Antivirus Suite

View previous topic View next topic Go down

Antivirus Suite

Post by Rhysenn on Sat 10 Apr - 16:39

I need help getting rid of this damned Antivirus Suite.
So far I've tried putting my pc into safe mode with networking (that's what I'm running on right now), opening my internet explorer and turning of the proxy settings, and running malwarebytes anti-malware.

Still, when I was asked to restart my pc after malwarebytes removed somthing, I can't get rid of Antivirus Suite.

Here is my log from Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:34 PM, on 09/04/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Safe mode with network support

Running processes:
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] "C:\Program Files (x86)\Acer\Acer Assist\launcher.exe"
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [LManager] C:\PROGRA~2\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [oabohurr] C:\Users\Azure Kokoro\AppData\Local\vsdppykkd\lbcwxvutssd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips GoGear Spark Device Manager.lnk = C:\Program Files (x86)\Philips\GoGear Spark Device Manager\main.exe
O8 - Extra context menu item: &Translate with ATLAS - D:\Program Files (x86)\atlas\Atlscript.html
O8 - Extra context menu item: ATLAS Translation &Editor - D:\Program Files (x86)\atlas\AtlscriptEdit.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: SYSTRAN Lookup - [You must be registered and logged in to see this link.] Files (x86)\atlas\\GUIres.dll/lookup.js
O8 - Extra context menu item: SYSTRAN Translate - [You must be registered and logged in to see this link.] Files (x86)\atlas\\GUIres.dll/translate.js
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - D:\Program Files (x86)\atlas\Atlscript.html
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Web Printing ?d?\?|?U???I”n?\?| - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: [You must be registered and logged in to see this link.]
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: FwcamptoWga - {3209672D-C736-43AC-AC39-A5CCC21946A5} - (no file)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - (no file)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: IntelR PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IntelR PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14740 bytes






any and all help is appreciated.

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Sun 11 Apr - 5:47

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Sun 11 Apr - 8:49

I downloaded Combofix, closed all my programs, and tried to install it and got an error message that said something along he lines of "incompatible os. combofix only works with windows 2000 or xp."

My computer is currently running in safe mode with networking, should it be in normal mode for this install? or did I do something else wrong?

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Sun 11 Apr - 20:25

Oops...sorry. Misread something in your post. I did not know you had a 64 bit OS. Goofy

Let's do this instead. Smile

Hi

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Sun 11 Apr - 20:58

this is the OTL.Txt


OTL logfile created on: 11/04/2010 3:41:19 AM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Azure Kokoro\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 53.56 Gb Free Space | 37.18% Space Free | Partition Type: NTFS
Drive D: | 135.50 Gb Total Space | 86.86 Gb Free Space | 64.10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHION
Current User Name: Azure Kokoro
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
MOD - [2008/01/20 20:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008/01/20 20:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/16 11:23:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/16 10:15:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2008/06/02 07:25:40 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/05/26 06:44:02 | 000,719,152 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2008/04/30 18:20:42 | 001,371,136 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 17:42:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/10 21:11:30 | 000,015,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2006/11/02 05:16:35 | 000,051,200 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV - [2010/04/08 07:26:50 | 002,504,280 | ---- | M] () [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3653.dll -- (Akamai)
SRV - [2009/12/08 15:25:28 | 000,110,312 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/02/06 03:25:46 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/02 16:53:32 | 003,520,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/07/29 15:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/27 12:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/07/20 15:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/05/26 06:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2008/04/25 19:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 19:36:02 | 000,131,072 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/03 11:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/01/10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007/12/06 14:16:16 | 000,132,096 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/14 21:15:16 | 000,963,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2006/11/02 07:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 00:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 00:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/11/28 19:01:42 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/11/28 19:01:42 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/09/16 10:22:40 | 000,308,296 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 10:22:40 | 000,102,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 10:22:40 | 000,049,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 10:15:38 | 000,040,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/16 12:32:26 | 000,176,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/10 03:45:52 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/02/02 16:53:29 | 000,054,704 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\AlfaFF.sys -- (AlfaFF)
DRV:64bit: - [2008/07/29 15:53:50 | 000,060,976 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008/07/29 15:53:50 | 000,021,040 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008/07/29 15:53:48 | 000,022,064 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008/07/20 15:44:54 | 000,402,456 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/25 11:35:06 | 000,056,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/05/26 06:44:14 | 000,049,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vfs101a.sys -- (vfs101a)
DRV:64bit: - [2008/05/19 10:23:00 | 000,056,320 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E)
DRV:64bit: - [2008/05/07 04:48:10 | 000,126,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/04/28 20:10:55 | 000,276,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BthPort)
DRV:64bit: - [2008/04/28 20:10:51 | 000,034,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/04/27 16:38:12 | 004,730,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/04/04 03:27:00 | 000,321,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/02/29 00:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/30 18:48:32 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 18:48:16 | 000,016,384 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/01/20 20:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 20:47:27 | 000,168,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/20 20:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 20:47:03 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 20:47:02 | 000,115,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 20:46:57 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/20 20:46:52 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 20:46:51 | 000,017,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/12/18 18:57:12 | 000,059,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2007/08/21 02:43:26 | 000,027,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64)
DRV:64bit: - [2007/03/29 13:47:30 | 000,088,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/02/27 00:20:46 | 000,096,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/02/27 00:20:42 | 000,020,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2006/11/01 23:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2009/02/02 16:59:16 | 000,000,000 | ---D | M] [Kernel | On_Demand | Running] -- C:\Windows\ITECIR -- (itecir)
DRV - [2009/02/02 16:53:28 | 000,016,384 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\SysWOW64\AlfaFF.dll -- (AlfaFF)
DRV - [2008/08/21 17:45:59 | 000,000,000 | ---D | M] [Kernel | Disabled | Stopped] -- C:\Windows\PARPORT -- (Parport)
DRV - [2007/12/13 01:07:34 | 000,003,481 | ---- | M] () [File_System | Boot | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDFilter.inf -- (PSDFilter)
DRV - [2007/12/13 01:07:34 | 000,003,460 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDNserv.inf -- (PSDNServ)
DRV - [2007/12/13 01:07:34 | 000,003,459 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDVDisk.inf -- (psdvdisk)
DRV - [2007/01/02 02:43:34 | 000,015,656 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2006/11/02 07:27:12 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files (x86)\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 07:01:26 | 000,025,872 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
DRV - [2006/09/18 15:36:40 | 000,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 15:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.60
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.5.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/02/23 00:54:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 23:05:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/01 12:13:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/01 12:13:57 | 000,000,000 | ---D | M]

[2009/03/05 18:58:40 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Extensions
[2009/03/05 18:58:40 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/11 00:28:52 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions
[2009/09/03 10:34:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/02 17:11:02 | 000,000,000 | ---D | M] (Foxkeh Theme) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{57407AE0-868F-11DC-AD21-49A755D89593}
[2010/01/13 23:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/13 23:42:07 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\foxmarks@kei.com
[2010/02/20 17:50:13 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\personas@christopher.beard
[2010/04/10 00:16:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/01 13:37:45 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/10/12 23:22:49 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL (FUJITSU LIMITED)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [oabohurr] C:\Users\Azure Kokoro\AppData\Local\vsdppykkd\lbcwxvutssd.exe ()
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: &Translate with ATLAS - D:\Program Files (x86)\atlas\atlscript.html ()
O8:64bit: - Extra context menu item: ATLAS Translation &Editor - D:\Program Files (x86)\atlas\AtlscriptEdit.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: SYSTRAN Lookup - D:\Program Files (x86)\atlas\GUIres.dll ()
O8:64bit: - Extra context menu item: SYSTRAN Translate - D:\Program Files (x86)\atlas\GUIres.dll ()
O8 - Extra context menu item: &Translate with ATLAS - D:\Program Files (x86)\atlas\atlscript.html ()
O8 - Extra context menu item: ATLAS Translation &Editor - D:\Program Files (x86)\atlas\AtlscriptEdit.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: SYSTRAN Lookup - D:\Program Files (x86)\atlas\GUIres.dll ()

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Sun 11 Apr - 20:59

O8 - Extra context menu item: SYSTRAN Translate - D:\Program Files (x86)\atlas\GUIres.dll ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - D:\Program Files (x86)\atlas\atlscript.html ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Web Printing を表示または非表示 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_12)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.184.13 64.59.184.15 64.59.190.242
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O22 - SharedTaskScheduler: {3209672D-C736-43AC-AC39-A5CCC21946A5} - FwcamptoWga - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Users\Azure Kokoro\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Azure Kokoro\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\abc\command - "" = G:\Instal~1\Start.exe -- File not found
O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\AutoRun\command - "" = G:\Instal~1\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008/01/20 21:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll ()
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll ()
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 21:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32:64bit: aux1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll ()
Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm ()
Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm ()
Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm ()
Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm ()
Drivers32:64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll ()
Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll ()
Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll ()
Drivers32:64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.XFR1 - C:\Windows\SysNative\xfcodec64.dll ()
Drivers32:64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll ()
Drivers32:64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010/04/11 03:40:29 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
[2010/04/10 15:45:01 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/04/09 18:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/04/09 18:33:07 | 003,376,656 | ---- | C] (Piriform Ltd) -- C:\Users\Azure Kokoro\Desktop\ccsetup230.exe
[2010/04/09 18:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Window Registry Repair
[2010/04/09 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegTweaker
[2010/04/09 18:15:17 | 002,161,761 | ---- | C] ( ) -- C:\Users\Azure Kokoro\Desktop\regtweaker.exe
[2010/04/09 14:53:26 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Local\vsdppykkd
[2010/04/07 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Desperate Housewives
[2010/04/07 11:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buena Vista Games
[2010/04/07 11:51:40 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\Desktop\Torrents
[2010/04/04 22:09:05 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Foxit Software
[2010/04/01 22:34:58 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Settlement. Colossus
[2010/03/29 21:10:47 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\HPAppData
[2010/03/15 23:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\DISCIPLINE
[2008/07/22 02:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
[2010/04/11 03:38:14 | 000,035,675 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/04/11 03:37:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/11 03:36:16 | 002,883,584 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT
[2010/04/11 03:36:15 | 000,524,288 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/04/11 03:36:15 | 000,065,536 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TM.blf
[2010/04/11 03:35:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/11 03:35:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/04/11 03:35:31 | 002,290,072 | -H-- | M] () -- C:\Users\Azure Kokoro\AppData\Local\IconCache.db
[2010/04/11 03:27:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/04/11 03:20:02 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/10 23:20:03 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/10 21:58:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/04/10 15:59:19 | 000,704,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/10 15:59:19 | 000,595,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/10 15:59:19 | 000,105,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/10 15:52:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/04/10 15:50:35 | 000,086,108 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/04/10 15:37:28 | 003,911,676 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\ComboFix.exe
[2010/04/09 18:57:23 | 000,363,520 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\rkill.com
[2010/04/09 18:34:47 | 000,112,534 | ---- | M] () -- C:\Users\Azure Kokoro\Documents\cc_20100409_183415.reg
[2010/04/09 18:33:40 | 000,001,728 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\CCleaner.lnk
[2010/04/09 18:33:07 | 003,376,656 | ---- | M] (Piriform Ltd) -- C:\Users\Azure Kokoro\Desktop\ccsetup230.exe
[2010/04/09 18:27:07 | 000,000,874 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\Free Window Registry Repair.lnk
[2010/04/09 18:26:42 | 000,798,000 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\RegpairSetup.exe
[2010/04/09 18:15:31 | 000,000,874 | ---- | M] () -- C:\Users\Public\Desktop\RegTweaker.lnk
[2010/04/09 18:15:18 | 002,161,761 | ---- | M] ( ) -- C:\Users\Azure Kokoro\Desktop\regtweaker.exe
[2010/04/09 15:31:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/04/09 09:28:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/04/09 02:39:31 | 000,084,992 | ---- | M] () -- C:\Users\Azure Kokoro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 23:59:45 | 000,086,108 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/04/07 12:07:03 | 000,001,140 | ---- | M] () -- C:\Windows\disney.ini
[2010/04/07 12:06:57 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\Unlocked Coupons.lnk
[2010/04/07 11:56:50 | 000,000,186 | ---- | M] () -- C:\Windows\disneysy.ini
[2010/04/07 11:51:52 | 000,000,391 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\Torrents - Shortcut.lnk
[2010/04/06 02:10:41 | 000,000,580 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\LimeWire 5.5.8.lnk
[2010/04/01 01:16:21 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010/03/30 20:48:15 | 002,250,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/03/30 20:02:52 | 000,081,232 | ---- | M] () -- C:\Users\Azure Kokoro\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/18 23:09:32 | 000,023,237 | ---- | M] () -- C:\Windows\hpqins15.dat
[2010/03/15 23:47:40 | 000,000,810 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\DISCIPLINE.LNK
[2010/03/15 01:20:02 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/10 15:37:27 | 003,911,676 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\ComboFix.exe
[2010/04/09 18:57:23 | 000,363,520 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\rkill.com
[2010/04/09 18:34:23 | 000,112,534 | ---- | C] () -- C:\Users\Azure Kokoro\Documents\cc_20100409_183415.reg
[2010/04/09 18:33:40 | 000,001,728 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\CCleaner.lnk
[2010/04/09 18:27:07 | 000,000,874 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\Free Window Registry Repair.lnk
[2010/04/09 18:26:42 | 000,798,000 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\RegpairSetup.exe
[2010/04/09 18:15:31 | 000,000,874 | ---- | C] () -- C:\Users\Public\Desktop\RegTweaker.lnk
[2010/04/08 07:28:11 | 000,329,262 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI188D.txt
[2010/04/08 07:28:10 | 000,034,414 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI188D.txt
[2010/04/07 12:06:57 | 000,001,798 | ---- | C] () -- C:\Users\Public\Desktop\Unlocked Coupons.lnk
[2010/04/07 11:57:21 | 000,001,140 | ---- | C] () -- C:\Windows\disney.ini
[2010/04/07 11:56:50 | 000,000,186 | ---- | C] () -- C:\Windows\disneysy.ini
[2010/04/07 11:51:20 | 000,000,391 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\Torrents - Shortcut.lnk
[2010/04/06 02:10:41 | 000,000,580 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\LimeWire 5.5.8.lnk
[2010/03/18 23:04:20 | 000,023,237 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/03/15 23:47:40 | 000,000,810 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\DISCIPLINE.LNK
[2010/03/05 01:27:14 | 000,330,776 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI23B7.txt
[2010/03/05 01:27:09 | 000,262,674 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI23B7.txt
[2010/03/01 14:23:00 | 000,329,844 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI3CDB.txt
[2010/03/01 14:22:49 | 000,255,658 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI3CDB.txt
[2010/02/22 17:14:35 | 000,420,040 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI1D5E.txt
[2010/02/22 17:14:33 | 000,015,262 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI1D5E.txt
[2010/01/28 14:04:34 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000002.regtrans-ms
[2010/01/28 14:04:34 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/01/28 14:04:34 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TM.blf
[2010/01/25 14:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TMContainer00000000000000000002.regtrans-ms
[2010/01/25 14:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/01/25 14:36:49 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TM.blf
[2010/01/13 23:46:40 | 000,878,080 | ---- | C] () -- C:\Windows\SysWow64\iconv.dll
[2010/01/13 23:46:40 | 000,721,920 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll
[2010/01/13 23:46:40 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\libxslt.dll
[2010/01/13 23:46:40 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\libexslt.dll
[2010/01/05 22:14:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/04 00:07:13 | 000,000,000 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2009/10/12 22:21:42 | 000,000,100 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\fusioncache.dat
[2009/10/12 21:56:11 | 000,713,218 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/21 04:02:54 | 000,004,096 | -H-- | C] () -- C:\Users\Azure Kokoro\AppData\Local\keyfile3.drm
[2009/05/29 22:42:20 | 000,309,248 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2009/05/04 21:11:20 | 000,003,476 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/04/21 14:38:06 | 000,200,001 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009/04/21 14:38:01 | 000,313,102 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_dotnetfx35install.txt
[2009/04/21 14:38:01 | 000,124,256 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\uxeventlog.txt
[2009/04/21 14:38:01 | 000,000,002 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_dotnetfx35error.txt
[2009/03/11 19:01:28 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\DirectCOM.dll
[2009/03/08 02:35:40 | 000,000,680 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\d3d9caps.dat
[2009/02/10 03:57:02 | 000,000,426 | ---- | C] () -- C:\Windows\wininit.ini
[2009/02/03 18:30:16 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/02/03 18:30:16 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/02/03 03:20:52 | 000,084,992 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/02 17:21:27 | 000,086,108 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/02/02 17:19:38 | 000,086,108 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/02/02 17:09:44 | 000,004,350 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009/02/02 16:57:57 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/02/02 16:57:57 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/02/02 16:53:54 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\VMC3KAPI.dll
[2009/02/02 16:50:16 | 002,883,584 | -HS- | C] () -- C:\Users\Azure Kokoro\ntuser.dat_previous
[2009/02/02 16:50:16 | 002,883,584 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT
[2009/02/02 16:50:16 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2009/02/02 16:50:16 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2009/02/02 16:50:16 | 000,262,144 | -H-- | C] () -- C:\Users\Azure Kokoro\ntuser.dat.LOG1
[2009/02/02 16:50:16 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009/02/02 16:50:16 | 000,000,020 | -HS- | C] () -- C:\Users\Azure Kokoro\ntuser.ini
[2009/02/02 16:50:16 | 000,000,000 | -H-- | C] () -- C:\Users\Azure Kokoro\ntuser.dat.LOG2
[2008/11/06 10:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 10:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/11/06 10:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
[2008/11/06 10:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/08/21 15:05:52 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2008/08/21 15:05:52 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008/08/21 14:32:02 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 20:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/11/14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CogentBioSDK.dll
[2007/01/02 02:43:34 | 000,015,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\int15_64.sys
[2001/12/26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001/09/03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001/07/30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001/07/23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2008/01/20 20:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/08/21 17:46:30 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2007/11/06 20:13:41 | 000,359,256 | ---- | M] (Hewlett-Packard) -- C:\hpzids40.dll
[2010/04/09 19:46:53 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2009/02/02 17:09:09 | 000,000,020 | ---- | M] () -- C:\Medion.ini
[2010/04/11 03:37:01 | 310,411,263 | -HS- | M] () -- C:\pagefile.sys
[2009/02/02 17:02:41 | 000,000,060 | ---- | M] () -- C:\Partition.txt
[2008/08/21 14:32:15 | 000,000,524 | ---- | M] () -- C:\RHDSetup.log
[2010/04/09 18:57:30 | 000,000,398 | ---- | M] () -- C:\rkill.log

< %PROGRAMFILES%\*. >
[2009/02/02 17:17:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2009/02/02 17:16:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2009/08/08 20:34:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer GameZone
[2009/02/02 17:18:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Inc
[2008/08/21 15:12:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2010/03/01 14:11:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/01/02 17:49:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alawar
[2009/03/05 19:52:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/01/25 14:34:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\asgard
[2009/03/12 13:53:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/04/07 11:58:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Buena Vista Games
[2010/04/09 18:33:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2008/08/21 14:34:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2009/04/07 14:13:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010/03/30 19:44:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2008/08/21 15:17:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2009/02/10 03:48:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/01/02 01:28:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2009/06/02 12:52:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2008/08/21 15:17:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eSobi
[2010/01/03 00:41:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Essentials Codec Pack
[2009/02/10 04:12:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fate-stay night English
[2010/03/01 14:23:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Finale Reader
[2010/03/03 17:08:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Firaxis Games
[2010/03/01 13:38:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Foxit Software
[2009/09/17 09:34:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2010/04/09 18:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Window Registry Repair
[2010/02/15 20:51:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2009/05/04 21:17:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2010/04/07 11:57:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2008/08/21 14:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2009/12/09 04:38:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2009/09/23 11:32:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iPhone Configuration Utility
[2010/02/11 23:44:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2009/04/13 13:56:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/02/28 19:02:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kalypso
[2009/02/02 16:58:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager
[2010/03/30 19:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Linksys
[2010/04/09 19:46:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/09 14:44:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2009/04/13 14:04:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee.com
[2009/06/11 00:08:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2008/08/21 15:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/01/03 20:57:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/11/04 04:06:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2009/06/02 12:52:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft WSE
[2008/08/21 15:09:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010/04/11 03:39:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2009/04/21 02:42:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECACHE
[2009/02/03 03:06:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2008/08/21 15:05:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
[2009/10/12 23:22:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/02/11 22:59:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Philips
[2010/02/11 23:26:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2008/08/21 14:31:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/04/09 18:15:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RegTweaker
[2010/02/11 23:16:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2010/01/24 12:38:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
[2009/08/20 18:18:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trymedia
[2009/11/24 10:03:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TuneUpMedia
[2006/11/02 09:36:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010/01/26 02:14:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Virtual City
[2010/03/01 15:28:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2010/02/22 14:12:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Will
[2008/01/20 21:09:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Calendar
[2008/01/20 21:09:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Collaboration
[2008/01/20 21:09:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2009/04/21 02:43:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Installer Clean Up
[2009/06/11 00:08:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2009/06/11 00:07:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/01/13 04:26:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2009/10/28 03:17:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2008/01/20 21:09:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Gallery
[2008/01/20 21:09:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2009/02/08 16:23:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2009/02/03 18:30:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid

< %appdata%\*.* >


< MD5 for: AGP440.SYS >
[2008/01/20 20:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/20 20:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/20 20:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 01:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2008/01/20 20:46:53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_55e51d682c89f490\disk.sys
[2009/04/11 01:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_57d0967429abbfdc\disk.sys

< MD5 for: EVENTLOG.DLL >
[2007/01/12 20:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll

< MD5 for: IASTOR.SYS >
[2008/07/20 15:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/07/20 15:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 20:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008/01/20 20:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 00:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 01:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2008/01/20 20:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/20 20:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 00:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 01:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/01/20 20:47:25 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=586D9876A4945779C8EEA926C0D16889 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_a4a4ea3a50308c79\USBSTOR.SYS
[2009/04/10 23:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_a69063464d5257c5\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:E6D148BC
< End of report >

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Sun 11 Apr - 20:59

And here is the Extras.Txt

OTL Extras logfile created on: 11/04/2010 3:41:19 AM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Azure Kokoro\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 53.56 Gb Free Space | 37.18% Space Free | Partition Type: NTFS
Drive D: | 135.50 Gb Total Space | 86.86 Gb Free Space | 64.10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHION
Current User Name: Azure Kokoro
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E7B61F8-09D4-4DBB-A6AE-0319808F2967}" = lport=54715 | protocol=6 | dir=in | name=akamai netsession interface |
"{4C258C29-948D-4098-97AC-3EEBC9363CCB}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{7352FCAB-6341-472F-BF18-CEB3904AAB65}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{AB3918E1-CD1F-4546-B1D2-947DFB29E7F8}" = lport=52152 | protocol=6 | dir=in | name=akamai netsession interface |
"{BEDCFB9E-FA39-4657-BBAF-D41854BF5ACF}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{C2D0835F-6D2B-4B3B-8E01-8E66425DF152}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{CC40565F-5773-44E7-8D94-A9CF472476FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D0EE54-EA62-40AF-A857-63075981B696}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{04408A7C-B338-4644-B85A-CF849DAF9B4A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{0510F3D7-CF0E-4C6D-839B-2D60C59DE8F9}" = protocol=6 | dir=in | app=d:\program files (x86)\turbine download manager\turbinenetworkservice.exe |
"{09E9BC84-A924-47E5-817F-F90FDA5A18A5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{0FEDD9CA-3DAB-43B7-8E29-6151BA605916}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{18CAFE0F-EE7D-4BD6-88D5-89C476F02021}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{1A352884-4AA6-44ED-BD90-73DBF696A964}" = protocol=6 | dir=in | app=d:\aom\nwupdate.exe |
"{20C0518A-64E0-4EBE-9CF1-D708B5205B99}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2E8C8E89-0E4C-41E8-9E56-957F7C7048C8}" = protocol=6 | dir=in | app=d:\aom\nwn2main.exe |
"{31CB8A09-F0CA-440E-AB57-7A31134C9AC1}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{37885A9E-AB44-4821-8CD9-884AA17B3826}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{383E0DA8-2CDC-488D-B2D0-698959A6D387}" = protocol=17 | dir=in | app=d:\limewire\limewire.exe |
"{3EAF7631-4013-40CB-B479-D9D268A13D1F}" = protocol=6 | dir=in | app=d:\aom\nwn2server.exe |
"{41485F55-7903-4E4A-A55E-56B6F718F8A1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{465F97B9-381D-428F-85CC-1B918F6BD280}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{4B966317-C042-407C-91E9-BDBE03E529B6}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4BDBFE2E-EC1C-422C-AB78-D2D430EBCDD9}" = protocol=17 | dir=in | app=d:\aom\nwupdate.exe |
"{4F112CF3-CCA4-44E7-AECD-29B5E558F895}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{5012065A-73CC-4D76-B237-8A615D681E5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{519ED267-154B-4D1D-9974-23CEDE503687}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{55C02288-E5DD-40CC-A2A4-A626C90DE3CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{579F330A-D177-4D90-B6F6-5B4753C1A3F5}" = protocol=17 | dir=in | app=d:\aom\nwn2main_amdxp.exe |
"{5927F9C7-7A80-472D-8423-27E9ED82C591}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{60220AB1-79D7-4F50-BDED-64278229E369}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8211F910-083E-4757-BD64-71685DAB098E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{83FD74BE-DCC9-404D-AD77-9578EF630C41}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{897B3854-2B88-4BBA-A29F-AC2CF76F3ADE}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{8A6AE81E-5F63-4562-BA38-A567DB43F54F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{8E28EB55-CD84-44E9-86DF-4DFD7B01801E}" = protocol=6 | dir=in | app=d:\limewire\limewire.exe |
"{90BA7948-B36B-4564-9C74-63A2FF821D7A}" = protocol=17 | dir=in | app=d:\program files (x86)\turbine download manager\turbinenetworkservice.exe |
"{9870C051-9313-43DF-B0C7-0C206DC8E058}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{9C77DDFC-1A58-4168-A3B7-A7A2EB064F6B}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A38C1928-E757-4407-85F2-4BFA36AFC8AD}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{A5D0BA2E-4A44-46B7-B5DA-F7CB39BDDBB3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A80886FC-D813-4FC9-906F-58DFB5F164BF}" = protocol=17 | dir=in | app=d:\program files (x86)\turbine download manager\turbinemessageservice.exe |
"{AE09BB63-B6DD-4E81-83AC-FE21C62E770E}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AF0094AD-A731-4E8B-A410-618EE64E7C3A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{B565DC88-DE5D-48C2-9B7C-7A12B5EDCA67}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{C1AB22A5-1215-4B8A-9361-671E0C734027}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{C48533BC-2F8B-4664-8FB9-C31CE4C60575}" = protocol=17 | dir=in | app=d:\itunes.exe |
"{D04C9C22-AF8D-48D2-9110-DE4CD63D2D7F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D7885D2A-5010-422A-8E5C-48D27682AF88}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DE4DF40C-4932-4280-BF19-9656708DDC29}" = protocol=17 | dir=in | app=d:\aom\nwn2server.exe |
"{DE720BCE-E8CF-44D0-9F05-851F2BEE06A7}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E6B582E2-39E3-43F7-8DB5-58CB2A934C90}" = protocol=6 | dir=in | app=d:\program files (x86)\turbine download manager\turbinemessageservice.exe |
"{E82B1B4B-93D9-4C04-AFFD-FC2BAFBAC394}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{E9449D33-E2E5-4CFF-B07B-BDDA1BE6A65C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{EF7E96EE-233F-4824-8CCC-CDADF735C5AD}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F673AC99-F13A-46FD-9531-5E60ACD75640}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F708A50B-0784-4E79-92D6-51C7888EBD8A}" = protocol=17 | dir=in | app=d:\aom\nwn2main.exe |
"{F7ECF950-A11D-482B-B6EE-2C5C130EC792}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{F9A07C92-BEC7-414B-9732-29808F19E9C1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FB16D743-47AE-4981-9A67-5E47D7E530AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{FE6E9804-D60F-470C-9207-7D10EE1E3837}" = protocol=6 | dir=in | app=d:\aom\nwn2main_amdxp.exe |
"{FFEE60A7-FEDA-4397-A85D-2793800919B2}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"TCP Query User{E5745620-A491-4A2E-8859-CB34E870E470}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{14530CE2-996C-4B7F-87E1-760F18845AA5}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000
"{04C43AE1-5B72-487F-AC6C-6BC1AA19FE03}" = Microsoft IntelliPoint 6.2
"{240FCE0B-F553-4ab3-9C7B-3CD082FCA117}" = NetDeviceManager64
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{39107B20-EA1C-4974-881C-607300BB3C99}" = MobileMe Control Panel
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}" = HP Officejet All-In-One Series
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B812FCC0-6192-4BFA-A9C6-1E8578F255DA}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1147FF9A-D576-4cb5-B5E7-FCA21D1E7D26}" = J4680
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CCE5EDE-2C4C-4E09-9BF8-6FC0625A2441}" = FwcamptoWga
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3825B383-7880-48C8-AADD-49B0D764B151}" = 4660_4680_Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4C94F105-81D0-4AFC-8F0A-38949DC07F65}" = SYSTRAN
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{50802F8E-03B4-479D-A643-16DE5A3586CB}" = BPDSoftware_Ini
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}" = ATLAS Translation Standard V14.0 Trial Version
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = ザ・シムズ3 ハイエンドロフト パック
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims・3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe Extendscript Toolkit 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CCF22908-ECD2-4068-84F1-BA02DA1EC72D}" = GoGear Spark Device Manager
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3737952-FF6E-4E72-BDEE-B0DC1C69F80B}" = BPD_HPSU
"{D41922D2-8272-48EE-B863-BE7EFF34A362}" = Desperate Housewives
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE44390C-2F97-4FC3-9ED8-3AEE3B7525C1}" = GoGear Spark Device Manager
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4851D03-553C-4ACE-ADBD-CA6BE8451072}" = Singles2
"{F4EAEBEA-3E46-43b8-A63C-AD180AE86918}" = BPDSoftware
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"8461-7759-5462-8226" = Vuze
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection

AAV 6.0.00.15
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"Fate/stay night English" = Fate/stay night English v2.0
"Finale Reader" = Finale Reader 2010
"Foxit Reader" = Foxit Reader
"Free Window Registry Repair" = Free Window Registry Repair
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{4C94F105-81D0-4AFC-8F0A-38949DC07F65}" = SYSTRAN
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LimeWire" = LimeWire 5.5.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MSC" = McAfee SecurityCenter
"RegTweaker_is1" = RegTweaker version 3.1.1
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3d
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C15B6BE6-7E3C-40BE-A36C-86B46D2A874F}" = Starry☆Sky~in Autumn~
"{F552CAC7-083C-4370-87B1-78677A764EE6}" = Starry☆Sky~in Spring~

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Mon 12 Apr - 4:08

Please download the newest version of Java from [You must be registered and logged in to see this link.].

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

======================

Firefox is out of date. Firefox is a very popular web browser, and if it is out of date, it is very vulnerable to security bugs, and other holes. To update it now, click Help > Check for Updates.

=======================

I see you are running P2P applications, LimeWire and Vuze. I suggest to read the following, and then decided whether you want to keep it or not: [You must be registered and logged in to see this link.]

========================

Please run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    :otl
    O4 - HKCU..\Run: [oabohurr] C:\Users\Azure Kokoro\AppData\Local\vsdppykkd\lbcwxvutssd.exe ()
    [2010/04/09 14:53:26 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Local\vsdppykkd
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:E6D148BC

    :files
    C:\Windows\tasks\At*.job

    :commands
    [emptytemp]
    [reboot]


  • Then click the Run Fix button at the top.
  • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, this is normal.
  • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
    Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Mon 12 Apr - 13:17

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\oabohurr deleted successfully.
C:\Users\Azure Kokoro\AppData\Local\vsdppykkd\lbcwxvutssd.exe moved successfully.
C:\Users\Azure Kokoro\AppData\Local\vsdppykkd folder moved successfully.
ADS C:\ProgramData\Temp:E6D148BC deleted successfully.
========== FILES ==========
C:\Windows\tasks\At1.job moved successfully.
C:\Windows\tasks\At2.job moved successfully.
C:\Windows\tasks\At3.job moved successfully.
C:\Windows\tasks\At4.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Azure Kokoro
->Temp folder emptied: 20585013 bytes
->Temporary Internet Files folder emptied: 120350988 bytes
->Java cache emptied: 83697276 bytes
->FireFox cache emptied: 64683874 bytes
->Apple Safari cache emptied: 120085 bytes
->Flash cache emptied: 799577 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115249624 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6537079622 bytes

Total Files Cleaned = 6,621.00 mb


OTL by OldTimer - Version 3.2.1.1 log created on 04112010_165838

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\mcmsc_dcgm9wIq5PGyQSP not found!
File\Folder C:\Windows\temp\mcmsc_GFydnbSLWRoGxX3 not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCAA98CG\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JA2IAH36\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IPS6DR6O\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8FV90NII\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Mon 12 Apr - 14:29

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Tue 13 Apr - 7:16

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=f721f470077f0e4bb8e9f3bbdf4685dd
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-04-12 01:24:11
# local_time=2010-04-12 07:24:11 (-0700, Mountain Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 6622269 6622269 0 0
# compatibility_mode=5121 16776574 100 82 434410 23900117 0 0
# compatibility_mode=5892 16776573 100 56 6271479 107662099 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=187469
# found=1
# cleaned=1
# scan_time=15260
C:\_OTL\MovedFiles\04112010_165838\C_Users\Azure Kokoro\AppData\Local\vsdppykkd\lbcwxvutssd.exe a variant of Win32/Kryptik.DOW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Tue 13 Apr - 12:54

Please open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Tue 13 Apr - 15:18

Malwarebytes' Anti-Malware 1.45
[You must be registered and logged in to see this link.]

Database version: 3983

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

12/04/2010 10:16:56 PM
mbam-log-2010-04-12 (22-16-56).txt

Scan type: Quick scan
Objects scanned: 108645
Time elapsed: 17 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> No action taken.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Tue 13 Apr - 15:29

Please download Stealth MBR Rootkit Detector by GMER from [You must be registered and logged in to see this link.], and save to your Desktop.
  • Right-click on mbr.exe and click Run as Administrator to start the program.
  • When done scanning, it will save a log on the Desktop called mbr.log.
  • Please post the contents of that log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Tue 13 Apr - 17:40

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: error reading MBR

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Tue 13 Apr - 18:15

Did you right click on it and click Run as Administrator?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Wed 14 Apr - 8:24

Yes, and the "User account control" pops up and asks for permission to use the program. I click on "allow" and a black box opens for two seconds then closes and a text document is placed on my desktop, but that's all it says.

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Wed 14 Apr - 14:53

Hi

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Thu 15 Apr - 16:11

OTL logfile created on: 14/04/2010 8:15:43 PM - Run 2
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Azure Kokoro\Desktop
64bit-Windows Vista Unlicensed product Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 52.81 Gb Free Space | 36.66% Space Free | Partition Type: NTFS
Drive D: | 135.50 Gb Total Space | 82.68 Gb Free Space | 61.02% Space Free | Partition Type: NTFS
Drive E: | 4.06 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHION
Current User Name: Azure Kokoro
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/12 23:22:50 | 002,919,608 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/07/07 17:45:22 | 000,436,752 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\McAfee\MSC\McUICnt.exe
PRC - [2009/05/07 23:30:22 | 000,192,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSM\McSmtFwk.exe
PRC - [2009/02/02 16:53:45 | 003,833,640 | ---- | M] () -- C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe
PRC - [2009/02/02 16:53:41 | 003,485,696 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files (x86)\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009/02/02 16:53:32 | 003,520,512 | ---- | M] () -- C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe
PRC - [2009/02/02 16:53:24 | 003,719,680 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2009/02/02 16:50:54 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/07/29 15:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/07/29 15:52:56 | 000,454,704 | ---- | M] (Egis inc.) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
PRC - [2008/07/24 16:54:18 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008/07/24 16:54:10 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008/07/20 15:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 15:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/30 18:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2008/06/16 03:58:38 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2008/04/25 19:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 19:36:20 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PRC - [2008/04/25 19:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/03 11:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/20 20:49:12 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/01/16 19:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/01/10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe


========== Modules (SafeList) ==========

MOD - [2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
MOD - [2009/12/08 14:12:24 | 000,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2008/01/20 20:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008/01/20 20:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/16 11:23:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/16 10:15:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2008/06/02 07:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/05/26 06:44:02 | 000,719,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2008/04/30 18:20:42 | 001,371,136 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 17:42:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/10 21:11:30 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2006/11/02 05:16:35 | 000,051,200 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV - [2010/04/08 07:26:50 | 002,504,280 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3653.dll -- (Akamai)
SRV - [2010/03/10 12:21:58 | 000,822,048 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0225891271079451mcinst.exe -- (0225891271079451mcinstcleanup) McAfee Application Installer Cleanup (0225891271079451)
SRV - [2009/12/08 15:25:28 | 000,110,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/02/06 03:25:46 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/02 16:53:32 | 003,520,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/07/29 15:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/27 12:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/07/20 15:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/05/26 06:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2008/04/25 19:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 19:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/03 11:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/01/10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007/12/06 14:16:16 | 000,132,096 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/14 21:15:16 | 000,963,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2006/11/02 07:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 00:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 00:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/11/28 19:01:42 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/11/28 19:01:42 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/09/16 10:22:40 | 000,308,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 10:22:40 | 000,102,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 10:22:40 | 000,049,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 10:15:38 | 000,040,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/16 12:32:26 | 000,176,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/10 03:45:52 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/02/02 16:53:29 | 000,054,704 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\AlfaFF.sys -- (AlfaFF)
DRV:64bit: - [2008/07/29 15:53:50 | 000,060,976 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008/07/29 15:53:50 | 000,021,040 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008/07/29 15:53:48 | 000,022,064 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008/07/20 15:44:54 | 000,402,456 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/25 11:35:06 | 000,056,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/05/26 06:44:14 | 000,049,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vfs101a.sys -- (vfs101a)
DRV:64bit: - [2008/05/19 10:23:00 | 000,056,320 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E)
DRV:64bit: - [2008/05/07 04:48:10 | 000,126,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/04/28 20:10:55 | 000,276,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BthPort)
DRV:64bit: - [2008/04/28 20:10:51 | 000,034,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/04/27 16:38:12 | 004,730,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/04/04 03:27:00 | 000,321,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/02/29 00:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/30 18:48:32 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 18:48:16 | 000,016,384 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/01/20 20:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 20:47:27 | 000,168,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/20 20:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 20:47:03 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 20:47:02 | 000,115,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 20:46:57 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/20 20:46:52 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 20:46:51 | 000,017,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/12/18 18:57:12 | 000,059,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2007/08/21 02:43:26 | 000,027,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64)
DRV:64bit: - [2007/03/29 13:47:30 | 000,088,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/02/27 00:20:46 | 000,096,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/02/27 00:20:42 | 000,020,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2006/11/01 23:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2009/02/02 16:59:16 | 000,000,000 | ---D | M] [Kernel | On_Demand | Running] -- C:\Windows\ITECIR -- (itecir)
DRV - [2009/02/02 16:53:28 | 000,016,384 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\SysWOW64\AlfaFF.dll -- (AlfaFF)
DRV - [2008/08/21 17:45:59 | 000,000,000 | ---D | M] [Kernel | Disabled | Stopped] -- C:\Windows\PARPORT -- (Parport)
DRV - [2007/12/13 01:07:34 | 000,003,481 | ---- | M] () [File_System | Boot | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDFilter.inf -- (PSDFilter)
DRV - [2007/12/13 01:07:34 | 000,003,460 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDNserv.inf -- (PSDNServ)
DRV - [2007/12/13 01:07:34 | 000,003,459 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\PSDVDisk.inf -- (psdvdisk)
DRV - [2007/01/02 02:43:34 | 000,015,656 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2006/11/02 07:27:12 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 07:01:26 | 000,025,872 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
DRV - [2006/09/18 15:36:40 | 000,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 15:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.5.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/02/23 00:54:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 23:05:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/11 16:33:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/11 16:33:12 | 000,000,000 | ---D | M]

[2009/03/05 18:58:40 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Extensions
[2009/03/05 18:58:40 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/12 00:34:07 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions
[2009/09/03 10:34:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/02 17:11:02 | 000,000,000 | ---D | M] (Foxkeh Theme) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{57407AE0-868F-11DC-AD21-49A755D89593}
[2010/01/13 23:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/13 23:42:07 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\foxmarks@kei.com
[2010/02/20 17:50:13 | 000,000,000 | ---D | M] -- C:\Users\Azure Kokoro\AppData\Roaming\Mozilla\Firefox\Profiles\eiiyjusz.default\extensions\personas@christopher.beard
[2010/04/11 16:55:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/01 13:37:45 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/10/12 23:22:49 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - D:\Program Files (x86)\atlas\ATLIECP.DLL (FUJITSU LIMITED)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: &Translate with ATLAS - D:\Program Files (x86)\atlas\atlscript.html ()
O8:64bit: - Extra context menu item: ATLAS Translation &Editor - D:\Program Files (x86)\atlas\AtlscriptEdit.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: SYSTRAN Lookup - D:\Program Files (x86)\atlas\GUIres.dll ()
O8:64bit: - Extra context menu item: SYSTRAN Translate - D:\Program Files (x86)\atlas\GUIres.dll ()
O8 - Extra context menu item: &Translate with ATLAS - D:\Program Files (x86)\atlas\atlscript.html ()
O8 - Extra context menu item: ATLAS Translation &Editor - D:\Program Files (x86)\atlas\AtlscriptEdit.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: SYSTRAN Lookup - D:\Program Files (x86)\atlas\GUIres.dll ()
O8 - Extra context menu item: SYSTRAN Translate - D:\Program Files (x86)\atlas\GUIres.dll ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - D:\Program Files (x86)\atlas\atlscript.html ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Web Printing を表示または非表示 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.184.13 64.59.184.15 64.59.190.242
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O22 - SharedTaskScheduler: {3209672D-C736-43AC-AC39-A5CCC21946A5} - FwcamptoWga - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Users\Azure Kokoro\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Azure Kokoro\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\abc\command - "" = G:\Instal~1\Start.exe -- File not found
O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\AutoRun\command - "" = G:\Instal~1\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008/01/20 21:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll ()
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll ()
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 21:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Thu 15 Apr - 16:12

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32:64bit: aux1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll ()
Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm ()
Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm ()
Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm ()
Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm ()
Drivers32:64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll ()
Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll ()
Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll ()
Drivers32:64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.XFR1 - C:\Windows\SysNative\xfcodec64.dll ()
Drivers32:64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll ()
Drivers32:64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010/04/12 02:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/04/11 16:58:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/11 16:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/04/11 16:46:48 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/04/11 16:46:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/04/11 16:46:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/04/11 16:38:25 | 016,525,088 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Azure Kokoro\Desktop\jre-6u19-windows-i586-s.exe
[2010/04/11 16:35:27 | 000,921,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Azure Kokoro\Desktop\jre-6u19-windows-i586-iftw-rv.exe
[2010/04/11 03:40:29 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
[2010/04/10 15:45:01 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/04/09 18:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/04/09 18:33:07 | 003,376,656 | ---- | C] (Piriform Ltd) -- C:\Users\Azure Kokoro\Desktop\ccsetup230.exe
[2010/04/09 18:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Window Registry Repair
[2010/04/09 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegTweaker
[2010/04/09 18:15:17 | 002,161,761 | ---- | C] ( ) -- C:\Users\Azure Kokoro\Desktop\regtweaker.exe
[2010/04/07 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Desperate Housewives
[2010/04/07 11:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buena Vista Games
[2010/04/07 11:51:40 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\Desktop\Torrents
[2010/04/04 22:09:05 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Foxit Software
[2010/04/01 22:34:58 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\Settlement. Colossus
[2010/03/29 21:10:47 | 000,000,000 | ---D | C] -- C:\Users\Azure Kokoro\AppData\Roaming\HPAppData
[2010/03/15 23:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\DISCIPLINE
[2008/07/22 02:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2010/04/14 20:20:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/14 20:15:38 | 002,883,584 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT
[2010/04/14 19:46:04 | 000,037,605 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/04/13 23:20:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/13 00:38:36 | 000,077,312 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\mbr.exe
[2010/04/12 22:38:39 | 000,083,968 | ---- | M] () -- C:\Users\Azure Kokoro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/12 22:26:48 | 000,704,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/12 22:26:48 | 000,595,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/12 22:26:48 | 000,105,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/12 22:23:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/12 21:33:04 | 000,086,108 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/04/12 17:40:02 | 000,086,108 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/04/12 03:04:40 | 002,672,312 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\esetsmartinstaller_enu.exe
[2010/04/11 20:10:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/04/11 20:07:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/11 20:07:18 | 4291,784,704 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/11 20:06:41 | 000,524,288 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/04/11 20:06:41 | 000,065,536 | -HS- | M] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TM.blf
[2010/04/11 16:48:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/04/11 16:46:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/04/11 16:46:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/04/11 16:46:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/04/11 16:46:11 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010/04/11 16:38:28 | 016,525,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Azure Kokoro\Desktop\jre-6u19-windows-i586-s.exe
[2010/04/11 16:35:27 | 000,921,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Azure Kokoro\Desktop\jre-6u19-windows-i586-iftw-rv.exe
[2010/04/11 03:40:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Azure Kokoro\Desktop\OTL.exe
[2010/04/09 18:57:23 | 000,363,520 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\rkill.com
[2010/04/09 18:34:47 | 000,112,534 | ---- | M] () -- C:\Users\Azure Kokoro\Documents\cc_20100409_183415.reg
[2010/04/09 18:33:40 | 000,001,728 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\CCleaner.lnk
[2010/04/09 18:33:07 | 003,376,656 | ---- | M] (Piriform Ltd) -- C:\Users\Azure Kokoro\Desktop\ccsetup230.exe
[2010/04/09 18:27:07 | 000,000,874 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\Free Window Registry Repair.lnk
[2010/04/09 18:26:42 | 000,798,000 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\RegpairSetup.exe
[2010/04/09 18:15:31 | 000,000,874 | ---- | M] () -- C:\Users\Public\Desktop\RegTweaker.lnk
[2010/04/09 18:15:18 | 002,161,761 | ---- | M] ( ) -- C:\Users\Azure Kokoro\Desktop\regtweaker.exe
[2010/04/07 12:07:03 | 000,001,140 | ---- | M] () -- C:\Windows\disney.ini
[2010/04/07 12:06:57 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\Unlocked Coupons.lnk
[2010/04/07 11:56:50 | 000,000,186 | ---- | M] () -- C:\Windows\disneysy.ini
[2010/04/07 11:51:52 | 000,000,391 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\Torrents - Shortcut.lnk
[2010/04/06 02:10:41 | 000,000,580 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\LimeWire 5.5.8.lnk
[2010/04/01 01:16:21 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010/03/30 20:48:15 | 002,250,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/03/30 20:02:52 | 000,081,232 | ---- | M] () -- C:\Users\Azure Kokoro\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/18 23:09:32 | 000,023,237 | ---- | M] () -- C:\Windows\hpqins15.dat
[2010/03/15 23:47:40 | 000,000,810 | ---- | M] () -- C:\Users\Azure Kokoro\Desktop\DISCIPLINE.LNK

========== Files Created - No Company Name ==========

[2010/04/13 00:38:35 | 000,077,312 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\mbr.exe
[2010/04/12 22:17:21 | 000,001,019 | ---- | C] () -- C:\Users\Azure Kokoro\mbam-log-2010-04-12 (22-16-56).txt
[2010/04/12 02:58:14 | 002,672,312 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\esetsmartinstaller_enu.exe
[2010/04/11 20:07:18 | 4291,784,704 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/09 18:57:23 | 000,363,520 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\rkill.com
[2010/04/09 18:34:23 | 000,112,534 | ---- | C] () -- C:\Users\Azure Kokoro\Documents\cc_20100409_183415.reg
[2010/04/09 18:33:40 | 000,001,728 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\CCleaner.lnk
[2010/04/09 18:27:07 | 000,000,874 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\Free Window Registry Repair.lnk
[2010/04/09 18:26:42 | 000,798,000 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\RegpairSetup.exe
[2010/04/09 18:15:31 | 000,000,874 | ---- | C] () -- C:\Users\Public\Desktop\RegTweaker.lnk
[2010/04/08 07:28:11 | 000,329,262 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI188D.txt
[2010/04/08 07:28:10 | 000,034,414 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI188D.txt
[2010/04/07 12:06:57 | 000,001,798 | ---- | C] () -- C:\Users\Public\Desktop\Unlocked Coupons.lnk
[2010/04/07 11:57:21 | 000,001,140 | ---- | C] () -- C:\Windows\disney.ini
[2010/04/07 11:56:50 | 000,000,186 | ---- | C] () -- C:\Windows\disneysy.ini
[2010/04/07 11:51:20 | 000,000,391 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\Torrents - Shortcut.lnk
[2010/04/06 02:10:41 | 000,000,580 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\LimeWire 5.5.8.lnk
[2010/03/18 23:04:20 | 000,023,237 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/03/15 23:47:40 | 000,000,810 | ---- | C] () -- C:\Users\Azure Kokoro\Desktop\DISCIPLINE.LNK
[2010/03/05 01:27:14 | 000,330,776 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI23B7.txt
[2010/03/05 01:27:09 | 000,262,674 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI23B7.txt
[2010/03/01 14:23:00 | 000,329,844 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI3CDB.txt
[2010/03/01 14:22:49 | 000,255,658 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI3CDB.txt
[2010/02/22 17:14:35 | 000,420,040 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistMSI1D5E.txt
[2010/02/22 17:14:33 | 000,015,262 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_vcredistUI1D5E.txt
[2010/01/28 14:04:34 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000002.regtrans-ms
[2010/01/28 14:04:34 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/01/28 14:04:34 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2dfb1da3-09f1-11df-ac64-00a0d1ad1bf0}.TM.blf
[2010/01/25 14:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TMContainer00000000000000000002.regtrans-ms
[2010/01/25 14:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TMContainer00000000000000000001.regtrans-ms
[2010/01/25 14:36:49 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{2aed771f-0916-11df-b21b-00a0d1ad1bf0}.TM.blf
[2010/01/13 23:46:40 | 000,878,080 | ---- | C] () -- C:\Windows\SysWow64\iconv.dll
[2010/01/13 23:46:40 | 000,721,920 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll
[2010/01/13 23:46:40 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\libxslt.dll
[2010/01/13 23:46:40 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\libexslt.dll
[2010/01/05 22:14:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/04 00:07:13 | 000,000,000 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2009/10/12 22:21:42 | 000,000,100 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\fusioncache.dat
[2009/10/12 21:56:11 | 000,713,218 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/21 04:02:54 | 000,004,096 | -H-- | C] () -- C:\Users\Azure Kokoro\AppData\Local\keyfile3.drm
[2009/05/29 22:42:20 | 000,309,248 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2009/05/04 21:11:20 | 000,003,476 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/04/21 14:38:06 | 000,200,001 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009/04/21 14:38:01 | 000,313,102 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_dotnetfx35install.txt
[2009/04/21 14:38:01 | 000,124,256 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\uxeventlog.txt
[2009/04/21 14:38:01 | 000,000,002 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\dd_dotnetfx35error.txt
[2009/03/11 19:01:28 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\DirectCOM.dll
[2009/03/08 02:35:40 | 000,000,680 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\d3d9caps.dat
[2009/02/10 03:57:02 | 000,000,426 | ---- | C] () -- C:\Windows\wininit.ini
[2009/02/03 18:30:16 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/02/03 18:30:16 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/02/03 03:20:52 | 000,083,968 | ---- | C] () -- C:\Users\Azure Kokoro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/02 17:21:27 | 000,086,108 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/02/02 17:19:38 | 000,086,108 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/02/02 17:09:44 | 000,004,350 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009/02/02 16:57:57 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/02/02 16:57:57 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/02/02 16:53:54 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\VMC3KAPI.dll
[2009/02/02 16:50:16 | 002,883,584 | -HS- | C] () -- C:\Users\Azure Kokoro\ntuser.dat_previous
[2009/02/02 16:50:16 | 002,883,584 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT
[2009/02/02 16:50:16 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2009/02/02 16:50:16 | 000,524,288 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2009/02/02 16:50:16 | 000,262,144 | -H-- | C] () -- C:\Users\Azure Kokoro\ntuser.dat.LOG1
[2009/02/02 16:50:16 | 000,065,536 | -HS- | C] () -- C:\Users\Azure Kokoro\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009/02/02 16:50:16 | 000,000,020 | -HS- | C] () -- C:\Users\Azure Kokoro\ntuser.ini
[2009/02/02 16:50:16 | 000,000,000 | -H-- | C] () -- C:\Users\Azure Kokoro\ntuser.dat.LOG2
[2008/11/06 10:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 10:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/11/06 10:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
[2008/11/06 10:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/08/21 15:05:52 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2008/08/21 15:05:52 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008/08/21 14:32:02 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 20:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/11/14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CogentBioSDK.dll
[2007/01/02 02:43:34 | 000,015,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\int15_64.sys
[2001/12/26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001/09/03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001/07/30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001/07/23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/09/10 11:33:02 | 010,624,000 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2008/01/20 20:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/08/21 17:46:30 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/04/11 20:07:18 | 4291,784,704 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/06 20:13:41 | 000,359,256 | ---- | M] (Hewlett-Packard) -- C:\hpzids40.dll
[2010/04/09 19:46:53 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2009/02/02 17:09:09 | 000,000,020 | ---- | M] () -- C:\Medion.ini
[2010/04/11 20:07:16 | 310,411,263 | -HS- | M] () -- C:\pagefile.sys
[2009/02/02 17:02:41 | 000,000,060 | ---- | M] () -- C:\Partition.txt
[2008/08/21 14:32:15 | 000,000,524 | ---- | M] () -- C:\RHDSetup.log
[2010/04/09 18:57:30 | 000,000,398 | ---- | M] () -- C:\rkill.log

< %PROGRAMFILES%\*. >
[2009/02/02 17:17:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2009/02/02 17:16:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2009/08/08 20:34:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer GameZone
[2009/02/02 17:18:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Inc
[2008/08/21 15:12:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2010/03/01 14:11:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/01/02 17:49:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alawar
[2009/03/05 19:52:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/01/25 14:34:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\asgard
[2009/03/12 13:53:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/04/07 11:58:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Buena Vista Games
[2010/04/09 18:33:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2008/08/21 14:34:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2009/04/07 14:13:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010/04/11 16:47:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2008/08/21 15:17:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2009/02/10 03:48:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/01/02 01:28:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2009/06/02 12:52:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2010/04/12 02:58:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
[2008/08/21 15:17:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eSobi
[2010/01/03 00:41:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Essentials Codec Pack
[2009/02/10 04:12:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fate-stay night English
[2010/03/01 14:23:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Finale Reader
[2010/03/03 17:08:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Firaxis Games
[2010/03/01 13:38:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Foxit Software
[2009/09/17 09:34:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2010/04/09 18:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Window Registry Repair
[2010/02/15 20:51:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2009/05/04 21:17:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2010/04/07 11:57:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2008/08/21 14:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2009/12/09 04:38:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2009/09/23 11:32:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iPhone Configuration Utility
[2010/02/11 23:44:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010/04/11 16:20:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/02/28 19:02:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kalypso
[2009/02/02 16:58:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager
[2010/03/30 19:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Linksys
[2010/04/09 19:46:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/12 07:37:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2009/04/13 14:04:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee.com
[2009/06/11 00:08:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2008/08/21 15:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/01/03 20:57:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/11/04 04:06:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2009/06/02 12:52:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft WSE
[2008/08/21 15:09:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010/04/11 16:33:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2009/04/21 02:42:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECACHE
[2009/02/03 03:06:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2008/08/21 15:05:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
[2009/10/12 23:22:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/02/11 22:59:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Philips
[2010/02/11 23:26:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2008/08/21 14:31:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/04/09 18:15:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RegTweaker
[2010/02/11 23:16:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2010/01/24 12:38:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
[2009/08/20 18:18:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trymedia
[2009/11/24 10:03:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TuneUpMedia
[2006/11/02 09:36:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010/01/26 02:14:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Virtual City
[2010/03/01 15:28:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2010/02/22 14:12:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Will
[2008/01/20 21:09:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Calendar
[2008/01/20 21:09:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Collaboration
[2008/01/20 21:09:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2009/04/21 02:43:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Installer Clean Up
[2009/06/11 00:08:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2009/06/11 00:07:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/01/13 04:26:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2009/10/28 03:17:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2006/11/02 09:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2008/01/20 21:09:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Gallery
[2008/01/20 21:09:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2009/02/08 16:23:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2009/02/03 18:30:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid

< %appdata%\*.* >


< MD5 for: AGP440.SYS >
[2008/01/20 20:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/20 20:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/20 20:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 01:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2008/01/20 20:46:53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_55e51d682c89f490\disk.sys
[2009/04/11 01:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_57d0967429abbfdc\disk.sys

< MD5 for: EVENTLOG.DLL >
[2007/01/12 20:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll

< MD5 for: IASTOR.SYS >
[2008/07/20 15:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/07/20 15:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 20:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008/01/20 20:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 00:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 01:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008/01/20 20:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2008/01/20 20:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008/01/20 20:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/20 20:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 00:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 01:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/01/20 20:47:25 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=586D9876A4945779C8EEA926C0D16889 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_a4a4ea3a50308c79\USBSTOR.SYS
[2009/04/10 23:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_a69063464d5257c5\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Fri 16 Apr - 10:08

Please run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    :otl
    O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\abc\command - "" = G:\Instal~1\Start.exe -- File not found
    O33 - MountPoints2\{14ac640f-1535-11df-bcec-00a0d1ad1bf0}\Shell\AutoRun\command - "" = G:\Instal~1\Start.exe -- File not found

    :commands
    [emptytemp]
    [reboot]


  • Then click the Run Fix button at the top.
  • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, this is normal.
  • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
    Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)



===============

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Sat 17 Apr - 6:45

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=f721f470077f0e4bb8e9f3bbdf4685dd
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-04-16 12:47:36
# local_time=2010-04-16 06:47:36 (-0700, Mountain Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 6964583 6964583 0 0
# compatibility_mode=5121 16776574 100 82 776724 24242431 0 0
# compatibility_mode=5892 16776573 100 56 6613793 108004413 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=188439
# found=0
# cleaned=0
# scan_time=16351

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Sat 17 Apr - 7:27

To manually create a new Restore Point

  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive i.e. C
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete
You are now done

To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download [You must be registered and logged in to see this link.] to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Mon 19 Apr - 13:44

Results of screen317's Security Check version 0.99.3
Windows Vista (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
McAfee SecurityCenter
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 19
Adobe Flash Player 10
Adobe Reader 9.3
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
McAfee VIRUSS~1 mcshield.exe
McAfee VIRUSS~1 mcsysmon.exe
Windows Defender MSASCui.exe
````````````````````````````````
DNS Vulnerability Check:


``````````End of Log````````````

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Mon 19 Apr - 15:04

I recommend to use Windows Update to update to the following on your computer:

-Service packs 1 & 2
-Internet Explorer 8.

==========

See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Rhysenn on Tue 20 Apr - 19:55

No more questions.
And thanks so much for your help.

Rhysenn
Novice
Novice

Posts Posts : 17
Joined Joined : 2010-04-10
OS OS : windows vista 64
Points Points : 24576
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus Suite

Post by Dr Jay on Wed 21 Apr - 3:31

You're welcome. Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-07
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum