Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Balloon pop up from Windows security Centre


  • This topic is locked This topic is locked
3 replies to this topic

#1 TommY_Gee

TommY_Gee

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 21 March 2011 - 06:26 PM

Mog EDIT: from AII topic here ~~boopme

http://www.bleepingcomputer.com/forums/topic385410.html




OTL logfile created on: 22/03/2011 10:18:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = F:\Documents and Settings\J cat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
18.00 Gb Paging File | 17.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 292.97 Gb Total Space | 139.15 Gb Free Space | 47.50% Space Free | Partition Type: NTFS
Drive E: | 292.97 Gb Total Space | 83.30 Gb Free Space | 28.43% Space Free | Partition Type: NTFS
Drive F: | 68.36 Gb Total Space | 35.73 Gb Free Space | 52.26% Space Free | Partition Type: NTFS
Drive G: | 195.31 Gb Total Space | 177.90 Gb Free Space | 91.08% Space Free | Partition Type: NTFS
Drive H: | 81.90 Gb Total Space | 52.55 Gb Free Space | 64.17% Space Free | Partition Type: NTFS

Computer Name: JCAT | User Name: J cat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/21 22:08:33 | 000,580,608 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\J cat\Desktop\OTL.exe
PRC - [2011/03/05 11:32:16 | 000,912,344 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- F:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/07/07 13:52:58 | 003,065,160 | ---- | M] (Emsi Software GmbH) -- F:\Program Files\Emsisoft\Online Armor\oahlp.exe
PRC - [2010/07/07 13:52:54 | 006,854,984 | ---- | M] (Emsi Software GmbH) -- F:\Program Files\Emsisoft\Online Armor\oaui.exe
PRC - [2010/07/07 13:52:54 | 003,364,680 | ---- | M] (Emsi Software GmbH) -- F:\Program Files\Emsisoft\Online Armor\oasrv.exe
PRC - [2010/07/07 13:52:54 | 001,283,400 | ---- | M] (Emsi Software GmbH) -- F:\Program Files\Emsisoft\Online Armor\oacat.exe
PRC - [2010/05/05 16:56:06 | 000,251,392 | ---- | M] () -- F:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2010/04/27 14:41:26 | 000,218,112 | ---- | M] () -- F:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2010/03/10 14:50:14 | 001,439,360 | ---- | M] (ASUSTeK Computer Inc.) -- F:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2010/03/08 17:22:18 | 007,283,328 | ---- | M] (ASUSTeK Computer Inc.) -- F:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
PRC - [2010/01/13 21:55:10 | 000,611,968 | ---- | M] (ASUSTeK Computer Inc.) -- F:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe
PRC - [2009/11/08 23:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- H:\Program Files\WordWeb\wweb32.exe
PRC - [2009/05/25 14:56:18 | 005,391,872 | ---- | M] () -- F:\Program Files\ASUS\TurboV\TurboV.exe
PRC - [2009/04/02 15:27:27 | 000,090,112 | R--- | M] () -- F:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe
PRC - [2008/02/28 17:07:58 | 001,828,136 | ---- | M] (Nero AG) -- F:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- F:\Program Files\Razer\DeathAdder\razerofa.exe
PRC - [2007/03/07 01:45:37 | 000,517,040 | ---- | M] ( ) -- F:\WINDOWS\system32\lxdicoms.exe


========== Modules (SafeList) ==========

MOD - [2011/03/21 22:08:33 | 000,580,608 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\J cat\Desktop\OTL.exe
MOD - [2010/08/24 03:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Norton Internet Security)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- F:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/11/25 09:49:46 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- F:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- F:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/07/20 22:15:52 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/07 13:52:54 | 003,364,680 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- F:\Program Files\Emsisoft\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2010/07/07 13:52:54 | 001,283,400 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- F:\Program Files\Emsisoft\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/08/24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- H:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009/05/12 16:12:14 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- F:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2009/04/02 15:27:27 | 000,090,112 | R--- | M] () [Auto | Running] -- F:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/02/18 15:31:56 | 000,294,912 | -H-- | M] (DeviceVM) [Disabled | Stopped] -- F:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2007/03/07 01:45:37 | 000,517,040 | ---- | M] ( ) [On_Demand | Running] -- F:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)


========== Driver Services (SafeList) ==========

DRV - [2011/02/04 00:59:49 | 000,005,632 | ---- | M] () [File_System | System | Running] -- F:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2010/12/30 11:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/26 15:17:40 | 005,555,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/11/17 23:03:56 | 000,101,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/11/12 20:40:12 | 000,273,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/10/29 18:13:06 | 000,104,536 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- F:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/07 13:25:58 | 000,022,600 | ---- | M] (Emsisoft) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2010/07/07 13:25:42 | 000,028,232 | ---- | M] (Emsisoft) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2010/07/07 13:25:38 | 000,236,104 | ---- | M] (Emsisoft) [File_System | System | Running] -- F:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2010/02/16 00:02:23 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2010/02/09 09:53:28 | 000,023,304 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\MAudioLegacyKeyboard_DFU.sys -- (MADFULEGACYKEYBOARD)
DRV - [2010/02/09 09:53:24 | 000,167,304 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\MAudioLegacyKeyboard.sys -- (MAUSBLEGACYKEYBOARD)
DRV - [2009/12/21 21:50:16 | 000,005,760 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\vHidDev.sys -- (vHidDev)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/08/19 23:05:56 | 000,100,368 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/08/10 15:25:40 | 000,038,528 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\CYUSB.sys -- (CYUSB)
DRV - [2009/08/04 11:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/30 11:15:54 | 000,014,336 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2009/04/21 17:58:42 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\danew.sys -- (danewFltr)
DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- F:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/05/06 17:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2007/11/14 17:20:04 | 000,031,752 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ma_cmidi.sys -- (MA_CMIDI)
DRV - [2007/08/29 16:50:48 | 000,039,168 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\US122Wdm.sys -- (Us122WdmService)
DRV - [2007/08/29 16:50:34 | 000,018,304 | ---- | M] (Frontier Design Group) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\US122DL.sys -- (US122DL)
DRV - [2007/08/29 16:50:02 | 000,131,968 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\US122.sys -- (US122)
DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2004/08/13 13:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - F:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com.au"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.14
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "202.93.213.34"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: F:\Program Files\AVG\AVG10\Firefox\ [2011/01/15 21:00:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: F:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/01/16 21:10:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2011/03/13 20:54:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2011/03/14 15:37:57 | 000,000,000 | ---D | M]

[2010/03/15 14:06:30 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\J cat\Application Data\Mozilla\Extensions
[2011/03/21 10:08:25 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\J cat\Application Data\Mozilla\Firefox\Profiles\xubydqrp.default\extensions
[2010/04/27 14:38:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- F:\Documents and Settings\J cat\Application Data\Mozilla\Firefox\Profiles\xubydqrp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/16 20:40:35 | 000,000,000 | ---D | M] (Fire.fm) -- F:\Documents and Settings\J cat\Application Data\Mozilla\Firefox\Profiles\xubydqrp.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/08/30 22:05:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- F:\Documents and Settings\J cat\Application Data\Mozilla\Firefox\Profiles\xubydqrp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/09/05 01:55:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- F:\Documents and Settings\J cat\Application Data\Mozilla\Firefox\Profiles\xubydqrp.default\extensions\battlefieldheroespatcher@ea.com
[2011/03/21 10:08:25 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2010/04/19 09:42:08 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 17:09:56 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/02 11:43:29 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/12 14:45:28 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/19 11:46:20 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/01/15 21:00:19 | 000,000,000 | ---D | M] (AVG Safe Search) -- F:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2011/01/16 21:10:48 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.011.025.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- F:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2010/04/19 09:41:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- F:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/13 03:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- F:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011/03/05 11:32:21 | 000,001,538 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/03/05 11:32:21 | 000,000,947 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/03/05 11:32:21 | 000,000,769 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/03/05 11:32:21 | 000,001,135 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/02/16 09:52:45 | 000,000,781 | RHS- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - F:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - F:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - F:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [@OnlineArmor GUI] F:\Program Files\Emsisoft\Online Armor\oaui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [36X Raid Configurer] F:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [ABs Wallpaper Tray] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] F:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ai Nap] F:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ASUS Update Checker] F:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe ()
O4 - HKLM..\Run: [ATICustomerCare] F:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] F:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Cpu Level Up help] F:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [DeathAdder] F:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [ISUSPM] File not found
O4 - HKLM..\Run: [ISUSPM Startup] File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] F:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LXDICATS] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.DLL (Lexmark International, Inc.)
O4 - HKLM..\Run: [NBKeyScan] H:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QFan Help] F:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RTHDCPL] File not found
O4 - HKLM..\Run: [Six Engine] F:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TurboV] F:\Program Files\ASUS\TurboV\TurboV.exe ()
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] F:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [WordWeb] h:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - F:\Documents and Settings\J cat\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - F:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - F:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: F:\Documents and Settings\J cat\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\J cat\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - F:\Program Files\Emsisoft\Online Armor\oaevent.dll (Emsi Software GmbH)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/15 09:21:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/20 22:02:29 | 000,000,000 | ---D | M] - H:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{7c39be3f-07df-11e0-8ddc-cf2908d5cb18}\Shell - "" = AutoRun
O33 - MountPoints2\{7c39be3f-07df-11e0-8ddc-cf2908d5cb18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c39be3f-07df-11e0-8ddc-cf2908d5cb18}\Shell\AutoRun\command - "" = J:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (dfsdkbt) - F:\WINDOWS\System32\dfsdkbt.exe (mst software GmbH, Germany)
O34 - HKLM BootExecute: (DfSDKBt) - F:\WINDOWS\System32\DfSDKBt.exe (mst software GmbH, Germany)
O34 - HKLM BootExecute: (F:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - F:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (F:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - F:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/21 22:08:29 | 000,580,608 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\J cat\Desktop\OTL.exe
[2011/03/20 10:43:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Start Menu\Programs\WinRAR
[2011/03/20 10:43:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/03/20 10:28:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Desktop\New Folder
[2011/03/19 19:12:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2011/03/18 17:30:46 | 000,000,000 | ---D | C] -- F:\Winrar
[2011/03/17 09:00:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\Iteral_Group_Ltd
[2011/03/16 22:17:17 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\WhiteBoardMeeting
[2011/03/16 22:17:16 | 000,000,000 | ---D | C] -- F:\Program Files\Iteral
[2011/03/16 21:58:34 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\TalkAndWrite
[2011/03/16 21:58:31 | 000,000,000 | ---D | C] -- F:\Program Files\TalkAndWrite
[2011/03/16 21:58:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\TalkAndWrite
[2011/03/15 11:14:23 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Ebook Related
[2011/03/15 11:13:42 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Start Menu\Programs\Ebook Related
[2011/03/15 11:12:46 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\AVS4YOU
[2011/03/15 11:11:27 | 000,774,144 | ---- | C] (Terra Informatica Software, Inc., British Columbia, Canada.) -- F:\WINDOWS\System32\htmlayout.dll
[2011/03/15 11:11:12 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\AVSMedia
[2011/03/15 11:08:30 | 000,000,000 | ---D | C] -- F:\Program Files\AVS4YOU
[2011/03/14 15:57:44 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\Temp
[2011/03/14 15:37:34 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Adobe
[2011/03/14 15:32:23 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\McAfee
[2011/03/13 20:54:37 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/13 20:54:25 | 000,000,000 | ---D | C] -- F:\Program Files\QuickTime
[2011/03/12 23:18:44 | 000,000,000 | ---D | C] -- H:\My Documents\Calibre Library
[2011/03/12 23:18:36 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Calibre Library
[2011/03/12 23:18:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Application Data\calibre
[2011/03/12 21:28:25 | 000,000,000 | ---D | C] -- F:\Program Files\Calibre2
[2011/03/11 23:45:59 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\AngusRobertson
[2011/03/11 23:44:57 | 000,000,000 | ---D | C] -- F:\Program Files\AngusRobertson
[2011/03/09 17:07:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Application Data\Malwarebytes
[2011/03/09 17:07:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/09 17:07:52 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/09 17:07:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbam.sys
[2011/03/09 17:07:49 | 000,000,000 | ---D | C] -- F:\Program Files\Malwarebytes' Anti-Malware
[2011/02/26 17:17:36 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Start Menu\Programs\Utilities
[2011/02/26 17:16:43 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Utilities
[2011/02/26 11:40:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\WOP
[2011/02/26 11:40:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\WOP
[2011/02/26 11:20:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\Wings of Prey
[2011/02/23 18:02:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\J cat\Local Settings\Application Data\DFH
[2011/02/23 18:00:43 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Documents\Softwrap
[2011/02/23 18:00:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Documents\Fonts
[2011/02/23 18:00:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Documents\Config
[2011/02/23 17:46:42 | 000,000,000 | ---D | C] -- H:\My Documents\CFB WordGames
[2011/02/23 17:44:18 | 000,000,000 | ---D | C] -- F:\Program Files\CFB WordGames Cover CD
[2011/02/20 10:40:53 | 000,073,728 | ---- | C] (Razer Inc.) -- F:\WINDOWS\System32\DeathAdder.cpl
[2011/02/20 10:40:53 | 000,000,000 | ---D | C] -- F:\Program Files\Razer
[2011/02/20 10:40:29 | 000,000,000 | ---D | C] -- H:\My Documents\Bussiness
[2010/03/15 14:51:16 | 000,311,296 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdihcp.dll
[2010/03/15 14:51:15 | 000,356,352 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiinpa.dll
[2010/03/15 14:51:15 | 000,339,968 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiiesc.dll
[2010/03/15 14:51:14 | 001,187,840 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiserv.dll
[2010/03/15 14:51:14 | 000,942,080 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiusb1.dll
[2010/03/15 14:51:13 | 000,614,400 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdipmui.dll
[2010/03/15 14:51:13 | 000,532,480 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdilmpm.dll
[2010/03/15 14:51:13 | 000,053,248 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiprox.dll
[2010/03/15 14:51:13 | 000,053,248 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdipplc.dll
[2010/03/15 14:51:12 | 000,320,432 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdiih.exe
[2010/03/15 14:51:11 | 000,671,744 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdihbn3.dll
[2010/03/15 14:51:09 | 000,517,040 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdicoms.exe
[2010/03/15 14:51:09 | 000,360,448 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdicomm.dll
[2010/03/15 14:51:08 | 000,761,856 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdicomc.dll
[2010/03/15 14:51:08 | 000,340,912 | ---- | C] ( ) -- F:\WINDOWS\System32\lxdicfg.exe
[7 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/22 10:20:55 | 000,787,817 | ---- | M] () -- F:\WINDOWS\System32\drivers\AVG\incavi.avm.prepare
[2011/03/22 10:20:09 | 000,565,112 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2011/03/22 10:20:09 | 000,111,976 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2011/03/22 10:15:22 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2011/03/21 22:08:40 | 000,090,112 | ---- | M] () -- F:\Documents and Settings\J cat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/21 22:08:33 | 000,580,608 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\J cat\Desktop\OTL.exe
[2011/03/21 20:51:18 | 000,140,248 | ---- | M] () -- F:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/03/21 20:51:13 | 000,266,400 | ---- | M] () -- F:\WINDOWS\System32\PnkBstrB.xtr
[2011/03/21 19:21:55 | 000,002,265 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/03/21 18:29:15 | 109,361,272 | ---- | M] () -- F:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/03/21 08:05:00 | 000,000,278 | ---- | M] () -- F:\WINDOWS\tasks\shutdown 1.job
[2011/03/21 02:00:00 | 000,000,228 | ---- | M] () -- F:\WINDOWS\tasks\JDownloader.job
[2011/03/20 20:08:45 | 000,266,400 | ---- | M] () -- F:\WINDOWS\System32\PnkBstrB.ex0
[2011/03/20 10:38:12 | 000,625,664 | ---- | M] () -- F:\Documents and Settings\J cat\Desktop\dds.scr
[2011/03/20 10:30:35 | 001,364,522 | ---- | M] () -- F:\Documents and Settings\J cat\Desktop\wrar393.exe
[2011/03/20 10:28:43 | 000,000,000 | ---- | M] () -- F:\Documents and Settings\J cat\defogger_reenable
[2011/03/19 19:10:50 | 000,150,192 | ---- | M] () -- F:\Documents and Settings\J cat\Desktop\TweakUiPowertoySetup.exe
[2011/03/19 10:49:07 | 000,000,069 | ---- | M] () -- F:\WINDOWS\NeroDigital.ini
[2011/03/17 22:15:47 | 000,000,799 | ---- | M] () -- F:\Documents and Settings\J cat\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/03/17 11:04:09 | 000,023,392 | ---- | M] () -- F:\WINDOWS\System32\nscompat.tlb
[2011/03/17 11:04:09 | 000,016,832 | ---- | M] () -- F:\WINDOWS\System32\amcompat.tlb
[2011/03/17 08:59:42 | 000,002,431 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\WhiteBoardMeeting.lnk
[2011/03/17 08:58:02 | 000,013,668 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2011/03/17 08:57:54 | 000,352,976 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/16 21:58:34 | 000,000,887 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\TalkAndWrite.lnk
[2011/03/11 18:19:04 | 000,001,324 | ---- | M] () -- F:\WINDOWS\System32\d3d9caps.dat
[2011/03/02 12:40:51 | 000,140,288 | ---- | M] () -- F:\RarExt.dll
[2011/02/28 17:51:21 | 000,000,585 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Verse Perfect.lnk
[2011/02/23 18:01:19 | 000,002,601 | ---- | M] () -- F:\Documents and Settings\All Users\Documents\Global.sw2
[2011/02/23 18:00:46 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SwSys2.bmp
[2011/02/23 18:00:46 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SwSys1.bmp
[7 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/20 10:30:24 | 001,364,522 | ---- | C] () -- F:\Documents and Settings\J cat\Desktop\wrar393.exe
[2011/03/20 10:29:14 | 000,625,664 | ---- | C] () -- F:\Documents and Settings\J cat\Desktop\dds.scr
[2011/03/20 10:28:43 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\J cat\defogger_reenable
[2011/03/19 19:10:48 | 000,150,192 | ---- | C] () -- F:\Documents and Settings\J cat\Desktop\TweakUiPowertoySetup.exe
[2011/03/17 22:15:47 | 000,000,799 | ---- | C] () -- F:\Documents and Settings\J cat\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/03/16 22:17:18 | 000,002,431 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\WhiteBoardMeeting.lnk
[2011/03/16 21:58:38 | 000,081,920 | ---- | C] () -- F:\WINDOWS\System32\emfxp.dll
[2011/03/16 21:58:38 | 000,059,904 | ---- | C] () -- F:\WINDOWS\System32\unpdf.exe
[2011/03/16 21:58:34 | 000,000,887 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\TalkAndWrite.lnk
[2011/02/28 17:51:21 | 000,000,585 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Verse Perfect.lnk
[2011/02/23 18:00:46 | 000,002,601 | ---- | C] () -- F:\Documents and Settings\All Users\Documents\Global.sw2
[2011/02/23 18:00:46 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SwSys2.bmp
[2011/02/23 18:00:46 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SwSys1.bmp
[2011/02/17 01:42:47 | 000,000,008 | -H-- | C] () -- F:\WINDOWS\System32\adb.dat
[2011/02/04 01:01:24 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2011/02/04 00:49:57 | 000,005,632 | ---- | C] () -- F:\WINDOWS\System32\drivers\StarOpen.sys
[2010/12/15 00:57:43 | 000,003,469 | ---- | C] () -- F:\WINDOWS\System32\drivers\MAudioLegacyKeyboardFirmware.bin
[2010/12/15 00:57:43 | 000,002,078 | ---- | C] () -- F:\WINDOWS\System32\drivers\MAudioCypressBootstrapper.bin
[2010/11/24 16:41:58 | 000,006,550 | ---- | C] () -- F:\WINDOWS\jautoexp.dat
[2010/11/01 20:40:01 | 000,000,000 | ---- | C] () -- F:\WINDOWS\RECOVER.INI
[2010/10/20 13:34:54 | 000,524,288 | ---- | C] () -- F:\WINDOWS\System32\xvidcore.dll
[2010/10/20 13:34:54 | 000,139,264 | ---- | C] () -- F:\WINDOWS\System32\xvidvfw.dll
[2010/10/20 12:26:57 | 000,000,043 | -HS- | C] () -- F:\Documents and Settings\All Users\Application Data\.zreglib
[2010/09/30 01:42:53 | 000,000,022 | ---- | C] () -- F:\WINDOWS\System32\syoepk_lib0.dll
[2010/09/30 01:42:52 | 000,000,096 | -HS- | C] () -- F:\WINDOWS\WSYS049.SYS
[2010/09/14 22:14:06 | 000,027,648 | ---- | C] () -- F:\WINDOWS\System32\AVSredirect.dll
[2010/09/07 14:54:12 | 000,098,304 | ---- | C] () -- F:\WINDOWS\System32\redmonnt.dll
[2010/08/25 12:19:32 | 000,010,752 | ---- | C] () -- F:\WINDOWS\System32\BASSMOD.dll
[2010/08/06 01:27:45 | 000,000,130 | ---- | C] () -- F:\WINDOWS\System32\rpicfica.bin
[2010/07/18 21:10:24 | 000,011,296 | ---- | C] () -- F:\WINDOWS\System32\drivers\AsIO.sys
[2010/06/18 00:39:17 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\J cat\Application Data\downloads.m3u
[2010/06/15 12:33:29 | 000,491,520 | ---- | C] () -- F:\WINDOWS\System32\libencdec.dll
[2010/05/21 14:59:19 | 000,000,209 | ---- | C] () -- F:\Documents and Settings\J cat\Application Data\burnaware.ini
[2010/05/19 20:02:49 | 000,682,280 | ---- | C] () -- F:\WINDOWS\System32\pbsvc.exe
[2010/04/22 14:30:43 | 000,140,248 | ---- | C] () -- F:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/22 14:30:42 | 000,138,056 | ---- | C] () -- F:\Documents and Settings\J cat\Application Data\PnkBstrK.sys
[2010/04/22 14:30:25 | 000,266,400 | ---- | C] () -- F:\WINDOWS\System32\PnkBstrB.exe
[2010/04/22 14:30:24 | 002,434,856 | ---- | C] () -- F:\WINDOWS\System32\pbsvc_bc2.exe
[2010/04/22 14:30:24 | 000,075,136 | ---- | C] () -- F:\WINDOWS\System32\PnkBstrA.exe
[2010/03/20 15:20:18 | 000,000,166 | ---- | C] () -- F:\Documents and Settings\J cat\Application Data\default.rss
[2010/03/20 15:19:55 | 000,000,069 | ---- | C] () -- F:\WINDOWS\NeroDigital.ini
[2010/03/15 14:54:20 | 000,040,960 | ---- | C] () -- F:\WINDOWS\System32\lxdivs.dll
[2010/03/15 14:54:16 | 000,344,064 | ---- | C] () -- F:\WINDOWS\System32\lxdicoin.dll
[2010/03/15 14:53:43 | 000,692,224 | ---- | C] () -- F:\WINDOWS\System32\lxdidrs.dll
[2010/03/15 14:53:43 | 000,069,632 | ---- | C] () -- F:\WINDOWS\System32\lxdicnv4.dll
[2010/03/15 14:53:43 | 000,065,536 | ---- | C] () -- F:\WINDOWS\System32\lxdicaps.dll
[2010/03/15 14:51:31 | 000,000,060 | -H-- | C] () -- F:\WINDOWS\System32\lxdirwrd.ini
[2010/03/15 14:51:17 | 000,294,912 | ---- | C] () -- F:\WINDOWS\System32\lxdiinst.dll
[2010/03/15 14:51:10 | 000,208,896 | ---- | C] () -- F:\WINDOWS\System32\lxdigrd.dll
[2010/03/15 13:02:12 | 000,000,000 | ---- | C] () -- F:\WINDOWS\nsreg.dat
[2010/03/04 11:45:21 | 000,354,816 | ---- | C] () -- F:\WINDOWS\System32\psisdecd.dll
[2010/03/03 22:38:59 | 000,000,112 | ---- | C] () -- F:\WINDOWS\System32\msvcsv60.dll
[2010/03/03 22:38:59 | 000,000,112 | ---- | C] () -- F:\WINDOWS\msocreg32.dat
[2010/02/23 23:55:56 | 000,000,010 | ---- | C] () -- F:\WINDOWS\WININIT.INI
[2010/02/23 23:00:39 | 000,001,769 | ---- | C] () -- F:\WINDOWS\Language_trs.ini
[2010/02/23 13:43:25 | 000,001,324 | ---- | C] () -- F:\WINDOWS\System32\d3d9caps.dat
[2010/02/17 23:51:54 | 000,013,132 | -H-- | C] () -- F:\WINDOWS\System32\mlfcache.dat
[2010/02/17 23:11:45 | 000,057,344 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2010/02/16 11:00:59 | 000,090,112 | ---- | C] () -- F:\Documents and Settings\J cat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/16 10:07:49 | 000,000,056 | -H-- | C] () -- F:\WINDOWS\System32\ezsidmv.dat
[2010/02/16 00:02:23 | 000,033,824 | ---- | C] () -- F:\WINDOWS\System32\drivers\oreans32.sys
[2010/02/15 23:09:55 | 000,000,000 | ---- | C] () -- F:\WINDOWS\ativpsrm.bin
[2010/02/15 23:09:36 | 000,887,724 | ---- | C] () -- F:\WINDOWS\System32\ativva6x.dat
[2010/02/15 23:09:35 | 000,224,001 | ---- | C] () -- F:\WINDOWS\System32\atiicdxx.dat
[2010/02/15 23:09:35 | 000,000,003 | ---- | C] () -- F:\WINDOWS\System32\ativva5x.dat
[2010/02/15 22:41:51 | 000,024,576 | ---- | C] () -- F:\WINDOWS\System32\AsIO.dll
[2010/02/15 22:41:46 | 000,011,832 | ---- | C] () -- F:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2010/02/15 22:41:45 | 000,010,216 | ---- | C] () -- F:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2010/02/15 20:04:07 | 000,004,161 | ---- | C] () -- F:\WINDOWS\ODBCINST.INI
[2010/02/15 20:01:18 | 000,352,976 | ---- | C] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/15 10:02:10 | 000,039,385 | ---- | C] () -- F:\WINDOWS\Ascd_log.ini
[2010/02/15 10:00:51 | 000,005,810 | R--- | C] () -- F:\WINDOWS\System32\drivers\ASACPI.sys
[2010/02/15 10:00:42 | 000,027,380 | ---- | C] () -- F:\WINDOWS\Ascd_tmp.ini
[2010/02/15 10:00:42 | 000,010,296 | ---- | C] () -- F:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/02/15 09:23:04 | 000,002,048 | --S- | C] () -- F:\WINDOWS\bootstat.dat
[2010/02/15 09:17:35 | 000,022,720 | ---- | C] () -- F:\WINDOWS\System32\emptyregdb.dat
[2010/02/08 08:33:04 | 000,359,320 | ---- | C] () -- F:\WINDOWS\System32\vfprintpthelper.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- F:\WINDOWS\System32\xlive.dll.cat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- F:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- F:\WINDOWS\System32\OGAEXEC.exe
[2008/11/07 18:08:20 | 000,362,029 | ---- | C] () -- F:\WINDOWS\System32\sqlite3.dll
[2006/02/28 23:00:00 | 000,565,112 | ---- | C] () -- F:\WINDOWS\System32\perfh009.dat
[2006/02/28 23:00:00 | 000,111,976 | ---- | C] () -- F:\WINDOWS\System32\perfc009.dat
[2006/02/28 23:00:00 | 000,000,741 | ---- | C] () -- F:\WINDOWS\System32\noise.dat
[2004/08/07 11:18:10 | 000,028,672 | ---- | C] () -- F:\WINDOWS\System32\NSREG.DLL
[2004/08/07 11:17:40 | 000,272,128 | ---- | C] () -- F:\WINDOWS\System32\perfi009.dat
[2004/08/07 11:17:39 | 000,028,626 | ---- | C] () -- F:\WINDOWS\System32\perfd009.dat
[2004/08/07 11:17:35 | 000,004,463 | ---- | C] () -- F:\WINDOWS\System32\oembios.dat
[2004/08/07 11:17:34 | 013,107,200 | ---- | C] () -- F:\WINDOWS\System32\oembios.bin
[2004/08/07 11:17:08 | 000,673,088 | ---- | C] () -- F:\WINDOWS\System32\mlang.dat
[2004/08/07 11:17:07 | 000,046,258 | ---- | C] () -- F:\WINDOWS\System32\mib.bin
[2004/08/07 11:16:26 | 000,218,003 | ---- | C] () -- F:\WINDOWS\System32\dssec.dat
[2004/08/04 16:07:22 | 000,001,804 | ---- | C] () -- F:\WINDOWS\System32\dcache.bin
[2004/08/03 05:20:40 | 000,004,569 | ---- | C] () -- F:\WINDOWS\System32\secupd.dat

========== LOP Check ==========

[2010/02/23 01:07:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Ableton
[2010/03/04 11:50:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2010/11/13 18:54:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2010/02/22 20:12:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
[2010/06/15 12:33:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Audio Ease
[2010/10/28 00:10:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Autodesk
[2010/11/01 12:03:31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/10/13 21:13:42 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/13 19:03:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\avg9
[2011/02/15 00:16:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\C-Free
[2010/04/20 00:47:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Celemony Software GmbH
[2010/10/13 21:13:19 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\Common Files
[2011/01/25 16:21:54 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\EA Core
[2010/05/21 14:53:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2011/01/25 16:21:54 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/07/01 00:50:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\id Software
[2010/02/23 17:59:03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/02/17 23:13:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\iPodtoComputer
[2010/10/13 19:01:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\MFAData
[2010/11/18 01:37:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/03/24 21:56:03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/10/25 12:18:08 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/06/17 20:16:59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Overloud
[2010/06/21 12:48:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010/02/23 01:12:54 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2010/07/09 15:36:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\RegCure
[2010/07/22 15:34:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\SlySoft
[2011/01/25 10:30:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Solidshield
[2011/03/16 21:58:34 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\TalkAndWrite
[2011/01/15 23:28:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/04 15:46:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Ubisoft
[2011/02/26 11:40:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WOP
[2010/07/02 11:24:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/04 11:25:10 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\{4C0DBD62-F011-4A41-B11D-BE5CFA6DEDD7}
[2010/02/17 09:22:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/07/10 19:04:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Ableton
[2010/06/15 12:33:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Audio Ease
[2010/08/30 11:38:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Autodesk
[2010/10/13 21:14:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\AVG10
[2011/02/09 15:33:08 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\BitTorrent
[2011/02/15 00:16:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\C-Free
[2011/03/12 23:19:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\calibre
[2010/08/30 22:05:01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\DVDVideoSoftIEHelpers
[2010/08/30 22:07:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\HamsterSoft
[2010/07/01 00:50:31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\id Software
[2010/03/08 17:10:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\JAM Software
[2010/03/15 14:57:10 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Lexmark Imaging Studio
[2010/05/18 23:23:35 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Mount&Blade Warband
[2010/03/24 21:55:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\NCH Swift Sound
[2011/01/30 00:04:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\NuonSoft
[2011/03/15 22:01:42 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\OnlineArmor
[2010/06/21 12:48:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\PACE Anti-Piracy
[2010/08/12 21:36:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\PacificPoker
[2010/02/28 22:58:59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Propellerhead Software
[2011/01/15 19:28:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Razer
[2011/02/04 01:10:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Samsung
[2010/07/19 18:25:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Scendix Software
[2010/03/26 20:17:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Softland
[2010/05/24 16:56:00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\The Creative Assembly
[2010/05/01 23:26:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Thinstall
[2010/07/04 16:28:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Ubisoft
[2010/06/15 12:29:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\J cat\Application Data\Waves Audio

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 16:05:44 | 018,738,937 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- F:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- F:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/14 05:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- F:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- F:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- F:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 16:05:44 | 018,738,937 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- F:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- F:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/14 05:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- F:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- F:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 13:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- F:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- F:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 11:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- F:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- F:\WINDOWS\system32\eventlog.dll
[2004/08/04 15:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- F:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- F:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 11:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- F:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- F:\WINDOWS\system32\netlogon.dll
[2009/02/07 05:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- F:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/07 05:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- F:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 15:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- F:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 15:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- F:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- F:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 11:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- F:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- F:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 1319 bytes -> F:\Documents and Settings\All Users\Application Data\Microsoft:QvlQOeIIyTogelQ0B3cfgVKKP
@Alternate Data Stream - 1183 bytes -> F:\Documents and Settings\J cat\Local Settings\Application Data\8zHmi6ty:AHdHewXspzZve25kRYMyLUKsr2b
@Alternate Data Stream - 116 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD

< End of report >
TL Extras logfile created on: 22/03/2011 10:18:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = F:\Documents and Settings\J cat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
18.00 Gb Paging File | 17.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 292.97 Gb Total Space | 139.15 Gb Free Space | 47.50% Space Free | Partition Type: NTFS
Drive E: | 292.97 Gb Total Space | 83.30 Gb Free Space | 28.43% Space Free | Partition Type: NTFS
Drive F: | 68.36 Gb Total Space | 35.73 Gb Free Space | 52.26% Space Free | Partition Type: NTFS
Drive G: | 195.31 Gb Total Space | 177.90 Gb Free Space | 91.08% Space Free | Partition Type: NTFS
Drive H: | 81.90 Gb Total Space | 52.55 Gb Free Space | 64.17% Space Free | Partition Type: NTFS

Computer Name: JCAT | User Name: J cat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"H:\Program Files\Lexmark 3500-4500 Series\app4r.exe" = H:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:BorgListener -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe" = C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:*:Enabled:Rainbow Six Vegas -- ()
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe" = C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe:*:Enabled:Rainbow Six Vegas Updater -- (Ubisoft)
"F:\Program Files\Java\jre6\bin\javaw.exe" = F:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs -- (Ensemble Studios)
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties -- (Microsoft Corporation)
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"F:\WINDOWS\system32\lxdicoms.exe" = F:\WINDOWS\system32\lxdicoms.exe:*:Enabled:3500-4500 Series Server -- ( )
"H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" = H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabled:Device Monitor Application -- (Lexmark)
"H:\Program Files\Lexmark 3500-4500 Series\App4R.exe" = H:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio -- ()
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe" = C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood -- (Techland)
"F:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = F:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\Ubisoft\Silent Hunter 5\sh5.exe" = C:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft)
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe" = C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 -- ()
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe" = C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update -- (Ubisoft)
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe" = C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" = H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabled: -- ()
"H:\Program Files\BitTorrent\BITTOR~1.EXE" = H:\Program Files\BitTorrent\BITTOR~1.EXE:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"F:\Program Files\AVG\AVG10\avgmfapx.exe" = F:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War™ -- (Activision Blizzard, Inc.)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War™ -- (Activision Blizzard, Inc.)
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe" = C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
"C:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\NFS11.exe" = C:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed™ Hot Pursuit Application
"F:\Program Files\AVG\AVG10\avgdiagex.exe" = F:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"F:\Program Files\AVG\AVG10\avgnsx.exe" = F:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"F:\Program Files\AVG\AVG10\avgemcx.exe" = F:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe" = C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II -- (2K Czech)
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Program Files\Gaijin\Wings of Prey\aces.exe" = C:\Program Files\Gaijin\Wings of Prey\aces.exe:*:Enabled:Wings of Prey -- ()
"C:\Program Files\Gaijin\Wings of Prey\launcher.exe" = C:\Program Files\Gaijin\Wings of Prey\launcher.exe:*:Enabled:Wings of Prey Launcher -- (Gaijin Entertainment)
"C:\Program Files\Gaijin\Wings of Prey\yuPlay\yuPlay.exe" = C:\Program Files\Gaijin\Wings of Prey\yuPlay\yuPlay.exe:*:Enabled:Wings of Prey - yuPlay client -- ()
"C:\Program Files\Electronic Arts\Need for Speed™ Hot Pursuit\Launcher.exe" = C:\Program Files\Electronic Arts\Need for Speed™ Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed™ Hot Pursuit -- (Electronic Arts)
"F:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe" = F:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe:*:Enabled: -- ()
"F:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe" = F:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe:*:Enabled: -- ()
"F:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe" = F:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe:*:Enabled: -- (Lexmark International, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{0682abf0-015b-43b7-84c2-433c3e691126}" =
"{09801D34-8DE8-406A-BFD7-747AF74F5E6E}" = WhiteBoardMeeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0eb1973c-cd1b-42db-8099-de94653b99f3}" =
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{18fa7e8e-d6af-4f1b-a739-e9158f7336b8}" = Nero InCD-Reader
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1979389B-D5B6-418d-BCEA-D2920E6858B9}_is1" = Overloud TH1 1.1.3 VST
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}" = Quake Live Mozilla Plugin
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{28D634BC-0320-40BD-B0E0-C7E3DD9392CA}" = Melodyne plugin
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41CE9D26-2DF7-498D-8E16-314507EDEE21}" = Samsung PC Studio 3
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{534e83ce-91fd-428d-898f-1b49e40a1a78}" = SecurDisc Viewer
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-8001-0409-0002-0060B0CE6BBA}" = AutoCAD 2010 - English
"{5783F2D7-8001-0409-1002-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DD152A8-BFB3-439E-90CD-5C00C2116E23}" = AmpliTube 3
"{624324ed-0da8-4dd9-8cc4-08c6d8535443}" =
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{66BA35B0-1911-47EF-B170-1DCFFDA362F1}" = AmpliTube Jimi Hendrix
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{790F6156-B231-F7D6-BAE4-741E7CB0ACB1}" = ccc-utility
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{810AD6B3-C830-A74C-300E-D14820CE1850}" = Catalyst Control Center InstallProxy
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed™ Hot Pursuit
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C49987B-689E-469D-86AE-8E325A038701}" = Melodyne plugin
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8e03a5d2-bc44-45ac-965b-f316832e751a}" =
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}" = AmpliTube Metal
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A262095C-F03B-4611-AE87-7156859DC7F9}" = M-Audio Legacy Keyboard Driver 5.0.0 (x86)
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{a2e1a878-f76b-4b55-8fe9-be3c1e2a7785}" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A36579B4-313E-DC6B-D817-41824D46EF5D}" = CCC Help English
"{A85AD707-781F-2B73-E134-38084AACB5D5}" = ATI AVIVO Codecs
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel
"{B178BACA-880B-4D20-85F9-522F7F2DECBE}" = AmpliTube Fender
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.3
"{B9060398-FB64-2A4C-C4E6-D1236447E026}" = ATI Catalyst Install Manager
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{bd8defa4-19fa-4964-9692-f1112d8a62d9}}_is1" = Wings of Prey 1.0.3.2
"{BE282C23-5484-47FF-B2C1-EBEA5C891033}" = Nero 8
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}" = AmpliTube2
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBB1FC0-E626-11DF-72AE-00E96A162CD6}" = CFB WordGames Cover CD
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D3BA6488-5C3E-A4EF-BA64-74C54ABCEE03}" = ccc-core-static
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{d6993cdd-a34d-4ffa-972b-6686ac65d6da}" =
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"{D86F3EA6-93A3-D020-0D77-204AB1696067}" = ATI Problem Report Wizard
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA9E9010-058B-4159-8CC5-28298D90AE7B}" = calibre
"{DB639F99-ED74-49D4-8FFD-5B8C34C00D64}" = AutoSketch Release 9
"{E35AF511-B618-4D02-B559-0F2147341D3B}" = AVG 2011
"{e393314e-5773-4c96-a347-45f48871a8ee}" =
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder™ Mouse
"{EDD654B3-6FE9-67AC-CE7D-5FE3698439DB}" = Catalyst Control Center Graphics Previews Common
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{ef42ab52-4fa4-4480-8008-31b3b700e39d}" =
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F85E4782-5B90-4845-9D7D-D11DE2F5EA5E}" = HydraVision
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FB3BE405-6BF0-490A-84B3-00611385EA0D}" = Common-Use Signing Interface
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7BDD6421B73797179E9A97E5C7DE019FBC77147F" = Windows Driver Package - Razer (HidUsb) HIDClass (04/04/2009 1.0.5.0)
"85C2153E6B3ED760F8F06C23A83E8CC3C4680D6C" = Windows Driver Package - Cypress (CYUSB) USB (06/05/2009 3.4.1.20)
"Ableton Live_is1" = Ableton Live v7.0.1
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aiseesoft DVD Ripper_is1" = Aiseesoft DVD Ripper
"AngusRobertson" = AngusRobertson
"Antares AVOX Bundle VST RTAS_is1" = Antares AVOX Bundle VST RTAS v1.1.3
"AREA-51" = AREA-51 (remove only)
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"Audacity_is1" = Audacity 1.2.6
"AudioEase Speakersphone VST RTAS_is1" = AudioEase Speakersphone VST RTAS v1.03
"AutoCAD 2010 - English" = AutoCAD 2010 - English
"AVG" = AVG 2011
"AviSynth" = AviSynth 2.5
"BitTorrent" = BitTorrent
"BrainWave Generator" = BrainWave Generator
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"Common-Use Signing Interface" = Common-Use Signing Interface
"DA73216D935E3CBA996AFD6E6513ECC587E0C3C1" = Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0)
"Digital Editions" = Adobe Digital Editions
"doPDF 7 printer_is1" = doPDF 7.1 printer
"Drug Lord 2" = Drug Lord 2
"DVD43_is1" = DVD43 v4.6.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GOM Player" = GOM Player
"Graph_is1" = Graph 4.3
"Guitar Pro 5_is1" = Guitar Pro 5.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"JDownloader" = JDownloader
"Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series
"Live 8.1" = Live 8.1
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McGill English Dictionary of Rhyme with VersePer~286A7AE6_is1" = McGill English Dictionary of Rhyme & Verse Perfect 2.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MsJavaVM" = Microsoft VM for Java
"Native Instruments Guitar Rig 2" = Native Instruments Guitar Rig 2
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS" = Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
"NuonSoft Wallpaper Cycler Lite_is1" = NuonSoft Wallpaper Cycler 3.6 Lite
"OnlineArmor_is1" = Online Armor 4.0
"Overloud BREVERB VST RTAS_is1" = Overloud BREVERB VST RTAS v1.1.1
"PC Wizard 2010_is1" = PC Wizard 2010.1.94
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"Reason4_is1" = Reason 4.0
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Star Wars The Force Unleashed_is1" = Star Wars The Force Unleashed
"STAR WARS: Jedi Academy + UA Galaxy_is1" = STAR WARS: Jedi Academy + UA Galaxy 1.3 (FULL)
"Steam App 10500" = Empire: Total War
"Steam App 50130" = Mafia II
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Switch" = Switch Sound File Converter
"SyncBack_is1" = SyncBack
"TalkAndWrite_is1" = TalkAndWrite
"TreeSize Free_is1" = TreeSize Free V2.4
"Tweak UI 2.10" = Tweak UI
"Uninstall_is1" = Uninstall 1.0.0.1
"US-122" = US-122
"US122 Driver_is1" = US122 Driver 3.40
"Waves Mercury Bundle" = Waves Mercury Bundle
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WordWeb" = WordWeb
"Worms Reloaded_is1" = Worms Reloaded
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18/03/2011 11:02:43 AM | Computer Name = JCAT | Source = WinMgmt | ID = 4
Description = Failed to load MOF F:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL10.SQLEXPRESS\MSSQL\BINN\XEPKG0.MOF
while recovering repository file.

Error - 18/03/2011 7:39:09 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 18/03/2011 7:58:15 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 18/03/2011 11:36:01 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 19/03/2011 10:31:27 AM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 19/03/2011 6:45:05 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 20/03/2011 10:31:39 AM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 20/03/2011 6:04:04 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 21/03/2011 2:13:05 AM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 21/03/2011 7:15:35 PM | Computer Name = JCAT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

[ OSession Events ]
Error - 27/11/2010 7:37:43 AM | Computer Name = JCAT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.4518.1066. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 19/03/2011 6:46:25 PM | Computer Name = JCAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP SRTSPX

Error - 20/03/2011 10:33:01 AM | Computer Name = JCAT | Source = Service Control Manager | ID = 7001
Description = The Windows Service Pack Installer update service service depends
on the Security Accounts Manager service which failed to start because of the following
error: %%1058

Error - 20/03/2011 10:33:01 AM | Computer Name = JCAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP SRTSPX

Error - 20/03/2011 6:05:27 PM | Computer Name = JCAT | Source = Service Control Manager | ID = 7001
Description = The Windows Service Pack Installer update service service depends
on the Security Accounts Manager service which failed to start because of the following
error: %%1058

Error - 20/03/2011 6:05:27 PM | Computer Name = JCAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP SRTSPX

Error - 20/03/2011 6:50:08 PM | Computer Name = JCAT | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service upnphost with
arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 21/03/2011 2:14:28 AM | Computer Name = JCAT | Source = Service Control Manager | ID = 7001
Description = The Windows Service Pack Installer update service service depends
on the Security Accounts Manager service which failed to start because of the following
error: %%1058

Error - 21/03/2011 2:14:28 AM | Computer Name = JCAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP SRTSPX

Error - 21/03/2011 7:17:00 PM | Computer Name = JCAT | Source = Service Control Manager | ID = 7001
Description = The Windows Service Pack Installer update service service depends
on the Security Accounts Manager service which failed to start because of the following
error: %%1058

Error - 21/03/2011 7:17:00 PM | Computer Name = JCAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP SRTSPX


< End of report >

Edited by boopme, 21 March 2011 - 08:56 PM.


BC AdBot (Login to Remove)

 


#2 rigacci

rigacci

    Fiorentino


  • Members
  • 2,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:48 PM

Posted 26 March 2011 - 11:00 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Thanks.

DR

#3 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:10:48 PM

Posted 02 April 2011 - 07:34 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:10:48 PM

Posted 02 April 2011 - 07:34 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users