Hi. I have run Spywae detector which detected that I have backdoor.ambush trojan on my PC. When trying to quarantine this trojan I get the blue screen saying that windows is shutting down and my computer restarts. Therefore it is not removing the trojan. I have run the programmes you suggest and the logs are posted below:
Malwarebytes' Anti-Malware 1.36
Database version: 2085
Windows 6.0.6001 Service Pack 1
07/05/2009 00:09:59
mbam-log-2009-05-07 (00-09-59).txt
Scan type: Quick Scan
Objects scanned: 98085
Time elapsed: 2 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTListIt logfile created on: 06/05/2009 23:58:06 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Users\Cheryl\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 87.18% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445.76 Gb Total Space | 301.41 Gb Free Space | 67.62% Space Free | Partition Type: NTFS
Drive D: | 19.98 Gb Total Space | 12.19 Gb Free Space | 60.98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 149.01 Gb Total Space | 112.43 Gb Free Space | 75.45% Space Free | Partition Type: FAT32
Computer Name: BESTWICK-PC
Current User Name: Cheryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2008/05/02 23:46:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/09 18:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008/12/09 18:40:16 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/10/03 15:45:02 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PRC - [2007/04/25 13:18:48 | 00,537,520 | ---- | M] ( ) -- C:\Windows\system32\lxbvcoms.exe
PRC - [2009/04/30 23:12:49 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
PRC - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\system32\IoctlSvc.exe
PRC - [2009/03/08 17:13:48 | 00,075,064 | ---- | M] () -- C:\Windows\system32\PnkBstrA.exe
PRC - [2009/05/06 19:43:23 | 00,189,072 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
PRC - [2008/06/03 18:38:10 | 00,237,638 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/12/16 17:52:48 | 00,920,840 | ---- | M] (Max Secure Software ) -- C:\Program Files\SpywareDetector\SDMainService.exe
PRC - [2009/01/08 18:15:34 | 01,713,616 | ---- | M] (Max Secure Software ) -- C:\Program Files\SpywareDetector\SDService.exe
PRC - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/06/03 18:36:56 | 00,360,538 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008/06/03 18:36:42 | 00,095,232 | ---- | M] (CyberLink) -- C:\Windows\system32\CLWatson.exe
PRC - [2001/11/12 13:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe
PRC - [2008/01/21 03:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFHost.exe
PRC - [2008/06/03 18:36:58 | 00,131,160 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008/06/03 18:36:42 | 00,095,232 | ---- | M] (CyberLink) -- C:\Windows\system32\CLWatson.exe
PRC - [2009/04/30 23:12:49 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/10/03 15:44:58 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/03 18:36:24 | 00,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
PRC - [2008/05/07 16:19:26 | 06,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/12/15 18:12:20 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2008/08/30 16:58:50 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/11/02 13:35:35 | 00,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2008/12/16 17:53:12 | 01,362,696 | ---- | M] (Max Secure Software Pvt. Ltd.) -- C:\Program Files\SpywareDetector\SDActiveMonitor.exe
PRC - [2003/12/30 00:33:16 | 00,094,208 | ---- | M] (ICSI Technology Ltd.) -- C:\Windows\Dit.exe
PRC - [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/01/21 03:23:29 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008/06/24 16:06:06 | 01,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008/06/17 16:00:34 | 01,249,280 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
PRC - [2008/08/11 08:31:54 | 01,124,352 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2003/07/11 11:31:12 | 00,061,440 | ---- | M] (ICSI) -- C:\Windows\DitExp.exe
PRC - [2008/01/21 03:24:49 | 00,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009/03/03 05:40:22 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/20 10:18:57 | 00,239,216 | ---- | M] () -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2008/01/21 03:23:29 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008/06/24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008/12/15 18:12:20 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2008/06/03 18:36:42 | 00,095,232 | ---- | M] (CyberLink) -- C:\Windows\system32\CLWatson.exe
PRC - [2008/08/07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/05/22 15:05:06 | 00,474,624 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2008/08/05 14:11:04 | 00,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008/08/05 14:10:58 | 00,120,320 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008/01/21 03:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2008/01/21 03:24:06 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\werfault.exe
PRC - [2009/05/06 23:54:41 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Cheryl\Desktop\OTListIt2.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/12/09 18:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService [Auto | Running])
SRV - [2008/12/09 18:40:16 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/01/21 03:24:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/01/21 03:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2008/12/15 18:12:20 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103 [On_Demand | Stopped])
SRV - [2009/03/20 11:37:29 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/10/03 15:45:02 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON [Auto | Running])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/01/21 03:25:20 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/04/25 13:18:48 | 00,537,520 | ---- | M] ( ) -- C:\Windows\system32\lxbvcoms.exe -- (lxbv_device [Auto | Running])
SRV - [2009/04/30 23:12:49 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe -- (N360 [Auto | Running])
SRV - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008/01/21 03:25:21 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/06/24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2009/03/16 20:37:00 | 02,849,844 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\system32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2008/05/02 23:46:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\system32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2009/03/08 17:13:48 | 00,075,064 | ---- | M] () -- C:\Windows\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2009/05/06 19:43:23 | 00,189,072 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
SRV - [2008/06/03 18:38:10 | 00,237,638 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/12/16 17:52:48 | 00,920,840 | ---- | M] (Max Secure Software ) -- C:\Program Files\SpywareDetector\SDMainService.exe -- (SDMainSvc [Auto | Running])
SRV - [2009/01/08 18:15:34 | 01,713,616 | ---- | M] (Max Secure Software ) -- C:\Program Files\SpywareDetector\SDService.exe -- (SDService [Auto | Running])
SRV - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/08/07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Running])
SRV - [2009/04/19 09:17:43 | 00,322,032 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])
SRV - [2008/06/03 18:36:56 | 00,360,538 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc [Auto | Running])
SRV - [2008/06/03 18:36:58 | 00,131,160 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched [Auto | Running])
SRV - [2008/08/08 05:35:42 | 01,622,016 | ---- | M] (??????????) -- C:\Windows\system32\Nagasoft\vjocx.dll -- (vvdsvc [Auto | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2001/11/12 13:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2008/01/08 08:17:08 | 01,302,368 | ---- | M] (NXP Semiconductors Germany GmbH) -- C:\Windows\system32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Running])
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2002/07/17 16:20:32 | 00,084,832 | ---- | M] (Adaptec) -- C:\Windows\System32\DRIVERS\ASPI32.sys -- (ASPI [On_Demand | Stopped])
DRV - [2009/04/30 23:12:51 | 00,258,608 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\BHDrvx86.sys -- (BHDrvx86 [System | Running])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2009/04/30 23:12:51 | 00,482,352 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\ccHPx86.sys -- (ccHP [System | Running])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008/02/06 17:13:00 | 00,218,752 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\e1e6032.sys -- (e1express [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2009/04/30 23:12:51 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/04/30 23:12:51 | 00,101,936 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2009/02/06 18:08:52 | 00,055,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\fssfltr.sys -- (fssfltr [On_Demand | Stopped])
DRV - [2009/01/15 12:19:36 | 00,023,848 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2007/09/29 23:03:12 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2009/04/30 23:12:52 | 00,292,912 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090501.001\IDSvix86.sys -- (IDSVix86 [System | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/05/07 19:22:50 | 02,134,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/06/30 23:16:26 | 00,018,912 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\system32\drivers\lmvac.sys -- (LTXMD_VAC [On_Demand | Stopped])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2009/04/16 13:06:30 | 00,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\system32\drivers\MusCAudio.sys -- (MusCAudio [On_Demand | Stopped])
DRV - [2009/04/16 13:06:34 | 00,003,768 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\system32\DRIVERS\MusCVideo.sys -- (MusCVideo [On_Demand | Stopped])
DRV - [2009/04/30 23:12:52 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090506.002\NAVENG.SYS -- (NAVENG [On_Demand | Running])
DRV - [2009/04/30 23:12:52 | 00,876,144 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090506.002\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2007/11/21 11:35:06 | 00,569,344 | ---- | M] (Ralink Technology Corp.) -- C:\Windows\system32\DRIVERS\netr28u.sys -- (netr28u [On_Demand | Running])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/05/07 07:38:20 | 00,017,536 | ---- | M] (Nokia) -- C:\Windows\system32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2008/05/07 07:38:20 | 00,020,864 | ---- | M] (Nokia) -- C:\Windows\system32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/05/02 23:46:00 | 07,460,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\Windows\system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2009/05/06 19:04:44 | 00,138,920 | ---- | M] () -- C:\Windows\system32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/04/24 10:33:34 | 00,083,336 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\DRIVERS\s125bus.sys -- (s125bus [On_Demand | Stopped])
DRV - [2007/04/24 10:33:42 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\DRIVERS\s125mdfl.sys -- (s125mdfl [On_Demand | Stopped])
DRV - [2007/04/24 10:33:44 | 00,108,680 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\DRIVERS\s125mdm.sys -- (s125mdm [On_Demand | Stopped])
DRV - [2007/04/24 10:33:46 | 00,100,488 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\DRIVERS\s125mgmt.sys -- (s125mgmt [On_Demand | Stopped])
DRV - [2007/04/24 10:33:46 | 00,098,696 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\DRIVERS\s125obex.sys -- (s125obex [On_Demand | Stopped])
DRV - [2008/12/10 12:44:34 | 00,021,888 | ---- | M] (Max Secure Software Pvt. Ltd.) -- C:\Program Files\SpywareDetector\SDActMon.sys -- (sdactmon [On_Demand | Running])
DRV - [2009/01/05 12:53:36 | 00,013,696 | ---- | M] (Max Secure Software Pvt. Ltd.) -- C:\Program Files\SpywareDetector\SDManager.sys -- (SDManager [System | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2009/04/30 23:12:52 | 00,307,760 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SRTSP.SYS -- (SRTSP [System | Running])
DRV - [2009/04/30 23:12:52 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SRTSPX.SYS -- (SRTSPX [System | Running])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2009/04/30 23:12:52 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SYMEFA.SYS -- (SymEFA [Boot | Running])
DRV - [2009/04/30 23:13:04 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2009/04/30 23:12:52 | 00,089,776 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2009/04/30 23:12:52 | 00,025,136 | R--- | M] (Symantec Corporation) -- C:\Windows\system32\DRIVERS\SymIMv.sys -- (SymIM [System | Running])
DRV - [2009/04/30 23:12:52 | 00,039,984 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running])
DRV - [2009/04/30 23:12:52 | 00,217,392 | ---- | M] (Symantec Corporation) -- C:\Windows\system32\drivers\N360\0300000.086\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/06/06 09:24:44 | 00,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\system32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
DRV - [2009/03/26 15:23:46 | 00,036,864 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/01/21 03:23:27 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\usbser.sys -- (usbser [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2007/02/16 03:04:00 | 00,229,760 | ---- | M] (Vimicro Corporation) -- C:\Windows\System32\Drivers\vmcam323av.sys -- (vmcam325av [On_Demand | Running])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/11/17 10:31:04 | 00,013,976 | ---- | M] (X10 Wireless Technology, Inc.) -- C:\Windows\System32\Drivers\x10hid.sys -- (X10Hid [On_Demand | Running])
DRV - [2006/11/30 15:18:18 | 00,027,416 | ---- | M] (X10 Wireless Technology, Inc.) -- C:\Windows\System32\Drivers\x10ufx2.sys -- (XUIF [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/search?q={searchTerm...amp;rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchTerm...amp;rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Dit] Dit.exe (ICSI Technology Ltd.)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
O4 - HKLM..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" (Nero AG)
O4 - HKLM..\Run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDActiveMonitor] C:\Program Files\SpywareDetector\SDActiveMonitor.exe -AUTO (Max Secure Software Pvt. Ltd.)
O4 - HKLM..\Run: [SDAutoScan] C:\Program Files\SpywareDetector\SpywareDetector.exe -AUTOSCAN (Max Secure Software)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (Nero AG)
O4 - HKCU..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog (Time Information Services Ltd.)
O4 - HKCU..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (Nokia)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Steam\SteamApps\common\grand theft auto iv\RGSC\RGSCLauncher.exe /silent (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Users\Cheryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.one File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 1336 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_b...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://play.battlefield-heroes.com/static/...er_4.0.14.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u...ows-i586-jc.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDNotify: DllName - C:\Program Files\SpywareDetector\SDNotify.dll - C:\Program Files\SpywareDetector\SDNotify.dll (Max Secure Software)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{293094ad-752b-11dd-b74d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{293094ad-752b-11dd-b74d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (SDEarlyDelete) - C:\Windows\System32\SDEarlyDelete.exe ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2 C:\Windows\*.tmp files]
[2009/05/06 23:54:33 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\Cheryl\Desktop\OTListIt2.exe
[2009/05/06 23:42:46 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\AppData\Roaming\Malwarebytes
[2009/05/06 23:42:45 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/06 23:42:45 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/06 23:42:42 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/06 23:42:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/05/06 23:42:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/06 23:41:29 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Cheryl\Desktop\mbam-setup.exe
[2009/05/06 23:21:47 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/05/06 17:02:49 | 27,293,4724 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/05/06 08:34:41 | 00,662,449 | ---- | C] () -- C:\Users\Cheryl\Desktop\AnalysisLog.sr0
[2009/05/06 08:29:49 | 00,661,938 | ---- | C] () -- C:\AnalysisLog.sr0
[2009/05/06 08:23:33 | 00,000,000 | ---D | C] -- C:\Program Files\WarnerBros
[2009/05/05 19:17:26 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\Documents\Azureus Downloads
[2009/05/04 15:39:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2009/05/04 15:39:20 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\AppData\Roaming\Mozilla
[2009/05/04 15:39:20 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/05/04 15:39:19 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\AppData\Roaming\Azureus
[2009/05/04 15:39:19 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/05/04 15:39:04 | 00,001,637 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2009/05/04 15:38:50 | 00,000,000 | ---D | C] -- C:\Program Files\Vuze
[2009/05/04 08:56:07 | 00,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/05/04 08:45:15 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/05/03 00:06:18 | 00,334,045 | ---- | C] () -- C:\Users\Cheryl\Documents\BrightTopUps241Voucher.pdf
[2009/05/01 12:52:05 | 00,001,137 | ---- | C] () -- C:\Users\Cheryl\Desktop\Microsoft Office - Shortcut.lnk
[2009/05/01 12:42:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/05/01 12:42:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/05/01 12:42:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/05/01 12:39:18 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2009/05/01 12:37:46 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/04/30 23:22:00 | 00,000,000 | ---D | C] -- C:\Windows\System32\N360_BACKUP
[2009/04/30 23:14:01 | 00,000,000 | ---D | C] -- C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/30 23:13:28 | 01,372,350 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\Cat.DB
[2009/04/30 23:13:18 | 00,025,136 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys
[2009/04/30 23:13:04 | 00,124,464 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2009/04/30 23:13:04 | 00,007,386 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2009/04/30 23:13:04 | 00,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2009/04/30 23:13:04 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2009/04/30 23:13:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2009/04/30 23:13:01 | 00,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2009/04/30 23:12:52 | 00,310,320 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.sys
[2009/04/30 23:12:52 | 00,307,760 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.sys
[2009/04/30 23:12:52 | 00,217,392 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symtdi.sys
[2009/04/30 23:12:52 | 00,089,776 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symfw.sys
[2009/04/30 23:12:52 | 00,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.sys
[2009/04/30 23:12:52 | 00,039,984 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symndisv.sys
[2009/04/30 23:12:52 | 00,037,296 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symndis.sys
[2009/04/30 23:12:52 | 00,034,736 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symids.sys
[2009/04/30 23:12:51 | 00,482,352 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\cchpx86.sys
[2009/04/30 23:12:51 | 00,258,608 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.sys
[2009/04/30 23:12:31 | 00,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.inf
[2009/04/30 23:12:31 | 00,001,753 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\ccHPx86.inf
[2009/04/30 23:12:31 | 00,001,528 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\SymNet.inf
[2009/04/30 23:12:31 | 00,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.inf
[2009/04/30 23:12:31 | 00,001,383 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.inf
[2009/04/30 23:12:31 | 00,000,640 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.inf
[2009/04/30 23:12:31 | 00,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\isolate.ini
[2009/04/30 23:12:17 | 00,009,423 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\SymNet.cat
[2009/04/30 23:12:17 | 00,007,410 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.cat
[2009/04/30 23:12:17 | 00,007,372 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.cat
[2009/04/30 23:12:17 | 00,007,364 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.CAT
[2009/04/30 23:12:17 | 00,007,355 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.cat
[2009/04/30 23:12:17 | 00,007,347 | ---- | C] () -- C:\Windows\System32\drivers\N360\0300000.086\ccHPx86.cat
[2009/04/30 23:12:17 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0300000.086
[2009/04/30 23:12:17 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2009/04/30 23:12:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2009/04/30 23:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2009/04/30 23:12:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Norton
[2009/04/30 23:08:17 | 00,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2009/04/30 23:08:17 | 00,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2009/04/28 20:45:00 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/04/28 20:44:52 | 00,055,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2009/04/28 20:43:46 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/04/27 22:33:02 | 00,001,267 | ---- | C] () -- C:\Users\Cheryl\Desktop\BearShare Downloads.lnk
[2009/04/27 22:33:02 | 00,000,820 | ---- | C] () -- C:\Users\Cheryl\Desktop\BearShare.lnk
[2009/04/25 17:54:35 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\Documents\Software Bisque
[2009/04/25 17:54:04 | 00,000,000 | ---D | C] -- C:\Program Files\Plus!
[2009/04/25 17:53:45 | 00,000,000 | ---D | C] -- C:\Program Files\Software Bisque
[2009/04/24 19:22:02 | 00,084,832 | ---- | C] (Adaptec) -- C:\Windows\System32\drivers\ASPI32.SYS
[2009/04/24 19:22:02 | 00,045,056 | ---- | C] (Adaptec) -- C:\Windows\System32\WNASPI32.DLL
[2009/04/24 19:21:58 | 00,000,000 | ---D | C] -- C:\Program Files\4Musics WMA to MP3 Converter
[2009/04/24 19:01:57 | 00,000,000 | ---D | C] -- C:\My Media
[2009/04/24 18:59:56 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/04/24 18:59:55 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/04/24 18:48:25 | 00,000,000 | ---D | C] -- C:\Converted
[2009/04/24 18:46:35 | 00,023,096 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\MusCAudio.sys
[2009/04/24 18:28:57 | 00,018,912 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\lmvac.sys
[2009/04/24 18:20:02 | 00,000,000 | ---D | C] -- C:\My Music
[2009/04/24 18:18:12 | 01,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2009/04/24 18:18:12 | 00,376,832 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/04/23 17:43:02 | 00,002,413 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/23 17:42:43 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/23 17:42:41 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/23 17:42:03 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/04/23 17:41:21 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/19 18:58:57 | 00,000,000 | ---D | C] -- C:\ProgramData\39379
[2009/04/19 18:58:52 | 00,076,407 | ---- | C] () -- C:\Users\Cheryl\AppData\Roaming\Smiley.ico
[2009/04/19 14:50:22 | 00,000,000 | ---D | C] -- C:\Windows\A6D96D8E04C447E8A681F7C9C6444B9A.TMP
[2009/04/19 10:44:24 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/19 10:44:24 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/19 10:44:23 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/19 10:44:23 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/19 10:44:23 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/19 10:44:19 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/19 10:44:17 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/19 10:44:14 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/19 10:44:13 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/19 10:44:13 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/19 10:44:13 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/19 10:44:13 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/19 10:44:12 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/19 10:44:12 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/19 10:44:12 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/19 10:44:12 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/19 10:44:11 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/19 10:44:11 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/19 10:44:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/19 10:44:07 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/19 10:44:02 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/19 10:44:00 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/19 10:44:00 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/19 10:43:42 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/19 10:43:42 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/19 10:43:42 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/19 10:43:41 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/19 10:43:41 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/19 10:43:41 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/19 10:43:41 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/19 10:43:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/19 10:43:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/19 10:43:41 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/18 18:57:48 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\Documents\CFSystem
[2009/04/18 15:23:16 | 00,000,000 | ---D | C] -- C:\Medion
[2009/04/17 16:21:06 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\Documents\BearShare
[2009/04/17 16:21:06 | 00,000,000 | ---D | C] -- C:\ProgramData\658
[2009/04/17 16:19:28 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare Applications
[2009/04/17 15:11:38 | 00,000,000 | ---D | C] -- C:\Users\Cheryl\Documents\Battlefield Heroes
[2009/04/17 14:22:29 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009/04/11 10:10:41 | 00,000,000 | ---D | C] -- C:\Program Files\Cats Demo
[2009/01/19 08:34:24 | 00,138,920 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/12/25 10:16:11 | 00,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008/12/21 16:28:27 | 00,000,002 | ---- | C] () -- C:\Windows\PhotoSuite.ini
[2008/12/21 16:28:23 | 00,458,752 | ---- | C] () -- C:\Windows\System32\Fpl.dll
[2008/12/21 16:28:23 | 00,332,800 | ---- | C] () -- C:\Windows\System32\FPXLIB.DLL
[2008/12/21 16:28:23 | 00,019,968 | ---- | C] () -- C:\Windows\System32\CPUINF32.DLL
[2008/12/18 20:56:25 | 00,000,260 | ---- | C] () -- C:\Windows\Dit.INI
[2008/10/28 18:40:48 | 00,173,552 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/06 15:29:20 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXBVinst.dll
[2008/09/06 15:29:19 | 00,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbvusb1.dll
[2008/09/06 15:29:19 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxbvutil.dll
[2008/09/06 15:29:19 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbvinpa.dll
[2008/09/06 15:29:19 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbviesc.dll
[2008/09/06 15:29:19 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBVhcp.dll
[2008/09/06 15:29:18 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbvserv.dll
[2008/09/06 15:29:18 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbvpmui.dll
[2008/09/06 15:29:18 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbvprox.dll
[2008/09/06 15:29:18 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbvpplc.dll
[2008/09/06 15:29:17 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbvlmpm.dll
[2008/09/06 15:29:16 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbvhbn3.dll
[2008/09/06 15:29:15 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbvcomc.dll
[2008/09/06 15:29:15 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbvcomm.dll
[2008/09/06 14:31:26 | 00,000,302 | ---- | C] () -- C:\Windows\lexstat.ini
[2008/09/06 13:41:12 | 00,000,110 | ---- | C] () -- C:\Windows\System32\SDEarlyDelete.ini
[2008/09/06 13:41:12 | 00,000,104 | ---- | C] () -- C:\Windows\System32\ProxySettings.ini
[2008/06/26 13:57:31 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/06/26 13:01:55 | 00,000,917 | ---- | C] () -- C:\Windows\System32\CLWatson.ini
[2008/06/04 14:57:22 | 00,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2008/03/04 19:52:34 | 00,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007/10/31 10:39:54 | 00,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/10/17 11:17:52 | 00,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2007/05/17 14:58:10 | 00,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007/03/29 23:00:40 | 00,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007/02/22 18:32:00 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxbvcoin.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/29 18:19:26 | 00,135,168 | ---- | C] () -- C:\Windows\System32\id3vx_ocx.dll
[2005/12/31 15:19:08 | 01,097,728 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005/12/31 15:13:14 | 00,024,576 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2005/10/26 03:12:10 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxbvvs.dll
[2005/05/25 09:07:26 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxbvcnv4.dll
[2003/05/07 02:11:58 | 00,233,472 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2002/01/14 22:36:28 | 00,172,032 | ---- | C] () -- C:\Windows\System32\MP2enc.dll
========== Files - Modified Within 30 Days ==========
[2 C:\Windows\*.tmp files]
[2009/05/06 23:55:00 | 00,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{31CB33F4-2A83-4265-8229-ECBD9BB301C4}.job
[2009/05/06 23:54:41 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Cheryl\Desktop\OTListIt2.exe
[2009/05/06 23:42:45 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/06 23:42:04 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Cheryl\Desktop\mbam-setup.exe
[2009/05/06 23:37:12 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/06 23:37:12 | 00,599,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/06 23:37:12 | 00,105,448 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/06 23:29:51 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/06 23:29:51 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/06 23:29:50 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/06 23:29:48 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/06 23:29:44 | 32,193,12640 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/06 22:47:51 | 27,293,4724 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/05/06 22:06:50 | 01,372,350 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\Cat.DB
[2009/05/06 19:50:15 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{12055EA1-6493-4E14-860D-4A30C2CD8902}.job
[2009/05/06 19:43:23 | 00,189,072 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2009/05/06 19:43:23 | 00,189,072 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2009/05/06 19:04:44 | 00,138,920 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/05/06 18:43:02 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6709AC2C-2B04-4FF5-A048-7CE254C27325}.job
[2009/05/06 17:06:24 | 00,000,123 | ---- | M] () -- C:\Windows\System\SysSD.dll
[2009/05/06 13:26:36 | 00,410,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/05/06 08:34:47 | 00,662,449 | ---- | M] () -- C:\Users\Cheryl\Desktop\AnalysisLog.sr0
[2009/05/06 08:30:46 | 00,661,938 | ---- | M] () -- C:\AnalysisLog.sr0
[2009/05/06 08:27:15 | 00,418,480 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2009/05/06 08:27:15 | 00,115,432 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2009/05/04 15:39:04 | 00,001,637 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2009/05/04 08:56:07 | 00,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/05/03 00:06:18 | 00,334,045 | ---- | M] () -- C:\Users\Cheryl\Documents\BrightTopUps241Voucher.pdf
[2009/05/01 12:52:05 | 00,001,137 | ---- | M] () -- C:\Users\Cheryl\Desktop\Microsoft Office - Shortcut.lnk
[2009/05/01 12:39:02 | 00,000,219 | ---- | M] () -- C:\Windows\win.ini
[2009/04/30 23:13:04 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2009/04/30 23:13:04 | 00,007,386 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2009/04/30 23:13:04 | 00,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2009/04/30 23:13:02 | 00,000,340 | -HS- | M] () -- C:\Users\Public\Desktop\desktop.ini
[2009/04/30 23:13:01 | 00,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2009/04/30 23:12:52 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.sys
[2009/04/30 23:12:52 | 00,307,760 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.sys
[2009/04/30 23:12:52 | 00,217,392 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symtdi.sys
[2009/04/30 23:12:52 | 00,089,776 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symfw.sys
[2009/04/30 23:12:52 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.sys
[2009/04/30 23:12:52 | 00,039,984 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symndisv.sys
[2009/04/30 23:12:52 | 00,037,296 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symndis.sys
[2009/04/30 23:12:52 | 00,034,736 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\symids.sys
[2009/04/30 23:12:52 | 00,025,136 | R--- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys
[2009/04/30 23:12:51 | 00,482,352 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\cchpx86.sys
[2009/04/30 23:12:51 | 00,258,608 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.sys
[2009/04/30 23:12:31 | 00,003,373 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.inf
[2009/04/30 23:12:31 | 00,001,753 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\ccHPx86.inf
[2009/04/30 23:12:31 | 00,001,528 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\SymNet.inf
[2009/04/30 23:12:31 | 00,001,389 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.inf
[2009/04/30 23:12:31 | 00,001,383 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.inf
[2009/04/30 23:12:31 | 00,000,640 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.inf
[2009/04/30 23:12:31 | 00,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\isolate.ini
[2009/04/30 23:12:17 | 00,009,423 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\SymNet.cat
[2009/04/30 23:12:17 | 00,007,410 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\SymEFA.cat
[2009/04/30 23:12:17 | 00,007,372 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\srtspx.cat
[2009/04/30 23:12:17 | 00,007,364 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\BHDrvx86.CAT
[2009/04/30 23:12:17 | 00,007,355 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\srtsp.cat
[2009/04/30 23:12:17 | 00,007,347 | ---- | M] () -- C:\Windows\System32\drivers\N360\0300000.086\ccHPx86.cat
[2009/04/27 22:33:02 | 00,001,267 | ---- | M] () -- C:\Users\Cheryl\Desktop\BearShare Downloads.lnk
[2009/04/27 22:33:02 | 00,000,820 | ---- | M] () -- C:\Users\Cheryl\Desktop\BearShare.lnk
[2009/04/25 21:38:46 | 00,000,302 | ---- | M] () -- C:\Windows\lexstat.ini
[2009/04/24 19:23:17 | 00,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/24 18:59:56 | 00,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/04/24 18:59:55 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/04/19 19:44:56 | 00,001,674 | ---- | M] () -- C:\Users\Cheryl\Desktop\CCleaner.lnk
[2009/04/18 17:35:59 | 00,000,204 | ---- | M] () -- C:\Plugins
[2009/04/16 13:06:30 | 00,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\MusCAudio.sys
========== LOP Check ==========
[2009/05/06 23:42:46 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming
[2008/09/08 21:44:10 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Adobe
[2008/10/10 16:39:08 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Apple Computer
[2009/05/06 17:00:22 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Azureus
[2008/08/28 23:26:30 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\CyberLink
[2009/04/18 17:42:35 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\GetRightToGo
[2008/08/30 19:05:30 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Google
[2008/08/28 19:13:11 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Identities
[2008/10/19 19:01:53 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\InstallShield
[2008/08/30 12:23:46 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Macromedia
[2009/05/06 23:42:46 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Media Center Programs
[2009/01/26 13:40:05 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\MGI
[2009/05/01 12:24:10 | 00,000,000 | -HSD | M] -- C:\Users\Cheryl\AppData\Roaming\Microsoft
[2009/05/04 15:39:20 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Mozilla
[2008/08/30 23:40:34 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Nero
[2009/03/22 16:21:29 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Nokia
[2008/09/14 19:29:25 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\PC Suite
[2009/03/28 23:21:53 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Real
[2009/02/02 17:36:00 | 00,000,000 | RH-D | M] -- C:\Users\Cheryl\AppData\Roaming\SecuROM
[2008/12/25 12:18:30 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Sports Interactive
[2008/10/17 22:20:35 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Template
[2009/04/18 17:42:36 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Tibia
[2008/08/28 23:28:45 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\Ulead Systems
[2008/11/28 22:08:51 | 00,000,000 | ---D | M] -- C:\Users\Cheryl\AppData\Roaming\WinRAR
[2009/05/06 23:29:50 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/05/06 23:28:42 | 00,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/05/06 19:50:15 | 00,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{12055EA1-6493-4E14-860D-4A30C2CD8902}.job
[2009/05/06 23:55:00 | 00,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{31CB33F4-2A83-4265-8229-ECBD9BB301C4}.job
[2009/05/06 18:43:02 | 00,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6709AC2C-2B04-4FF5-A048-7CE254C27325}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTListIt Extras logfile created on: 06/05/2009 23:58:06 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Users\Cheryl\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 87.18% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445.76 Gb Total Space | 301.41 Gb Free Space | 67.62% Space Free | Partition Type: NTFS
Drive D: | 19.98 Gb Total Space | 12.19 Gb Free Space | 60.98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 149.01 Gb Total Space | 112.43 Gb Free Space | 75.45% Space Free | Partition Type: FAT32
Computer Name: BESTWICK-PC
Current User Name: Cheryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
{03E4A109-A7A5-4CB1-AC3B-204E7F76F223} = LPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32753 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{066B8A06-E7C0-4BB2-BC8B-1F48D942E213} = LPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32801 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{0E6FC83D-2381-4687-9D1D-4820D6A115AC} = LPORT=6004 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE OUTLOOK | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\OUTLOOK.EXE |
{12C9AAEA-82AA-4B1F-B1DC-644EEE2EEE9D} = RPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28523 | APP=SYSTEM |
{3138E39C-8EB8-4353-B386-32F4DB635831} = LPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28511 | APP=SYSTEM |
{3A27F9D8-35BD-429C-9AE5-B4AC2C65F916} = RPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28507 | APP=SYSTEM |
{48D1BB2A-D5F6-4A35-84DE-B319F9ACCAD9} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{50A42F63-4B3C-423D-BBA0-4707E26662DF} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{5A464F77-DA4C-45F4-876E-9B32E3122AFD} = LPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28527 | APP=SYSTEM |
{5E02919D-CA5F-4C9C-8980-77C42B162642} = LPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28503 | APP=SYSTEM |
{7B2C8386-F1AB-4371-8AE6-E21AC6EF58BB} = RPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32757 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{940DD1F5-D801-4D7C-973E-52A97F7BF0FA} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32809 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{9E326404-D566-4CFB-8B75-1DB11C7C0CED} = LPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28519 | APP=SYSTEM |
{A113F3FC-17F1-43CF-9E57-B89C2294AA42} = RPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32805 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{B2AD2805-97BB-447F-84FF-D2B0A48B74D2} = LPORT=RPC-EPMAP | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28539 | SVC=RPCSS |
{C1E41B16-9DD7-4CC8-8AE3-083D56E49715} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32811 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{CFA46122-55ED-4E69-ABAC-C1C0EED501B2} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32785 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{D6D315D2-2728-45BF-907F-B6B4F37480E1} = LPORT=RPC | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{DCAB0282-289D-44B5-A6CC-F9EDFC6007EF} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32789 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{E7742FE9-D7A4-402C-89EB-F5DB01CEB20A} = RPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28515 | APP=SYSTEM |
{EBEEC7AA-0C81-412E-A1F2-94892CCCE353} = RPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28531 | APP=SYSTEM |
========== Vista Active Application Exception List ==========
{0325C3C2-3E9C-45FA-86B2-4F0785A84E14} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28546 |
{03A2E24B-7881-4420-9A6B-BAA8B9AAA1EC} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=RAINBOW SIX VEGAS 2 | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\RAINBOW SIX VEGAS 2\BINARIES\R6VEGAS2_GAME.EXE |
{12102D0D-A075-4F9D-A29E-5DFECBF7F9A2} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28543 |
{194264E5-E7AA-4AAD-B4E7-119A00C953BF} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=RAINBOW SIX VEGAS 2 | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\RAINBOW SIX VEGAS 2\BINARIES\R6VEGAS2_GAME.EXE |
{1A193D56-2691-4F7C-AC48-F4E4EBA0CD59} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{1BBD09CF-507B-43CE-8FF4-9C8D93FAFEC3} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=LEXMARK COMMUNICATIONS SYSTEM | APP=C:\WINDOWS\SYSTEM32\LXBVCOMS.EXE |
{23E6A3E9-61F8-42AC-8B7A-2578167F22F9} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GRAND THEFT AUTO IV | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\GRAND THEFT AUTO IV\RGSC\RGSCLAUNCHER.EXE |
{242A4000-DC43-474E-BF36-B7CCBB432797} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BEARSHARE | APP=C:\PROGRAM FILES\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE |
{24AEEB20-C448-4983-8592-9E9A15935B9C} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28545 |
{29821EE3-ACCA-448A-A951-51F758035EF5} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE SYNC | APP=C:\PROGRAM FILES\WINDOWS LIVE\SYNC\WINDOWSLIVESYNC.EXE |
{2AE3DE31-769F-423F-8F38-3F235AEF4A0E} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PNKBSTRA | APP=C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE |
{2B68CB7E-394B-4945-8930-5F67B9EB59A9} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK TVENHANCE | APP=C:\PROGRAM FILES\HOMECINEMA\TV ENHANCE\TVENHANCE.EXE |
{34F08613-F3A9-4D96-90AA-181B69B1B160} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK POWERDVD | APP=C:\PROGRAM FILES\HOMECINEMA\POWERDVD\POWERDVD.EXE |
{36EAFA56-FA44-4C78-A9B8-DB6330975547} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{470C5C59-FA8D-48DB-A21E-EEE9B763278A} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=CALL OF DUTY® 4 - MODERN WARFARE™ | APP=C:\PROGRAM FILES\ACTIVISION\CALL OF DUTY 4 - MODERN WARFARE\IW3MP.EXE |
{5236953E-126A-46E2-ACEB-A33DB97A82E3} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PBSETUP | APP=J:\PBSETUP.EXE |
{5A8953C8-75B9-4CE7-B82A-E066EE886B2E} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PNKBSTRB | APP=C:\WINDOWS\SYSTEM32\PNKBSTRB.EXE |
{61A994F0-8088-436C-8240-CAA0D43D315C} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PNKBSTRA | APP=C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE |
{61B65238-4F78-4F8A-ABCE-D82B3CFEC7AF} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PBSETUP | APP=J:\PBSETUP.EXE |
{66E86B6B-9C92-433E-BB09-C22C12EBF07A} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=CALL OF DUTY® 4 - MODERN WARFARE™ | APP=C:\PROGRAM FILES\ACTIVISION\CALL OF DUTY 4 - MODERN WARFARE\IW3MP.EXE |
{6A3624BC-A780-4350-AB76-A6007C3F30D4} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{6E0FD4CA-5BC4-4196-8A15-9836C659B7A7} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK POWERDIRECTOR | APP=C:\PROGRAM FILES\HOMECINEMA\POWERDIRECTOR\PDR.EXE |
{6EE03401-DB5A-4F3A-9453-35820397E803} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GRAND THEFT AUTO IV | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\GRAND THEFT AUTO IV\RGSC\RGSCLAUNCHER.EXE |
{789CA93E-9DE1-427C-814E-48A2152FB931} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-32821 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{7F8F4CB2-F65F-4D74-9BBB-8111F2D7B213} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\FOOTBALL MANAGER 2009\FM.EXE |
{99E5A0FD-74FE-4B1F-9EB5-F0166298D7E9} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PANDO MEDIA BOOSTER | APP=C:\PROGRAM FILES\PANDO NETWORKS\MEDIA BOOSTER\PMB.EXE |
{A0E836EB-AC2D-4758-9835-5D85379A343E} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK MAKEDISC | APP=C:\PROGRAM FILES\HOMECINEMA\MAKEDISC\MAKEDISC.EXE |
{A29284F7-4D8C-4FE8-A146-7C0C77AB8471} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PRINTER STATUS WINDOW | APP=C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXBVPSWX.EXE |
{A4FF2E4D-C9BD-4FF0-A93B-93F53E7255C0} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\FOOTBALL MANAGER 2009\FM.EXE |
{A7B0454A-FB5E-44A8-8BDC-0F32BC5ED434} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BEARSHARE | APP=C:\PROGRAM FILES\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE |
{A9C29EDE-D696-473D-A675-DD76195FAAAD} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PNKBSTRB | APP=C:\WINDOWS\SYSTEM32\PNKBSTRB.EXE |
{BF99DDFF-BA5F-476F-8140-F5C30E344745} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{C6DB957F-D99B-4B0E-94EB-F28D6792A0B6} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{C86DA0FE-9B56-42D5-BF61-03D8BB4180C8} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PRINTER STATUS WINDOW | APP=C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXBVPSWX.EXE |
{CD092F2E-4BFA-4BB3-8CD1-BB5A83649358} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PANDO MEDIA BOOSTER | APP=C:\PROGRAM FILES\PANDO NETWORKS\MEDIA BOOSTER\PMB.EXE |
{D918DFC7-31E4-437A-B160-FD31A75903A0} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28544 |
{E9988A3A-B3D4-48E6-9141-FDF35EE9FE27} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=LEXMARK COMMUNICATIONS SYSTEM | APP=C:\WINDOWS\SYSTEM32\LXBVCOMS.EXE |
{FC60934B-E87E-46DA-B9F4-645CE10217B5} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK TVENHANCE RESIDENT PROGRAM | APP=C:\PROGRAM FILES\HOMECINEMA\TV ENHANCE\TVESERVICE.EXE |
{FFF0DD62-1F5B-4955-A0A1-A2C24C34902A} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
TCP Query User{162EEFF4-E7E3-499A-9FA1-D8E28843FFF7}C:\data\demo\f3.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=F3 | APP=C:\DATA\DEMO\F3.EXE |
TCP Query User{2CB40613-5AED-42FB-8E62-3DB2FC2512D5}C:\program files\sopcast\sopcast.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
TCP Query User{631341A3-76F3-4875-B6E1-F3464FD7E2CC}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
TCP Query User{786F7ADC-29E8-4768-AD10-85101D16BD08}C:\program files\bearshare\bearshare.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BEARSHARE | APP=C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE |
TCP Query User{83F0BD35-AB0E-4613-AF62-A01F03D10240}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
TCP Query User{B8911A7F-9AB5-42F5-B3AC-5697019C5CE3}C:\program files\internet explorer\iexplore.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
TCP Query User{BA71E524-D68E-40C0-B978-82A8769A6FA8}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
TCP Query User{CDE3D93C-FCC8-4CDC-A3E2-6AB30585296E}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GRAND THEFT AUTO IV | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\GRAND THEFT AUTO IV\GTAIV\GTAIV.EXE |
TCP Query User{F423179E-CC94-48F1-9ADF-8834579B810F}C:\program files\real\realplayer\recordingmanager.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=BLOCK | NAME=REALNETWORKS DOWNLOAD AND RECORD MANAGER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\RECORDINGMANAGER.EXE |
UDP Query User{0036E33A-8B6D-4CF4-8446-A5217C6018FA}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GRAND THEFT AUTO IV | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\GRAND THEFT AUTO IV\GTAIV\GTAIV.EXE |
UDP Query User{1425A9FB-BD95-4187-A9F8-FD4B050A95D4}C:\data\demo\f3.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=F3 | APP=C:\DATA\DEMO\F3.EXE |
UDP Query User{19E4B865-E99F-48C4-8956-F5E88982F172}C:\program files\internet explorer\iexplore.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
UDP Query User{1D5E4D96-5F92-496F-92C4-8F9C00A591A7}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
UDP Query User{3CAC8064-3000-4F7A-A8BB-0DFF6C3A90F0}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
UDP Query User{594F73DB-5165-41D3-A5C6-083883E3F394}C:\program files\bearshare\bearshare.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BEARSHARE | APP=C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE |
UDP Query User{C3147EC0-F8F4-4F9E-A45F-2B7404CD062B}C:\program files\sopcast\sopcast.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
UDP Query User{EB8FBC08-06A7-4A56-A454-CAF0C947F882}C:\program files\real\realplayer\recordingmanager.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=BLOCK | NAME=REALNETWORKS DOWNLOAD AND RECORD MANAGER | APP=C:\PROGRAM FILES\REAL\REALPLAYER\RECORDINGMANAGER.EXE |
UDP Query User{EE00D26A-89A8-47EF-B196-4D3586CA2BDC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}" = Nokia Software Updater
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1B9B7BA2-0C7A-4759-BACD-FADADE9E6694}" = Vimicro USB2.0 PC Camera(VC0323)
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel® Network Connections 13.0.42.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{9312191B-30A5-44E1-8D8D-6936FE06CDE8}" = Wanted: Weapons of Fate
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D6C9AF27-9414-46C8-B9D8-D878BA041033}" = Nero 8 Essentials
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = CyberLink TV Enhance
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Multi-Card Reader & Flash Disk
"{ECE3188A-3B11-4332-B1B9-43FAA9A02626}" = TheSkyX First Light Edition
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"4Musics WMA to MP3 Converter 5.0_is1" = 4Musics WMA to MP3 Converter 5.0
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Ask Toolbar_is1" = Vuze Toolbar
"BearShare" = BearShare
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.8)
"Cats Demo_is1" = Cats Demo
"CCLEANER" = CCleaner (remove only)
"Cross Fire_is1" = Cross Fire En
"Digital Camera Driver" = Digital Camera Driver
"Google Desktop" = Google Desktop
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"Lexmark 2200 Series" = Lexmark 2200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"N360" = Norton 360
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PROPLUSR" = Microsoft Office Professional Plus 2007
"PROSetDX" = Intel® Network Connections 13.0.42.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"SopCast" = SopCast 3.0.3
"SPVOD Player1.8" = SPVOD Player1.8
"ST6UNST #1" = Audio Workstation
"Steam App 10540" = Football Manager 2009
"Steam App 12210" = Grand Theft Auto IV
"Steam App 13210" = Unreal Tournament 3
"Steam App 15120" = Rainbow Six Vegas 2
"SystemRequirementsLab" = System Requirements Lab
"Tibia_is1" = Tibia
"Vuze" = Vuze
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"X10Hardware" = X10 Hardware™
"YAHOO! COMPANION" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Results of screen317's Security Check version 0.98.3
Windows Vista Service Pack 1
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
Windows Firewall Disabled!
Norton360
ECHO is off.
Error obtaining update status for antivirus!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
Malwarebytes' Anti-Malware
CCleaner (remove only)
Java™ 6 Update 7
Out of date Java installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
Norton ccSvcHst.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
Scan took -163 seconds.
`````````End of Log```````````
Thank you for your help!
Chebes