,112 | ---- | C] () -- B:\Windows\SysWow64\ts.dll
[2009/11/14 20:33:38 | 000,249,856 | ---- | C] () -- B:\Windows\SysWow64\dxr.dll
[2009/11/14 20:11:50 | 000,093,184 | ---- | C] () -- B:\Windows\SysWow64\avss.dll
[2009/11/14 20:11:42 | 000,150,016 | ---- | C] () -- B:\Windows\SysWow64\mkx.dll
[2009/11/14 20:11:42 | 000,141,824 | ---- | C] () -- B:\Windows\SysWow64\mp4.dll
[2009/11/14 20:11:40 | 000,123,392 | ---- | C] () -- B:\Windows\SysWow64\ogm.dll
[2009/11/14 20:11:40 | 000,109,568 | ---- | C] () -- B:\Windows\SysWow64\avi.dll
[2009/11/14 20:11:38 | 000,097,792 | ---- | C] () -- B:\Windows\SysWow64\avs.dll
[2009/11/14 20:11:32 | 000,080,384 | ---- | C] () -- B:\Windows\SysWow64\mkzlib.dll
[2009/11/14 20:11:32 | 000,024,576 | ---- | C] () -- B:\Windows\SysWow64\mkunicode.dll
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- B:\Windows\SysWow64\xlive.dll.cat
[2009/10/04 12:16:16 | 000,857,396 | ---- | C] () -- B:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/01 19:22:18 | 000,221,291 | ---- | C] () -- B:\Windows\Imei_dll.dll
[2009/09/01 19:22:18 | 000,040,960 | ---- | C] () -- B:\Windows\Sublock.dll
[2009/08/27 17:55:30 | 000,676,224 | ---- | C] () -- B:\Windows\SysWow64\OGACheckControl.DLL
[2009/08/23 00:01:32 | 000,166,912 | ---- | C] () -- B:\Windows\SysWow64\APOMngr.DLL
[2009/08/23 00:01:32 | 000,073,728 | ---- | C] () -- B:\Windows\SysWow64\CmdRtr.DLL
[2009/08/23 00:01:17 | 000,002,560 | ---- | C] () -- B:\Windows\SysWow64\CTXFIDUT.DLL
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- B:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 01:14:20 | 000,027,839 | ---- | C] () -- B:\Windows\SysWow64\instwdm.ini
[2009/07/14 01:14:16 | 000,000,054 | ---- | C] () -- B:\Windows\SysWow64\ctzapxx.ini
[2009/07/14 00:28:04 | 000,002,560 | ---- | C] () -- B:\Windows\SysWow64\CtxfiRes.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- B:\Windows\SysWow64\msjetoledb40.dll
[2009/06/07 18:24:04 | 000,180,224 | ---- | C] () -- B:\Windows\SysWow64\xvidvfw.dll
[2009/05/26 12:12:38 | 000,000,285 | ---- | C] () -- B:\Windows\SysWow64\kill.ini
[2009/01/11 00:15:44 | 000,159,744 | ---- | C] () -- B:\Windows\SysWow64\mmfinfo.dll
[2008/11/06 18:37:32 | 003,596,288 | ---- | C] () -- B:\Windows\SysWow64\qt-dx331.dll
[2007/10/13 11:30:20 | 000,000,137 | ---- | C] () -- B:\Windows\SysWow64\Registration.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- B:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- B:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- B:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- B:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- B:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- B:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- B:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- B:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- B:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- B:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- B:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- B:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- B:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- B:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- B:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- B:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- B:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- B:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- B:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- B:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- B:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- B:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
< End of report >

Edited by HelpMe?, 11 May 2010 - 05:38 AM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:22 PM

Posted 15 May 2010 - 10:59 AM

Hi,

are you still with us? What about that OTL log?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 HelpMe?

HelpMe?
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 15 May 2010 - 01:25 PM

QUOTE(myrti @ May 15 2010, 10:59 AM) View Post
Hi,

are you still with us? What about that OTL log?

regards myrti


Can't you see the reallllyy long OTL logs in the post above you? ^^

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:22 PM

Posted 15 May 2010 - 05:23 PM

Hi,

oh wow, please don't edit the logs in. I receive a notification when you reply to your thread, but not when you edit it. How come you have germania as a user name? laugh.gif

QUOTE
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
SRV - [2008/10/24 02:40:46 | 000,291,255 | RH-- | M] () [Auto | Stopped] -- B:\Program Files (x86)\Norton2009Reset.exe -- (.norton2009Reset)


The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

QUOTE
Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

http://www.trendmicro.com/vinfo/grayware/v...=CRCK_KEYGEN.BB

QUOTE
...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

http://blog.trendmicro.com/crack-sites-dis...rux-and-fakeav/


When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a lot of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.


If you still need assistance please remove all cracked software from your system. Namely the:
  • Norton
  • all software from Ubi
.

If you do not wish to pay for your anti virus program, get a free one. Two good antivirus programs free for non-commercial home use are Avast! and Antivir
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as wellas impairing the performance of your PC.

Let me know how you decide.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 HelpMe?

HelpMe?
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 18 May 2010 - 01:43 PM

I think I will delete the norton and ubi things, although I'm pretty shure that's not the problem. I got this problem only a week ago or something like that and the Ubi and Norton was on my computer for a very long time.

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:22 PM

Posted 18 May 2010 - 05:30 PM

Hi,

let me know once you're done.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:22 PM

Posted 23 May 2010 - 04:50 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users