Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stuck in a never-ending restart loop; can't boot in Safe Mode or otherwise.


  • This topic is locked This topic is locked
81 replies to this topic

#1 Jyoshiki

Jyoshiki

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 26 July 2010 - 04:03 PM

Hello, all. I heard about this forum a few months ago when my sister came here for help with her laptop; now it's my turn. Forgive the long post, but this has been a long process that I've been trying to fix for almost a week now; I hope someone here will be able to help me out, too.

I'm running Windows XP (I can't recall the Service Pack, but I believe it's 3; I always make sure I keep Windows updated and keep Automatic Updates turned on) Home Edition on a Lenovo J115, Machine Type 7387.

Long story short, I was stupid and let my Norton subscription run out and suddenly, I got hit with Antivir 2010. That in and of itself was a grueling process; Antivir's a nasty little thing and wouldn't even let me open programs or open up the Task Manager, so after every restart, I'd literally have to open the programs as soon as I saw my desktop wallpaper pop up; if I waited too long, Antivir would start up and block all processes again. The virus was also preventing me from booting up in Safe Mode, and would force a restart of the computer every time I tried. After using CCleaner, MalwareBytes, HiJackThis, and PCTool's Spyware Doctor, I thought I had finally fixed the problem. Antivir was gone, and my computer was finally back to normal.

Well, that's what I thought, anyway.

I had to update Spyware Doctor's definition files, and I also updated my Firefox; both of these programs require a system restart, so, thinking everything was back to normal, I went ahead and restarted. Now here's where it gets fun - my computer hung and wouldn't load at all. I restarted it and tried to load in Safe Mode, but the computer would restart itself, just like it had been doing when I was infected with Antivir. This forced me to select the "Load settings from last known good configuration"; Windows would load, but Spyware Doctor would get messed up; it would say it was disconnected and couldn't connect to the program engine. This meant I had to reinstall Spyware Doctor and run the updater all over again to get the most recent updates. The same thing with Firefox - it didn't count as a clean restart, so I couldn't run it, either.

I loaded up MSCONFIG to see if there was anything suspicious, and there were a few things. I'm afraid that I can't list the exact names of these findings, since the computer in question won't boot up at all anymore and I am unable to check up on MSCONFIG; I'll try and describe them as best I can remember.

In WIN.INI, there were two suspicious processes whose names were a jumble of letters and numbers; both of these processes could be expanded; the expansions were also a mixture of letters and numbers, though they were not selectable. I unchecked the suspicious root processes and continued with my research. In BOOT.INI, I discovered that I was unable to make any changes at all; "Boot Options" was completely grayed out. I noticed that, in addition to the default OS, there was an unknown entry listed in the top window; I tried to click on the default OS to change to it, but MSCONFIG wouldn't let me. Finally, Windows overrode it and informed me that the unknown entry was an invalid process, and would I like to remove it? When I selected "Yes", suddenly "Boot Options" became available again. I modified it so that Windows would be forced to start up in Safe Mode with networking. Interestingly, when I went to apply the changes that I made, an error message popped up and told me that access was denied. I am the administrator of that computer, however, so I found that to be odd. But it didn't seem to matter, because the changes were accepted anyway; I exited and reloaded MSCONFIG, too, just to make sure that the changes had stayed, and they had. I did not restart at that time, choosing to do so later on.

During this time, I had downloaded and started to run Microsoft's Malicious Software Removal Tool. I also made sure MalwareBytes was updated to the latest version, because I planned on running it after the Microsoft scan was complete; in the meantime, Spyware Doctor was waiting for a system restart, CCleaner's registry cleaner came back okay, and HiJackThis didn't have anything out of the ordinary, either. The Microsoft scan, however, came back with results - it had detected Alureon.H and TrojanDownloader:Win32/Fakeinit. According to the tool, it was able to delete Fakeinit, but it told me that further steps were necessary to completely remove Alureon. I ran MalwareBytes afterward, and it, too, came up with one hit, which I quarantined and removed. After that, I finally restarted my computer, and this is where I stand now.

I don't know if this is due to further or remaining infection, or if I somehow screwed up with MSCONFIG, but I am now stuck in an infinite restart loop. When the computer did its initial restart, it hung once more with a black screen, causing me to yet again restart it. Once again, I was taken back to the option of starting in various Safe Modes, normal start up, or the last known good configuration. It doesn't matter which option I choose, either. I get the same thing for each one. If I choose any of the Safe Modes, it starts to load, then restarts before it can get to the desktop. If I choose either normal startup or last known good config, it starts to load, then a BSoD pops up for literally a split second, and then the computer restarts. Since the BSoD flashes by so quickly, I have no idea what it says; the only words I was able to get out of it was "Check for viruses". I will try and get a picture of it and post a link to it here if it will help.

I already have a copy of the Recovery Tool stored on an external USB flash drive, and I've been browsing around the Windows directory, looking for oddities or unfamiliar files. I have deleted a few things:

- is-LI7Q3.exe
- is-LI7Q3.lst
- is-LI7Q3.msg
- wiadebug.log
- wiaservc.log
- SGDetectionTool.dll
- SGDetectionTool.dll0737.old
- 0.log

However, deleting these files made no changes, either good or bad; I still have the same problem. I was looking for files and folders that were created and/or modified around the date that all of this started happening, and I did find several, including the ones in the above list; I also found a copy of eSellerateEngine.dll, dated from a few years ago, but I didn't remove it because I had read that it may or may not be malicious and I didn't want to take any chances. I didn't remove any folders, however.

I would love to get my hands on a copy of the Windows XP boot disks in order to get some clean system files, but my PC didn't come with a Windows XP disk and neither did my sister's laptop. I'm unable to create floppies since the only computer with a working floppy drive is the infected one, so downloading the boot disk program that Microsoft provides is a bit of a moot point.

Any thoughts on what I can do? I'd really like to avoid to a complete wipe; I have nearly four years of my life stored on that computer, and I'd rather not lose it all. The really annoying bit is that I can't even log on to Windows at all because it never gets that far. I'm really at my wit's end here! sad.gif Any and all help is much appreciated, and thanks for taking the time to read through this whole thing.

Edited by Jyoshiki, 26 July 2010 - 04:12 PM.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:33 AM

Posted 26 July 2010 - 04:10 PM

Please be patient...I've asked one of our Malware Team personnel to take a look smile.gif.

Louis

#3 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 28 July 2010 - 04:44 PM

Louis, thanks so much for having someone look into this. smile.gif

I just wanted to write a quick note - I will be out of town for the next four days, and while I will still have an Internet connection, I won't be able to access the infected PC until late Sunday night or early Monday morning.

Thank you again!

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,993 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:33 AM

Posted 28 July 2010 - 08:38 PM

@ dragonfly03246

I have split out your post and put it here: http://www.bleepingcomputer.com/forums/topic335611.html in order to avoid confusion with the original poster in this topic. Please read what I've written there.

Orange Blossom fruits_cherry.gif
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 03 August 2010 - 02:51 PM

Hello, please let me know if your computer restarts after the XP splash screen or before it. Try to be as specific as possible.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 03 August 2010 - 10:56 PM

Hi, Elise.

When I boot up the computer normally, it hangs up with a blank, black screen, so I have to press F12 to enter the Startup Device Menu in order to manually select my hard drive. If you think it might help, I could always change the BIOS settings so that the hard drive is the first thing to load; I think the way it's configured now, the hard drive is the third or fourth startup option.

At any rate, since my computer kept crashing before a clean reboot could happen, I'm taken to the menu that allows you to enter safe mode. The options are:

QUOTE
Safe Mode
Safe Mode with Networking
Safe Mode with Command Prompt

Last Known Good Configuration (your most recent settings that worked)

Start Windows Normally


When I choose any of the three Safe Mode options, it starts to load a list of drivers, then tells me to press Enter to continue loading SPTD.SYS. If I hit enter, or if I let it sit for a few seconds, it automatically restarts without reaching a splash screen of any kind.

When I choose either "Last Known Good Configuration" or "Start Windows Normally", the Windows XP splash screen starts to load, but then I get a BSoD with text. I can't tell what the BSoD says, however, because it flashes by in an instant and makes it impossible to read. I can always try and take a video of it, then relay what the message says if need be.

I should note that my Lenovo does have Rescue and Recovery 3 installed on it, which I can access by pressing Enter when my computer first starts; it takes a long time to load, but it does eventually get there. However, due to my hard drive's space limitation, I haven't been able to perform a backup since the year that I got it; my newest backup is dated 8/29/2007.

R&R3 also seems to allow me to restore Windows itself without deleting any files off of my hard drive, but I'm extremely cautious to do that; I'm paranoid that my hard drive will get completely wiped if I do a reinstallation or restoration of XP. I know it says that none of my files will be deleted, but...I guess I'm just still too paranoid to try it.

The option to restore the OS and applications only reads as follows:
QUOTE
Restore operating system and applications only: This function restores only Windows and application files from a backup. Your current personal data will be preserved. All applications installed since the time of the backup will need to be reinstalled. Some settings, such as network and printer settings, might need to be reconfigured.


It goes on to say that the current Windows logon password and user will not change.

However, like I said, I'm really wary of trying this option, because I'm really quite paranoid about it.

I think that's about it for now; thanks so much!

Joanna

[EDIT]
Well, now, here's something interesting that I just came across.

R&R3 has a built-in Norton Anti-Virus, and it also allows me to search the hard drive for virus definition update files. While browsing around, I discovered that somehow, my main drive was renamed from C to G. I have no idea how or why that happened; I never changed my hard drive letter, but that might explain a few things, like why I'm getting a black screen when I try and let the computer boot normally, or why I'm stuck in a restart loop in the first place. If it's trying to read from drive C, then it's trying to read from what it now thinks is a removable drive, which obviously is not there, rather than the physical hard drive.

Looks like the same thing happened to my CD-ROM drive. It was previously drive D, but it's now labeled as drive H.

Now, my computer does, in fact, have four slots in its front which are used for removable media, but they have always been named drives E through H; now they are labeled drives C through F. How two of those drive letters got switched around with my hard drive and CD-ROM is a mystery.

However, I see that two new "drives" are listed as well - one is drive X, which is labeled as SERVICEV001, and the other is drive Z, which is labeled as MS-RAMDRIVE. Upon expansion, it seems that both of these drives are a part of R&R3 itself. It might just be that R&R3 renamed the rest of the drives itself for system purposes, but I'm not entirely sure. To be honest, I've never really used R&R3 before, so this is the first I've seen of something like this.

I'm running the anti-virus scanner now with the most recent definitions folder that I could find. It's a bit outdated, seeing as it's from 2009 (I'm sure there's another folder with better definitions floating around somewhere, though; after all, I always kept my Norton up-to-date prior to letting my subscription run out), but it might be able to pick something up all the same.

Also, while browsing my WINDOWS\system32 folder, one of the subfolders has a name comprised of a jumble of odd symbols, which seems a bit suspicious to me. However, this isn't a complete version of Explorer, so I'm not able to actually delete anything, nor can I open any folders to look at their contents.
[/EDIT]

Edited by Jyoshiki, 03 August 2010 - 11:37 PM.


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 04 August 2010 - 01:37 AM

Hi Joanna,
I understand your concern about the windows restore. From the description it is not entirely clear what they will restore (backup) and what they will leave alone (personal data).

The renaming of the disks is something relatively normal. The recovery program loads two virtual disks in RAM to give you the possibility to access it even when you would have no functioning Harddisk.

I would not run Norton. Especially since it is so outdated, it can do more harm than good. If you are indeed infected with Alureon H as mentioned in the topic title, an outdated Norton can be disastrous and leave us no other option than a system restore.

To be able to diagnose your problem we need an XP CD. Since you mention you don't have one, maybe you can borrow one from a friend or family member.

Let's try to boot your computer using a Boot CD.

Please print this guide for future reference!

You will need a blank CD, your Windows XP install disc, a clean computer and a flash drive.

Please follow the steps below and let me know if you were successful. Please tell me what error messages you got and/or what steps you got hung up on.

1. Download the PE Builder to your desktop

http://www.nu2.nu/download.php?sFile=pebuilder3110a.exe
  • Double-Click on the PE Builder that you just downloaded to your desktop.
  • Follow all of the instructions/prompts that come up.
2. Insert your XP CD with SP1/SP2/SP3 into a CD Rom drive
  • Double-Click on PE Builder.exe located on your desktop.
  • Click NO to Search for Windows Installation Files
  • Make the following selections from the Main Screen that pops up:
    • Builder
      • Source:(path to Windows installation files)[list]
      • Enter the path to the drive where your XP CD is located.
      • You can click on the "..." button on the right to navigate to the path as well.
    • Custom: (include files and folders from this directory)
      • No information is necessary, leave blank.
    • Output:
      • Keep the default
  • Media output
    • Choose Create ISO image
    • Do not choose Burn to CD/DVD
      • Download the RunScanner plugin and save it to your desktop
      http://www.paraglidernc.com/Files/RunScanner10025.cab

      Please note: You will be prompted for the folder that it shall be saved. By default it appears as runscanner10025. It should be modified to just runscanner <--- Important!!!
      • Press the Plugin button on the PE Builder interface
      • Press the Add button and navigate to the location of the RunScanner plugin to install
      • Please note: If you are using a Windows XP disc with sp2 then highlight RpsSS needs to launch DComLaunch and then press Enable
    • When your done press Close and the PE Builder interface will re-appear
3. Click on the "Build" button
  • You will see the Windows EULA message. Click on I Agree
  • You will now see the Build Screen. Let it run it's course
  • When the Build is finished you can click close, then exit
4. Burn your ISO file to CD==========

Next........

From your clean computer..

Please download OTLPE.zip and save it to a flash drive.
http://oldtimer.geekstogo.com/OTLPE.zip
http://www.itxassociates.com/OT-Tools/OTLPE.zip

Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into your sick computer now and do as instructed below..

==========

1. Restart Your sick Computer Using the PE Builder ISO CD That You Have Created
  • Insert the CD in to one of your CD/DVD drives.
  • Restart your computer.
    • The computer should choose to boot from the CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  • Once the desktop appears, you will receive a message asking: Do you want to start Network support?
    • Click on No
  • After it loads press the Go button in the lower left and do this....
    • Go
    • System
    • Display
    • Screen Resolution
    • 1024x768
    Next choose....
    • Go
    • Programs
    • A43 File Management Utility
==========

In A43File Management you should see your flash drive
Navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.bat.
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTLPE should now start

    Change the following settings
    • Change Services, Drivers, Standard and Extra Registry to All
    • Uncheck LOP and Purity check
    Please note: Stay with your computer during the course of the scan. If "Entry Point Errors" are encountered simply press "ok" and allow the program to continue. <-- Important!!
  • Push
  • A report will open named "OTL.tx"t and another will be minimized to the system tray named "Extra.txt". Save both log's to your flash drive. Copy and Paste them in your next reply.

EDIT: I am moving this topic to a more appropriate forum.

Edited by elise025, 04 August 2010 - 01:38 AM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 04 August 2010 - 12:08 PM

Hi, Elise.

I followed all of your instructions and was able to load BartPE successfully, but when I run the OTLPE scan, no reports open up. The scan starts to run, but then I receive one of those "entry point errors" that you mentioned. After I click OK, the scan resumes; it only takes about a minute, if that, to run. Once it's complete, it reads "Scan complete!", but that's it. No text files pop up and nothing is in the system tray. There is also nothing listed in the "Custom Scans/Fixes" box.

The "entry point error" that I receive reads as follows:

QUOTE
The procedure entry point AssocGetPerceivedType could not be located in the dynamic link library SHLWAPI.dll.


Is there another place where the text files could be, or am I just missing something?

Joanna

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 04 August 2010 - 12:19 PM

Hi Joanna,

Please verify if it isn't saved in C:\ (you can check this from the BartPE desktop). If nothing is there, let me know if your C drive (or whatever drive letter windows is installed on) is named as it should (sometimes it happens that a drives gets a different letter assigned, which gives trouble when creating the report).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 04 August 2010 - 02:02 PM

Hi, Elise.

That did the trick. Turns out they were stored in the C drive after all. However, it seems that BartPE renamed my main drive. My drives are listed:

- 3 1/2 Floppy [A:]
- RAMDisk [B:]
- SERVICE001 [C:]
- Removable Disk [E:]
- Removable Disk [F:]
- Removable Disk [G:]
- Removable Disk [H:]
- Main Drive [I:]
- BartPE [J:]


Here are the reports:

QUOTE("OTL.txt")
OTL logfile created on: 8/4/2010 1:14:25 PM - Run
OTLPE by OldTimer - Version 3.1.40.0 Folder = D:\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

959.00 Mb Total Physical Memory | 763.00 Mb Available Physical Memory | 80.00% Memory free
874.00 Mb Paging File | 841.00 Mb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 4.43 Gb Total Space | 0.71 Gb Free Space | 15.97% Space Free | Partition Type: FAT32
Drive D: | 1.83 Gb Total Space | 0.03 Gb Free Space | 1.68% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 228.44 Gb Total Space | 2.99 Gb Free Space | 1.31% Space Free | Partition Type: NTFS
Drive J: | 155.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MININT-JVC
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet008

========== Win32 Services (All) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\xmlprov.dll -- (xmlprov)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wzcsvc.dll -- (WZCSVC)
SRV - File not found [Auto] -- C:\WINDOWS\System32\WUDFSvc.dll -- (WudfSvc)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wuauserv.dll -- (wuauserv)
SRV - File not found [Auto] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wscsvc.dll -- (wscsvc)
SRV - File not found [Auto] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\MsPMSNSv.dll -- (WmdmPmSN)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wbem\WMIsvc.dll -- (winmgmt)
SRV - File not found [Auto] -- C:\WINDOWS\System32\webclnt.dll -- (WebClient)
SRV - File not found [Auto] -- C:\WINDOWS\System32\w32time.dll -- (W32Time)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\vssvc.exe -- (VSS)
SRV - File not found [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\svchost.exe -- (usprserv)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\ups.exe -- (UPS)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\upnphost.dll -- (upnphost)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - File not found [Auto] -- C:\WINDOWS\System32\trkwks.dll -- (TrkWks)
SRV - File not found [On_Demand] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - File not found [Auto] -- C:\WINDOWS\System32\shsvcs.dll -- (Themes)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\termsrv.dll -- (TermService)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv)
SRV - File not found [Auto] -- C:\WINDOWS\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\smlogsvc.exe -- (SysmonLog)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - File not found [Auto] -- c:\program files\lenovo\system update\suservice.exe -- (SUService)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - File not found [Auto] -- C:\WINDOWS\System32\srsvc.dll -- (srservice)
SRV - File not found [Auto] -- C:\WINDOWS\System32\spoolsv.exe -- (Spooler)
SRV - File not found [Auto] -- C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE -- (Speed Disk service)
SRV - File not found [Auto] -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection)
SRV - File not found [Auto] -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)
SRV - File not found [Disabled] -- C:\DOCUME~1\Jyoshiki\LOCALS~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher)
SRV - File not found [Auto] -- C:\WINDOWS\System32\sens.dll -- (SENS)
SRV - File not found [Auto] -- C:\WINDOWS\System32\seclogon.dll -- (seclogon)
SRV - File not found [Auto] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - File not found [Auto] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - File not found [Auto] -- C:\WINDOWS\System32\schedsvc.dll -- (Schedule)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\SCardSvr.exe -- (SCardSvr)
SRV - File not found [Auto] -- C:\WINDOWS\System32\lsass.exe -- (SamSs)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\rsvp.exe -- (RSVP)
SRV - File not found [Auto] -- C:\WINDOWS\System32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\sessmgr.exe -- (RDSessMgr)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\rasmans.dll -- (RasMan)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto)
SRV - File not found [On_Demand] -- -- (PsaSrv)
SRV - File not found [Auto] -- C:\WINDOWS\System32\lsass.exe -- (ProtectedStorage)
SRV - File not found [Auto] -- C:\WINDOWS\System32\lsass.exe -- (PolicyAgent)
SRV - File not found [Auto] -- C:\WINDOWS\System32\services.exe -- (PlugPlay)
SRV - File not found [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - File not found [Auto] -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\ntmssvc.dll -- (NtmsSvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\lsass.exe -- (NtLmSsp)
SRV - File not found [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - File not found [Auto] -- C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE -- (NProtectService)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\mswsock.dll -- (Nla) Network Location Awareness (NLA)
SRV - File not found [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - File not found [Disabled] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\netman.dll -- (Netman)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\lsass.exe -- (Netlogon)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\netdde.exe -- (NetDDEdsdm)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\netdde.exe -- (NetDDE)
SRV - File not found [On_Demand] -- -- (navapsvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\qagentrt.dll -- (napagent)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\msdtc.exe -- (MSDTC)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\mnmsrvc.exe -- (mnmsrvc)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\msgsvc.dll -- (Messenger)
SRV - File not found [On_Demand] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - File not found [Auto] -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv)
SRV - File not found [Auto] -- C:\WINDOWS\System32\lmhsvc.dll -- (LmHosts)
SRV - File not found [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - File not found [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - File not found [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - File not found [Auto] -- C:\WINDOWS\System32\wkssvc.dll -- (lanmanworkstation)
SRV - File not found [Auto] -- C:\WINDOWS\System32\srvsvc.dll -- (lanmanserver)
SRV - File not found [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - File not found [On_Demand] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\imapi.exe -- (ImapiService)
SRV - File not found [On_Demand] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - File not found [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\kmsvc.dll -- (hkmsvc)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus
SRV - File not found [On_Demand] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\es.dll -- (EventSystem)
SRV - File not found [Auto] -- C:\WINDOWS\System32\services.exe -- (Eventlog)
SRV - File not found [Auto] -- C:\WINDOWS\System32\ersvc.dll -- (ERSvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\dot3svc.dll -- (Dot3svc)
SRV - File not found [Auto] -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\dmserver.dll -- (dmserver)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - File not found [Auto] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - File not found [Auto] -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp)
SRV - File not found [Auto] -- C:\WINDOWS\System32\rpcss.dll -- (DcomLaunch)
SRV - File not found [Auto] -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - File not found [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\clipsrv.exe -- (ClipSrv)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\cisvc.exe -- (CiSvc)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - File not found [Auto] -- C:\WINDOWS\System32\browser.dll -- (Browser)
SRV - File not found [Disabled] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - File not found [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - File not found [Auto] -- C:\WINDOWS\System32\qmgr.dll -- (BITS)
SRV - File not found [Auto] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - File not found [Auto] -- C:\WINDOWS\System32\audiosrv.dll -- (AudioSrv)
SRV - File not found [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\alg.exe -- (ALG)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 00:12:02 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- I:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wudfrd.sys -- (WudfRd)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS -- (WSTCODEC)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wdmaud.sys -- (wdmaud)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wanarp.sys -- (Wanarp)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV - File not found [Kernel | Boot] -- -- (VolSnap)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaagp.sys -- (viaagp)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbuhci.sys -- (usbuhci)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS -- (USBSTOR)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbscan.sys -- (usbscan)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbohci.sys -- (usbohci)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbhub.sys -- (usbhub)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbehci.sys -- (usbehci)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\usbccgp.sys -- (usbccgp)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\update.sys -- (Update)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - File not found [File_System | Disabled] -- -- (Udfs)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\tvtpktfilter.sys -- (TVTPktFilter)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\toside.sys -- (TosIde)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnudf.sys -- (tfsnudf)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnpool.sys -- (tfsnpool)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnopio.sys -- (tfsnopio)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnifs.sys -- (tfsnifs)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsndres.sys -- (tfsndres)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsndrct.sys -- (tfsndrct)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsncofs.sys -- (tfsncofs)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\dla\tfsnboio.sys -- (tfsnboio)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\termdd.sys -- (TermDD)
DRV - File not found [Kernel | On_Demand] -- -- (TDTCP)
DRV - File not found [Kernel | On_Demand] -- -- (TDPIPE)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\tcpip.sys -- (Tcpip)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sysaudio.sys -- (sysaudio)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [File_System | Boot] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swmidi.sys -- (swmidi)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\swenum.sys -- (swenum)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\StreamIP.sys -- (streamip)
DRV - File not found [File_System | System] -- C:\WINDOWS\System32\drivers\ssrtln.sys -- (ssrtln)
DRV - File not found [File_System | System] -- C:\WINDOWS\System32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - File not found [File_System | On_Demand] -- C:\WINDOWS\System32\DRIVERS\srv.sys -- (Srv)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - File not found [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - File not found [File_System | Boot] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\Capt905c.sys -- (SQTECH905C)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\splitter.sys -- (splitter)
DRV - File not found [Kernel | Disabled] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - File not found [Kernel | Auto] -- C:\Program Files\SMI2\smi2.sys -- (smi2)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\SLIP.sys -- (SLIP)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | System] -- -- (Sfloppy)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\serial.sys -- (Serial)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\serenum.sys -- (serenum)
DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\sddriver.sys -- (SDdriver)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\redbook.sys -- (redbook)
DRV - File not found [Kernel | On_Demand] -- -- (RDPWD)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\rdpdr.sys -- (rdpdr)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV - File not found [File_System | System] -- C:\WINDOWS\System32\DRIVERS\rdbss.sys -- (Rdbss)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\raspti.sys -- (Raspti)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\rasacd.sys -- (RasAcd)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1240.sys -- (ql1240)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\LVCM.sys -- (QCMerced)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\psched.sys -- (PSched)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\psadd.sys -- (psadd)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\processr.sys -- (Processor)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\drivers\pmemnt.sys -- (pmem)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2.sys -- (perc2)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\Drivers\PenClass.sys -- (PenClass)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\pelusblf.sys -- (pelusblf)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\pelmouse.sys -- (pelmouse)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\pctplsg.sys -- (pctplsg)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\Pcouffin.sys -- (Pcouffin)
DRV - File not found [Kernel | Disabled] -- -- (Pcmcia)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\pciide.sys -- (PCIIde)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - File not found [Kernel | Disabled] -- -- (ParVdm)
DRV - File not found [Kernel | Boot] -- -- (PartMgr)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\parport.sys -- (Parport)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv)
DRV - File not found [Kernel | System] -- -- (Null)
DRV - File not found [File_System | Disabled] -- -- (Ntfs)
DRV - File not found [File_System | System] -- -- (Npfs)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NPF.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\NPDRIVER.SYS -- (NPDriver)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nocashio.sys -- (nocashio)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\netbt.sys -- (NetBT)
DRV - File not found [File_System | System] -- C:\WINDOWS\System32\DRIVERS\netbios.sys -- (NetBIOS)
DRV - File not found [Kernel | On_Demand] -- -- (NDProxy)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ndiswan.sys -- (NdisWan)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\NdisIP.sys -- (NdisIP)
DRV - File not found [Kernel | Boot] -- -- (NDIS)
DRV - File not found [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100716.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100716.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys -- (NABTSFEC)
DRV - File not found [File_System | Boot] -- -- (Mup)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\MSTEE.sys -- (MSTEE)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\mssmbios.sys -- (mssmbios)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\MSPQM.sys -- (MSPQM)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - File not found [File_System | System] -- -- (Msfs)
DRV - File not found [File_System | System] -- C:\WINDOWS\System32\DRIVERS\mrxsmb.sys -- (MRxSmb)
DRV - File not found [File_System | On_Demand] -- C:\WINDOWS\System32\DRIVERS\mrxdav.sys -- (MRxDAV)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - File not found [Kernel | Boot] -- -- (MountMgr)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\mouhid.sys -- (mouhid)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\mouclass.sys -- (Mouclass)
DRV - File not found [Kernel | On_Demand] -- -- (Modem)
DRV - File not found [Kernel | System] -- -- (mnmdd)
DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | Auto] -- C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys -- (MAPMEM)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\lvmvdrv.sys -- (lvmvdrv)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Lvckap.sys -- (Lvckap)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\MakBit Software\MakBit Virtual CD-DVD\kvazidvd.sys -- (KvaziDVD)
DRV - File not found [Kernel | Boot] -- -- (KSecDD)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\kmixer.sys -- (kmixer)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\kbdhid.sys -- (kbdhid)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\kbdclass.sys -- (Kbdclass)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\irenum.sys -- (IRENUM)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\ipsec.sys -- (IPSec)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ipnat.sys -- (IpNat)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\intelide.sys -- (IntelIde)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ini910u.sys -- (ini910u)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\imapi.sys -- (Imapi)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ccvubuv.sys -- (ieqddtnu)
DRV - File not found [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100716.001\IDSxpx86.sys -- (IDSxpx86)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\iaStor.sys -- (iaStor)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\i8042prt.sys -- (i8042prt)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\i2omp.sys -- (i2omp)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\HTTP.sys -- (HTTP)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\hpn.sys -- (hpn)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\hidusb.sys -- (HidUsb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\msgpc.sys -- (Gpc)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\G400m.sys -- (G400)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - File not found [Recognizer | System] -- -- (Fs_Rec)
DRV - File not found [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltmgr.sys -- (FltMgr)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\flpydisk.sys -- (Flpydisk)
DRV - File not found [Kernel | System] -- -- (Fips)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\fdc.sys -- (Fdc)
DRV - File not found [File_System | Disabled] -- -- (Fastfat)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\ezty2usb.sys -- (ezty2usb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\ezty2.sys -- (ezty2)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys -- (EraserUtilDrv11010)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10730.sys -- (EraserUtilDrv10730)
DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\EGATHDRV.SYS -- (EGATHDRV)
DRV - File not found [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B) Intel
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\dsiarhwprog.sys -- (dsiarhwprog)
DRV - File not found [File_System | Auto] -- C:\WINDOWS\System32\drivers\drvnddm.sys -- (drvnddm)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\DMusic.sys -- (DMusic)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\dmboot.sys -- (dmboot)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\uackhtay.sys -- (Disk)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\DRIVERS\cdrom.sys -- (Cdrom)
DRV - File not found [File_System | Disabled] -- -- (Cdfs)
DRV - File not found [Kernel | System] -- -- (Cdaudio)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\CCDECODE.sys -- (CCDECODE)
DRV - File not found [Kernel | Disabled] -- -- (cbidf2k)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\bxhjfcqk.sys -- (bxhjfcqk)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen)
DRV - File not found [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | Auto] -- C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys -- (BCMNTIO)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\audstub.sys -- (audstub)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\atmarpc.sys -- (Atmarpc)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - File not found [Kernel | Auto] -- -- (Aspi32)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amsint.sys -- (amsint)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\alim1541.sys -- (alim1541)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agp440.sys -- (agp440)
DRV - File not found [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aec.sys -- (aec)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - File not found [Kernel | Disabled] -- -- (ACPIEC)
DRV - File not found [Kernel | Boot] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\HelpAssistant_ON_I\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll File not found
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HelpAssistant_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jyoshiki_ON_I\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll File not found
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Jyoshiki_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\LocalService_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\NetworkService_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\
FF - HKLM\software\mozilla\Firefox\Extensions\\esnipsxpi@logia.esnips: C:\Program Files\Logia\eSnipsDownloader\ext
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins


Hosts file not found
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\dla\tfswshx.dll File not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll File not found
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL File not found
O2 - BHO: (eSnipsBHO Class) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - C:\Program Files\Logia\eSnipsDownloader\eSnipsBHO.dll File not found
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll File not found
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll File not found
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll File not found
O3 - HKU\HelpAssistant_ON_I\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll File not found
O3 - HKU\HelpAssistant_ON_I\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll File not found
O3 - HKU\HelpAssistant_ON_I\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll File not found
O3 - HKU\HelpAssistant_ON_I\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll File not found
O3 - HKU\Jyoshiki_ON_I\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll File not found
O3 - HKU\Jyoshiki_ON_I\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll File not found
O3 - HKU\Jyoshiki_ON_I\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll File not found
O3 - HKU\Jyoshiki_ON_I\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [BootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe File not found
O4 - HKLM..\Run: [DVD43] C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe File not found
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe File not found
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe File not found
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] File not found
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL File not found
O4 - HKLM..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe File not found
O4 - HKU\.DEFAULT..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe File not found
O4 - HKU\HelpAssistant_ON_I..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe File not found
O4 - HKU\HelpAssistant_ON_I..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKU\Jyoshiki_ON_I..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe File not found
O4 - HKU\Jyoshiki_ON_I..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\Jyoshiki_ON_I..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKU\HelpAssistant_ON_I..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_( File not found
O4 - HKU\Jyoshiki_ON_I..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_( File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\HelpAssistant_ON_I\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\HelpAssistant_ON_I\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\HelpAssistant_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\HelpAssistant_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\HelpAssistant_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\HelpAssistant_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\Jyoshiki_ON_I\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Jyoshiki_ON_I\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O7 - HKU\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\LocalService_ON_I\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_I\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\LocalService_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\NetworkService_ON_I\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_I\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\NetworkService_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\systemprofile_ON_I\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_I\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll File not found
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk File not found
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\rsvpsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\rsvpsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll File not found
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/as...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://www2.verizon.net/help/dsl_settings/...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 151.198.0.38 68.237.161.12
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll File not found
O18 - Protocol\Handler\bw+0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw+0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw-0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw00 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw00s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw-0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw10 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw10s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw20 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw20s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw30 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw30s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw40 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw40s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw50 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw50s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw60 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw60s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw70 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw70s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw80 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw80s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw90 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bw90s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwa0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwa0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwb0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwb0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwc0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwc0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwd0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwd0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwe0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwe0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwf0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwf0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwg0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwg0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwh0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwh0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwi0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwi0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwj0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwj0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwk0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwk0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwl0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwl0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwm0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwm0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwn0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwn0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwo0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwo0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwp0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwp0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwq0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwq0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwr0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwr0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bws0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bws0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwt0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwt0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwu0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwu0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwv0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwv0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bww0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bww0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwx0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwx0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwy0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwy0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwz0 {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\bwz0s {0832ceba-b3ca-4d42-be4e-ded15d0534e3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll File not found
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll File not found
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll File not found
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll File not found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll File not found
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL File not found
O18 - Protocol\Handler\offline-8876480 {0832CEBA-B3CA-4D42-BE4E-DED15D0534E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL File not found
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll File not found
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll File not found
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll File not found
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\System32\SHELL32.dll File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) - C:\WINDOWS\System32\userinit.exe File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll File not found
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll File not found
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll File not found
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll File not found
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\PROGRA~1\DVDREG~1\DVDShell.dll File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O30 - LSA: Authentication Packages - (msv1_0) - File not found
O30 - LSA: Security Packages - (kerberos) - File not found
O30 - LSA: Security Packages - (msv1_0) - File not found
O30 - LSA: Security Packages - (schannel) - File not found
O30 - LSA: Security Packages - (wdigest) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/20 15:35:04 | 000,000,042 | ---- | M] () - C:\AUTOEXEC.bat -- [ FAT32 ]
O32 - AutoRun File - [2003/10/20 14:35:04 | 000,000,042 | ---- | M] () - C:\AUTOEXEC.ICR -- [ FAT32 ]
O32 - AutoRun File - [2006/04/30 05:36:18 | 000,000,000 | -HS- | M] () - I:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/11/02 19:04:58 | 000,000,046 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{27fab310-a471-11db-8351-000c41661e22}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{27fab310-a471-11db-8351-000c41661e22}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\RunDLL32.EXE -- File not found
O33 - MountPoints2\{27fab310-a471-11db-8351-000c41661e22}\Shell\Explore\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\{27fab310-a471-11db-8351-000c41661e22}\Shell\Open\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\{52a5edcc-ceda-11dd-84d2-000c41661e22}\Shell - "" = AutoRun
O33 - MountPoints2\{52a5edcc-ceda-11dd-84d2-000c41661e22}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{52a5edcc-ceda-11dd-84d2-000c41661e22}\Shell\AutoRun\command - "" = J:\DPFMate.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within (All) ==========

[2006/12/11 15:34:42 | 000,000,000 | ---D | C] -- C:\RECOVERY
[2006/12/11 15:34:42 | 000,000,000 | ---D | C] -- C:\preboot
[2006/12/11 15:34:42 | 000,000,000 | ---D | C] -- C:\MFGSTAT
[2006/12/11 15:17:20 | 000,000,000 | ---D | C] -- C:\TPTOOLS
[2006/12/11 15:17:19 | 000,000,000 | ---D | C] -- C:\DOS
[2006/07/14 17:09:51 | 000,000,000 | ---D | C] -- C:\minint
[2006/07/14 12:51:56 | 000,000,000 | ---D | C] -- C:\swwork

========== Files - Modified Within (All) ==========

[2010/08/03 23:43:34 | 000,000,512 | ---- | M] () -- C:\BOOTSECT.DOS
[2006/12/11 15:17:20 | 000,000,000 | ---- | M] () -- C:\SCRREC.VER
[2006/07/26 10:27:02 | 001,725,038 | ---- | M] () -- C:\TCDIAG2.EXE
[2006/07/25 16:14:58 | 000,893,934 | ---- | M] () -- C:\TCDIAG1.EXE
[2006/07/14 20:04:56 | 000,000,063 | ---- | M] () -- C:\bootsec.py
[2006/07/14 20:04:52 | 000,222,368 | ---- | M] () -- C:\PDLDR
[2006/07/14 20:04:52 | 000,222,368 | ---- | M] () -- C:\NTLDR
[2006/07/14 20:04:50 | 000,053,786 | ---- | M] () -- C:\COMMAND.COM
[2006/07/14 20:04:50 | 000,044,240 | ---- | M] () -- C:\IBMBIO.COM
[2006/07/14 20:04:50 | 000,042,550 | ---- | M] () -- C:\IBMDOS.COM
[2006/07/14 20:04:48 | 000,000,169 | ---- | M] () -- C:\BOOT.INI
[2006/04/07 10:13:40 | 000,000,010 | ---- | M] () -- C:\VERSION.ID
[2005/09/02 07:52:48 | 000,000,689 | ---- | M] () -- C:\launchit.bat
[2004/08/04 04:00:00 | 000,260,272 | ---- | M] () -- C:\peldr
[2004/08/04 04:00:00 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2004/08/04 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP.SP2
[2004/08/04 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51IP
[2004/08/04 04:00:00 | 000,000,010 | ---- | M] () -- C:\WIN51
[2004/02/23 07:25:52 | 000,000,139 | ---- | M] () -- C:\CONFIG.ICR
[2004/02/23 07:25:28 | 000,000,133 | ---- | M] () -- C:\CONFIG.SYS
[2003/10/20 15:35:04 | 000,000,042 | ---- | M] () -- C:\AUTOEXEC.bat
[2003/10/20 14:35:04 | 000,000,042 | ---- | M] () -- C:\AUTOEXEC.ICR
[2003/07/30 00:00:00 | 000,014,592 | ---- | M] () -- C:\HIMEM.SYS
[2003/05/12 00:00:00 | 000,000,332 | ---- | M] () -- C:\PLNRCHK.BAT
[2001/12/12 20:07:28 | 000,002,513 | ---- | M] () -- C:\PCYCLE.EXE
[2000/04/06 14:34:30 | 000,000,655 | ---- | M] () -- C:\FINDDRV.BAT
[1998/04/30 13:00:00 | 000,082,165 | ---- | M] () -- C:\REXX.EXE
[1998/04/30 13:00:00 | 000,000,171 | ---- | M] () -- C:\RXDINFO.RX
[1994/11/17 12:00:00 | 000,037,681 | ---- | M] () -- C:\MOUSE.COM
[1994/11/17 12:00:00 | 000,005,067 | ---- | M] () -- C:\RAMDRIVE.SYS
[1994/11/17 12:00:00 | 000,000,024 | ---- | M] () -- C:\MOUSE.INI

========== Files Created - No Company Name ==========

[2006/12/11 15:17:20 | 001,725,038 | ---- | C] () -- C:\TCDIAG2.EXE
[2006/12/11 15:17:20 | 000,893,934 | ---- | C] () -- C:\TCDIAG1.EXE
[2006/12/11 15:17:20 | 000,000,171 | ---- | C] () -- C:\RXDINFO.RX
[2006/12/11 15:17:20 | 000,000,010 | ---- | C] () -- C:\VERSION.ID
[2006/12/11 15:17:19 | 000,082,165 | ---- | C] () -- C:\REXX.EXE
[2006/12/11 15:17:19 | 000,037,681 | ---- | C] () -- C:\MOUSE.COM
[2006/12/11 15:17:19 | 000,005,067 | ---- | C] () -- C:\RAMDRIVE.SYS
[2006/12/11 15:17:19 | 000,002,513 | ---- | C] () -- C:\PCYCLE.EXE
[2006/12/11 15:17:19 | 000,000,689 | ---- | C] () -- C:\launchit.bat
[2006/12/11 15:17:19 | 000,000,655 | ---- | C] () -- C:\FINDDRV.BAT
[2006/12/11 15:17:19 | 000,000,332 | ---- | C] () -- C:\PLNRCHK.BAT
[2006/12/11 15:17:19 | 000,000,139 | ---- | C] () -- C:\CONFIG.ICR
[2006/12/11 15:17:19 | 000,000,133 | ---- | C] () -- C:\CONFIG.SYS
[2006/12/11 15:17:19 | 000,000,042 | ---- | C] () -- C:\AUTOEXEC.ICR
[2006/12/11 15:17:19 | 000,000,024 | ---- | C] () -- C:\MOUSE.INI
[2006/12/11 15:17:19 | 000,000,000 | ---- | C] () -- C:\SCRREC.VER
[2006/07/15 00:09:36 | 000,222,368 | ---- | C] () -- C:\PDLDR
[2006/07/15 00:09:36 | 000,222,368 | ---- | C] () -- C:\NTLDR
[2006/07/15 00:09:36 | 000,053,786 | ---- | C] () -- C:\COMMAND.COM
[2006/07/15 00:09:36 | 000,044,240 | ---- | C] () -- C:\IBMBIO.COM
[2006/07/15 00:09:36 | 000,042,550 | ---- | C] () -- C:\IBMDOS.COM
[2006/07/15 00:09:36 | 000,014,592 | ---- | C] () -- C:\HIMEM.SYS
[2006/07/15 00:09:36 | 000,000,512 | ---- | C] () -- C:\BOOTSECT.DOS
[2006/07/15 00:09:36 | 000,000,169 | ---- | C] () -- C:\BOOT.INI
[2006/07/15 00:09:36 | 000,000,063 | ---- | C] () -- C:\bootsec.py
[2006/07/15 00:09:36 | 000,000,042 | ---- | C] () -- C:\AUTOEXEC.bat
[2006/07/14 17:12:29 | 000,260,272 | ---- | C] () -- C:\peldr
[2006/07/14 17:12:29 | 000,047,564 | ---- | C] () -- C:\ntdetect.com
[2006/07/14 17:09:51 | 000,000,010 | ---- | C] () -- C:\WIN51IP.SP2
[2006/07/14 17:09:51 | 000,000,010 | ---- | C] () -- C:\WIN51IP
[2006/07/14 17:09:51 | 000,000,010 | ---- | C] () -- C:\WIN51
< End of report >


QUOTE("Extras.txt")
OTL Extras logfile created on: 8/4/2010 1:14:25 PM - Run
OTLPE by OldTimer - Version 3.1.40.0 Folder = D:\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

959.00 Mb Total Physical Memory | 763.00 Mb Available Physical Memory | 80.00% Memory free
874.00 Mb Paging File | 841.00 Mb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 4.43 Gb Total Space | 0.71 Gb Free Space | 15.97% Space Free | Partition Type: FAT32
Drive D: | 1.83 Gb Total Space | 0.03 Gb Free Space | 1.68% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 228.44 Gb Total Space | 2.99 Gb Free Space | 1.31% Space Free | Partition Type: NTFS
Drive J: | 155.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MININT-JVC
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet008

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe File not found
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe File not found
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE File not found
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE File not found
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL File not found
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe File not found
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe File not found
.reg [@ = regfile] -- regedit.exe "%1"
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE File not found
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe File not found
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe File not found
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe File not found
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 File not found
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 File not found
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l File not found
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" File not found
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 File not found
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 File not found
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 File not found
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 File not found
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" File not found
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe File not found
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L File not found
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L File not found
Drive [find] -- %SystemRoot%\Explorer.exe File not found
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"60272:TCP" = 60272:TCP:*:Enabled:Services
"2577:TCP" = 2577:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"60272:TCP" = 60272:TCP:*:Enabled:Services
"2577:TCP" = 2577:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"8888:TCP" = 8888:TCP:*:Enabled:NDS

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\SEGA\PHANTASY STAR ONLINE Blue Burst\online.exe" = C:\Program Files\SEGA\PHANTASY STAR ONLINE Blue Burst\online.exe:*:Enabled:PHANTASY STAR ONLINE Blue Burst -- File not found
"C:\Program Files\SEGA2\PHANTASY STAR UNIVERSE\online.exe" = C:\Program Files\SEGA2\PHANTASY STAR UNIVERSE\online.exe:*:Enabled:PHANTASY STAR UNIVERSE -- File not found
"C:\Program Files\Gizmo Project for LJ Talk\mDNSResponder.exe" = C:\Program Files\Gizmo Project for LJ Talk\mDNSResponder.exe:*:Enabled:Bonjour -- File not found
"C:\Program Files\Gizmo Project for LJ Talk\Gizmo-LJ.exe" = C:\Program Files\Gizmo Project for LJ Talk\Gizmo-LJ.exe:*:Enabled:Gizmo Project for LJ Talk -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Morpheus\Morpheus.exe" = C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:Torrent -- File not found
"C:\Documents and Settings\Jyoshiki\My Documents\utorrent.exe" = C:\Documents and Settings\Jyoshiki\My Documents\utorrent.exe:*:Enabled:Torrent -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- File not found
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- File not found
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- File not found
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{15786AC4-1F61-C1AB-11EF-2D0A01DD175C}" = chrono_clock
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 20
"{30614D5F-58BB-4A76-8BC9-C763A815CFC4}" = Hackman Suite
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{48227AEB-DC8E-4A90-A274-0B4A39D699B1}" = Client Security Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}" = Norton Utilities
"{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{768F22DC-2D20-4F52-A9A1-5E231FB7F752}" = Logitech Gaming Software 5.04
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77364F85-6219-4CB8-AAA0-6D53368D683D}" = Connection Keep Alive
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{88F7575F-66BD-4945-9551-A944F94E724A}" = MakBit Virtual CD-DVD
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}" = NSW_DRM_COLLECTION
"{90190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A6B72C5-E2EF-4C98-DFD8-04B5860FB01A}" = Nihongoup
"{9E23C48E-5483-4971-BA50-089F2FABCD66}" = Norton SystemWorks
"{A1390A07-A917-4E05-8CB4-70FF109E03A5}" = Toon Boom Studio 4.0 Trial
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logitech QuickCam Software
"{C22404E3-371D-46A3-A633-C7094DDE7274}" = openCanvas4.06E Plus
"{C3C538E5-524C-4253-AA74-0EEEF34990EA}" = DiscJuggler
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CA31120D-2101-484D-9FF1-195DE96FE346}" = Norton Cleanup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}" = MSRedist
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DF654BB0-0833-497B-82D5-4D9A5613AC2C}" = Small Business Center
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E47CD2EF-87C1-49B0-BA8B-54C05F8A66E1}" = Pet Workshop
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"‚‚‚‚‚‚‚‚‚‚" = ‚‚‚‚‚‚‚‚‚‚ ?????????
"Acoustica MP3 Audio Mixer" = Acoustica MP3 Audio Mixer
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Action Replay DSi Code Manager_is1" = Action Replay DSi Code Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Belarc Advisor 2.0" = Belarc Advisor 7.2
"BootSkin" = BootSkin
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"CheckIt Diagnostics" = CheckIt Diagnostics
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_201414F1" = HSF2014 56K Data Fax Modem
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2007-07-22
"CursorWorkshop" = Axialis CursorWorkshop 6.31
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"Defraggler" = Defraggler
"Digital Lifeline" = Digital Lifeline
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"DVD Region+CSS Free_is1" = DVD Region+CSS Free 5.58
"EasyKeytec" = EasyKeytec(Ű α׷)
"EccoSaver Screen Saver" = EccoSaver Screen Saver
"Electronic Piano 2.5_is1" = Electronic Piano 2.5
"eMule" = eMule
"eSnips_Downloader" = eSnips Downloader
"ffdshow_is1" = ffdshow [rev 1381] [2007-07-29]
"Flickr Uploadr" = Flickr Uploadr 2.3
"FLV Player" = FLV Player 2.0 (build 25)
"Font Viewer_is1" = Font Viewer 2.0
"Fraps" = Fraps (remove only)
"Free CD Music Converter 10" = Free CD Music Converter 10
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Freez FLV to MP3 Converter V1.2_is1" = Freez FLV to MP3 Converter
"Furcadia" = Furcadia
"Gizmo Project for LJ Talk" = Gizmo Project for LJ Talk 2.0
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GrammarPro" = GrammarPro
"GTK 2.0" = GTK+ Runtime 2.12.12 rev a (remove only)
"gyakutenkenjiSS" = gyakutenkenjiSS ?????????
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"IconWorkshop" = Axialis IconWorkshop 6.10
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"ips XP_is1" = ips XP 1.11.2600
"IrfanView" = IrfanView (remove only)
"KeyHoleTV" = KeyHoleTV
"Magic M4A to MP3 Converter_is1" = Magic M4A to MP3 Converter 3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"MouseSuite98" = Mouse Suite
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"One-click Audio Converter_is1" = One-click Audio Converter Uninstall
"Ootake_is1" = Ootake ver0.98
"Orbit_is1" = Orbit Downloader
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Pcsx2_is1" = Pcsx2 0.9.4 Watermoose
"Pen Tablet Driver" = Bamboo
"Petz 4" = Petz 4
"Petz II" = Petz II
"PetzA_is1" = PetzA 2.2.5
"PetzPlayer" = PetzPlayer
"Phantasy Star Online Blue Burst_is1" = Phantasy Star Online Blue Burst 1.0
"Pokemon Battle Revolution" = Pokemon Battle Revolution Screen Saver
"Pokemon Mystery Dungeon" = Pokemon Mystery Dungeon Screen Saver
"Pokmon Platinum Screesaver" = Pokmon Platinum Screesaver
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"QcDrv" = Logitech Camera Driver
"QuickMark" = QuickMark (remove only)
"RealPopup_is1" = RealPopup
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.83
"Sailor Moon.scr" = Sailor Moon
"SBWCD20" = Storybook Weaver Deluxe
"Screen Recorder Gold" = Screen Recorder Gold
"Senshiscreen" = Senshiscreen
"SkinnerToo" = SkinnerToo
"SkinStudio Free" = SkinStudio Free
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"sonic_01" = sonic_01 ?????????
"Speccy" = Speccy
"Spyware Doctor" = Spyware Doctor 7.0
"Steam App 400" = Portal
"SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition (Symantec Corporation)
"SystemRequirementsLab" = System Requirements Lab
"the_best_of_tales_heroines" = the_best_of_tales_heroines ?????????
"the_best_of_tales_heros" = the_best_of_tales_heros ?????????
"Unitype Applications" = Unitype Applications
"UnityWebPlayer" = Unity Web Player
"UnixUtils for Yahoo! Widgets" = Unix Utilities for Yahoo! Widgets
"VDMSound" = VDMSound
"Video Converter 3" = Video Converter 3
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft DVD Creator" = Xilisoft DVD Creator
"XiphQT" = Xiph QuickTime Components
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Widget Engine" = Yahoo! Widgets
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\HelpAssistant_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CPV" = CPV
"Tales of Symphonia Screensaver" = Tales of Symphonia Screensaver
"uTorrent" = Torrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\Jyoshiki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Tales of Symphonia Screensaver" = Tales of Symphonia Screensaver
"uTorrent" = Torrent

< End of report >


Joanna

Edited by Jyoshiki, 04 August 2010 - 02:13 PM.


#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 04 August 2010 - 03:00 PM

Hi Joanna,

Can you please verify your Windows installation is indeed on I:\ in BartPE?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 04 August 2010 - 03:45 PM

Hi, Elise.

Yes, Windows is installed on drive I. The WINDOWS root folder, including all of the system subfolders, are on there, as are the rest of my personal files and folders. It's really my main drive, but it looks like BartPE renamed it to drive I.

Joanna

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 05 August 2010 - 01:41 AM

OTLPE looked at C:\ for your files, so we need to trick it into looking at I:\ instead.

To do so, we need to temporarily rename boot.ini

Please see if the C:\ drive contains a file named boot.ini. If so, rename it to boot.bak (rightclick > rename).

When done, try to run OTLPE again. You will now be prompted to open the folder with your windows installation. Browse to I:\windows and click Open. When done, the logs should be saved in I:\ as well. Please post me the new OTL.txt

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 Jyoshiki

Jyoshiki
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Jersey
  • Local time:03:33 AM

Posted 05 August 2010 - 08:18 AM

Hi, Elise.

I did find the boot.ini file in the C:\ drive and I renamed it, but when I started OTLPE, it didn't prompt me to open the Windows installation folder. I ran the scan and looked in the I:\ drive, but there were no log files; I looked back in the C:\ drive and found them.

So it looks like OTLPE is still trying to scan the C:\ drive.

Joanna

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:33 AM

Posted 05 August 2010 - 09:06 AM

Hi Joanna,

Since I have no BartPE CD at hand, I can't test this; you will need to find the My Computer option in the menu.
1. Right-click on the My Computer icon.
2. Click on the Manage option
3. Click on Disk Management
4. Right-click on the I: drive
5. Click on Change Drive Letter and Paths
6. Select the I: drive and click in the Change button
7. Select Assign the following Drive Letter option
8. In the drop-down selection box select the correct drive letter: C:\
9. Click Ok for any warning messages and close out the Computer Management dialog box

Note - you might need to first give C:\ (SERVICE00, which is most likely a recovery partition) another drive letter (just use one that is not already used).

When your windows partition is named C:\, rerun OTLPE (make sure you rename the boot.ini on the SERVICE00 partition back to its old name).

Edited by elise025, 05 August 2010 - 09:07 AM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users