Win32.Palevo can't remove
Hi Ken,
See below results: 1. Run Fix with Code provided by you, 2. Run Scan OTL and 3. Run Scan Extras
FYI, I rebooted after the Run Fix. When it came back up and I logged on my laptop went -by itself- into Shutdown again and kept hanging. After 15 mins or so I took out the battery and started it up again and it came on normal - displaying the Run Fix log
1. Run Fix
All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\biem0nd\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\biem0nd\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: NetworkService
->Temp folder emptied: 16048 bytes
->Temporary Internet Files folder emptied: 17665573 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: biem0nd
->Temp folder emptied: 101796424 bytes
->Temporary Internet Files folder emptied: 22173359 bytes
->Java cache emptied: 39129980 bytes
->Apple Safari cache emptied: 99856384 bytes
->Flash cache emptied: 1887663 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 844219 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 230125491 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 490.00 mb
OTL by OldTimer - Version 3.2.27.0 log created on 09102011_194618
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFBFF3.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC00B.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC37B.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC399.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC6B3.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC6BF.tmp not found!
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\BSQG3962\LocalStorage[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\BSQG3962\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\adloader[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\EditMessageLight[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\showthread[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\HKOC376S\default[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\HKOC376S\AjaxHistoryFrame[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\Messenger[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\RteFrame_16.0.1823.0824[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\InboxLight[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\resourcespreload[1].htm moved successfully.
Registry entries deleted on Reboot...
2. Run Scan - OTL
OTL logfile created on: 9/10/2011 20:37:47 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\biem0nd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.30 Mb Total Physical Memory | 268.88 Mb Available Physical Memory | 26.28% Memory free
2.40 Gb Paging File | 1.74 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43.67 Gb Total Space | 11.24 Gb Free Space | 25.74% Space Free | Partition Type: FAT32
Drive D: | 28.97 Gb Total Space | 22.68 Gb Free Space | 78.28% Space Free | Partition Type: FAT32
Computer Name: BIEMOND | User Name: biem0nd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\biem0nd\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\HostsMan\hostssrv.exe (abelhadigital.com)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\ATK0100\HControl.exe ()
PRC - C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
PRC - C:\WINDOWS\ATK0100\ATKOSD.exe ()
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\1XConfig.exe (Intel)
PRC - C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Java\jre6\bin\jp2native.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll ()
MOD - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\WINDOWS\ATK0100\HControl.exe ()
MOD - C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
MOD - C:\WINDOWS\ATK0100\ATKOSD.exe ()
MOD - C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL ()
MOD - C:\Program Files\ASUS\Wireless Console\rescue.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\libeay32.dll ()
MOD - C:\WINDOWS\ATK0100\CMSSC.dll ()
MOD - C:\Program Files\SpywareGuard\sgmain.exe ()
MOD - C:\Program Files\SpywareGuard\sgbhp.exe ()
MOD - C:\Program Files\SpywareGuard\spywareguard.dll ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (DeviceManager) -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
SRV - (SPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (SbPF.Launcher) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (OwnershipProtocol) -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV - (MpKsl52232460) -- File not found
DRV - (MpKsl56793ba4) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C2D15DEC-FA2A-4D4A-9100-19CA50A9E411}\MpKsl56793ba4.sys (Microsoft Corporation)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (NEOFLTR_630_13881) Juniper Networks TDI Filter Driver (NEOFLTR_630_13881) -- C:\WINDOWS\system32\drivers\NEOFLTR_630_13881.sys (Juniper Networks)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (qcusbser) -- C:\WINDOWS\system32\drivers\qcusbser.sys (TCT International Mobile Ltd)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (R592) -- C:\WINDOWS\system32\DRIVERS\R592.sys (REDC)
DRV - (risdpntk) -- C:\WINDOWS\system32\DRIVERS\risdpntk.sys (REDC)
DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yukonwxp.sys (Marvell Semiconductor Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ncr
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2011/09/10 19:46:24 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [ALLUpdate] File not found
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [HostsServer] C:\Program Files\HostsMan\hostssrv.exe (abelhadigital.com)
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://sacorp.netapp.com/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupControlXP Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCA625BF-2320-4521-937A-AF6EBB5FE10B}: DhcpNameServer = 192.168.2.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\biem0nd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\biem0nd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/19 21:28:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\AutoRun\command - "" = H:\kaspersky/kaspersky32.exe
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\explore\command - "" = H:\.////////kaspersky/\\\\\kaspersky32.exe
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\open\command - "" = H:\kaspersky/////////kaspersky32.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/10 19:46:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/10 19:43:43 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\biem0nd\Desktop\OTL.exe
[2011/09/10 00:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EASEUS Partition Master 9.0.0 Home Edition
[2011/09/09 03:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/09/09 02:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/09/09 01:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/09/09 01:46:41 | 000,270,888 | R--- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
[2011/09/09 01:46:41 | 000,065,576 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
[2011/09/09 01:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sunbelt Software
[2011/09/09 01:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\HostsMan Backups
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\abelhadigital.com
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
[2011/09/09 01:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\HostsMan
[2011/09/09 01:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HostsMan
[2011/09/09 00:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareGuard
[2011/09/09 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2011/09/09 00:23:31 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/09/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/09/09 00:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/09/09 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/09/08 17:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/09/08 17:22:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/09/08 17:22:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/09/08 17:22:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/09/07 11:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\Malwarebytes
[2011/09/07 11:33:31 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 11:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 11:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 11:33:26 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 11:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/03 12:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/27 19:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2011/08/26 22:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011/08/21 22:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/08/21 19:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\ALLConverter
[2011/08/19 17:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\vlc
[2011/08/19 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/08/19 16:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\WinRAR
[2011/08/19 16:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/08/19 02:13:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\biem0nd\My Documents\My Videos
[2011/08/19 01:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/08/12 03:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2011/08/12 03:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\Xenocode
[2011/08/12 01:23:56 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[1 C:\Documents and Settings\biem0nd\*.tmp files -> C:\Documents and Settings\biem0nd\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/10 20:47:46 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011/09/10 20:24:18 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/10 20:19:34 | 000,037,106 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/10 20:18:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/10 20:18:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/10 20:18:36 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/10 19:43:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\biem0nd\Desktop\OTL.exe
[2011/09/09 22:17:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/09 19:29:34 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/09 03:06:52 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\Spybot - Search & Destroy.lnk
[2011/09/09 02:40:28 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/09/09 00:28:18 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/09/09 00:28:18 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareGuard.lnk
[2011/09/09 00:11:42 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareBlaster.lnk
[2011/09/08 17:29:40 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 22:02:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/07 11:33:32 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/03 12:17:38 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/25 18:25:08 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/21 22:16:38 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/21 19:24:00 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\biem0nd\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2011/08/12 03:10:32 | 000,436,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 03:10:32 | 000,068,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\biem0nd\*.tmp files -> C:\Documents and Settings\biem0nd\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/10 00:54:53 | 002,469,248 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011/09/10 00:54:53 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011/09/10 00:54:53 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011/09/10 00:54:53 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011/09/10 00:54:53 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011/09/09 03:06:50 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\Spybot - Search & Destroy.lnk
[2011/09/09 02:45:04 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/09 02:45:04 | 000,000,390 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011/09/09 02:40:26 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/09/09 02:39:52 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/09/09 00:28:17 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/09/09 00:28:17 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareGuard.lnk
[2011/09/09 00:22:43 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/09/09 00:11:41 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareBlaster.lnk
[2011/09/07 11:33:31 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 00:06:29 | 1073,074,176 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/21 19:23:58 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\biem0nd\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2011/03/18 13:55:13 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/01/16 18:26:57 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\Media Holder.xml
[2010/10/31 18:19:35 | 000,000,128 | -H-- | C] () -- C:\WINDOWS\€nlsPreferences.dat
[2010/05/31 23:15:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/25 23:17:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/26 19:22:53 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\keyfile3.drm
[2009/10/03 22:26:38 | 000,058,996 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2008/12/06 17:49:45 | 000,000,287 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/01 19:01:18 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/06 14:00:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/09/01 12:55:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2006/09/01 12:55:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2006/09/01 12:55:58 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2006/09/01 12:55:41 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2006/09/01 12:55:41 | 000,000,337 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2006/08/15 20:59:39 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/07/23 12:07:04 | 000,000,494 | ---- | C] () -- C:\Documents and Settings\biem0nd\Application Data\wklnhst.dat
[2006/07/19 21:42:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/19 21:32:03 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/19 21:31:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/07/19 21:26:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/19 21:20:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/19 21:20:13 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/07/19 16:58:56 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/07/19 16:57:28 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2005/09/23 07:27:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/09/23 07:27:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005/09/23 07:27:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/09/23 07:27:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005/09/23 07:27:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/09/23 07:27:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/09/23 07:27:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005/09/23 07:27:00 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/02/17 10:07:48 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004/08/19 10:07:40 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004/08/19 10:07:40 | 000,002,540 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/19 10:07:12 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 10:07:09 | 000,436,248 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 10:07:09 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 10:07:09 | 000,068,978 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 10:07:09 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 10:07:09 | 000,004,487 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 10:07:06 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 10:07:06 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 10:07:01 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 10:07:01 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 10:06:55 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 10:06:45 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
< End of report >
3. Rin Scan - Extras
OTL Extras logfile created on: 9/10/2011 20:37:47 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\biem0nd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.30 Mb Total Physical Memory | 268.88 Mb Available Physical Memory | 26.28% Memory free
2.40 Gb Paging File | 1.74 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43.67 Gb Total Space | 11.24 Gb Free Space | 25.74% Space Free | Partition Type: FAT32
Drive D: | 28.97 Gb Total Space | 22.68 Gb Free Space | 78.28% Space Free | Partition Type: FAT32
Computer Name: BIEMOND | User Name: biem0nd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{10F5387D-1728-423A-A578-B00982CF2646}" = Windows Live Messenger
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 27
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}" = Windows Live Call
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}" = Windows Live Essentials
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}" = HostsMan 3.2.73
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTDR_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.0.0 Home Edition
"ENTERPRISER" = Microsoft Office Enterprise 2007
"HControl" = ATK0100 ACPI UTILITY
"HSPA USB MODEM ALCATEL_is1" = HSPA USB MODEM
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PRJSTDR" = Microsoft Office Project Standard 2007
"ProInst" = Intel(R) PROSet/Wireless Software
"PROR" = Microsoft Office Professional 2007 Trial
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/8/2011 16:25:27 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 16:25:30 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752570
Description =
Error - 9/8/2011 16:25:30 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 16:25:31 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752570
Description =
Error - 9/8/2011 16:25:31 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 19:59:06 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.
Error - 9/8/2011 20:09:01 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.
Error - 9/8/2011 20:22:20 | Computer Name = BIEMOND | Source = Application Hang | ID = 1002
Description = Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 9/8/2011 20:40:02 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 9/10/2011 11:55:19 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The DeviceManager service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The NLS Service service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The OwnershipProtocol service terminated unexpectedly. It has done
this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The RegSrvc service terminated unexpectedly. It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The SbPF.Launcher service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:22 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:22 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
< End of report >
Hi Ken,
See below results: 1. Run Fix with Code provided by you, 2. Run Scan OTL and 3. Run Scan Extras
FYI, I rebooted after the Run Fix. When it came back up and I logged on my laptop went -by itself- into Shutdown again and kept hanging. After 15 mins or so I took out the battery and started it up again and it came on normal - displaying the Run Fix log
1. Run Fix
All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\biem0nd\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\biem0nd\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: NetworkService
->Temp folder emptied: 16048 bytes
->Temporary Internet Files folder emptied: 17665573 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: biem0nd
->Temp folder emptied: 101796424 bytes
->Temporary Internet Files folder emptied: 22173359 bytes
->Java cache emptied: 39129980 bytes
->Apple Safari cache emptied: 99856384 bytes
->Flash cache emptied: 1887663 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 844219 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 230125491 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 490.00 mb
OTL by OldTimer - Version 3.2.27.0 log created on 09102011_194618
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFBFF3.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC00B.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC37B.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC399.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC6B3.tmp not found!
File\Folder C:\Documents and Settings\biem0nd\Local Settings\Temp\~DFC6BF.tmp not found!
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\BSQG3962\LocalStorage[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\BSQG3962\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\adloader[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\EditMessageLight[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\A8PMXDBB\showthread[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\HKOC376S\default[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\HKOC376S\AjaxHistoryFrame[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\Messenger[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\RteFrame_16.0.1823.0824[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\InboxLight[1].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\biem0nd\Local Settings\Temporary Internet Files\Content.IE5\7G33OSE1\resourcespreload[1].htm moved successfully.
Registry entries deleted on Reboot...
2. Run Scan - OTL
OTL logfile created on: 9/10/2011 20:37:47 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\biem0nd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.30 Mb Total Physical Memory | 268.88 Mb Available Physical Memory | 26.28% Memory free
2.40 Gb Paging File | 1.74 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43.67 Gb Total Space | 11.24 Gb Free Space | 25.74% Space Free | Partition Type: FAT32
Drive D: | 28.97 Gb Total Space | 22.68 Gb Free Space | 78.28% Space Free | Partition Type: FAT32
Computer Name: BIEMOND | User Name: biem0nd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\biem0nd\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\HostsMan\hostssrv.exe (abelhadigital.com)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\ATK0100\HControl.exe ()
PRC - C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
PRC - C:\WINDOWS\ATK0100\ATKOSD.exe ()
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\1XConfig.exe (Intel)
PRC - C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Java\jre6\bin\jp2native.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll ()
MOD - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\WINDOWS\ATK0100\HControl.exe ()
MOD - C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
MOD - C:\WINDOWS\ATK0100\ATKOSD.exe ()
MOD - C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL ()
MOD - C:\Program Files\ASUS\Wireless Console\rescue.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\libeay32.dll ()
MOD - C:\WINDOWS\ATK0100\CMSSC.dll ()
MOD - C:\Program Files\SpywareGuard\sgmain.exe ()
MOD - C:\Program Files\SpywareGuard\sgbhp.exe ()
MOD - C:\Program Files\SpywareGuard\spywareguard.dll ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (DeviceManager) -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe ()
SRV - (SPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (SbPF.Launcher) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (OwnershipProtocol) -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV - (MpKsl52232460) -- File not found
DRV - (MpKsl56793ba4) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C2D15DEC-FA2A-4D4A-9100-19CA50A9E411}\MpKsl56793ba4.sys (Microsoft Corporation)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (NEOFLTR_630_13881) Juniper Networks TDI Filter Driver (NEOFLTR_630_13881) -- C:\WINDOWS\system32\drivers\NEOFLTR_630_13881.sys (Juniper Networks)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (qcusbser) -- C:\WINDOWS\system32\drivers\qcusbser.sys (TCT International Mobile Ltd)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (R592) -- C:\WINDOWS\system32\DRIVERS\R592.sys (REDC)
DRV - (risdpntk) -- C:\WINDOWS\system32\DRIVERS\risdpntk.sys (REDC)
DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yukonwxp.sys (Marvell Semiconductor Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ncr
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2011/09/10 19:46:24 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe ()
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [ALLUpdate] File not found
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [HostsServer] C:\Program Files\HostsMan\hostssrv.exe (abelhadigital.com)
O4 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://sacorp.netapp.com/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupControlXP Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCA625BF-2320-4521-937A-AF6EBB5FE10B}: DhcpNameServer = 192.168.2.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\biem0nd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\biem0nd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/19 21:28:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\AutoRun\command - "" = H:\kaspersky/kaspersky32.exe
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\explore\command - "" = H:\.////////kaspersky/\\\\\kaspersky32.exe
O33 - MountPoints2\{a20ce402-bbcb-11dc-a99b-00166f1e48b8}\Shell\open\command - "" = H:\kaspersky/////////kaspersky32.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/10 19:46:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/10 19:43:43 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\biem0nd\Desktop\OTL.exe
[2011/09/10 00:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EASEUS Partition Master 9.0.0 Home Edition
[2011/09/09 03:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/09/09 02:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/09/09 01:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/09/09 01:46:41 | 000,270,888 | R--- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
[2011/09/09 01:46:41 | 000,065,576 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
[2011/09/09 01:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sunbelt Software
[2011/09/09 01:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\HostsMan Backups
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\abelhadigital.com
[2011/09/09 01:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
[2011/09/09 01:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\HostsMan
[2011/09/09 01:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HostsMan
[2011/09/09 00:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareGuard
[2011/09/09 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2011/09/09 00:23:31 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/09/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/09/09 00:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/09/09 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/09/08 17:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/09/08 17:22:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/09/08 17:22:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/09/08 17:22:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/09/07 11:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\Malwarebytes
[2011/09/07 11:33:31 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 11:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 11:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 11:33:26 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 11:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/03 12:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/27 19:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2011/08/26 22:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011/08/21 22:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/08/21 19:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\ALLConverter
[2011/08/19 17:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\vlc
[2011/08/19 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/08/19 16:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Application Data\WinRAR
[2011/08/19 16:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/08/19 02:13:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\biem0nd\My Documents\My Videos
[2011/08/19 01:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/08/12 03:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2011/08/12 03:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\Xenocode
[2011/08/12 01:23:56 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[1 C:\Documents and Settings\biem0nd\*.tmp files -> C:\Documents and Settings\biem0nd\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/10 20:47:46 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011/09/10 20:24:18 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/10 20:19:34 | 000,037,106 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/10 20:18:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/10 20:18:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/10 20:18:36 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/10 19:43:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\biem0nd\Desktop\OTL.exe
[2011/09/09 22:17:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/09 19:29:34 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/09 03:06:52 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\Spybot - Search & Destroy.lnk
[2011/09/09 02:40:28 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/09/09 00:28:18 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/09/09 00:28:18 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareGuard.lnk
[2011/09/09 00:11:42 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareBlaster.lnk
[2011/09/08 17:29:40 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 22:02:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/07 11:33:32 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\biem0nd\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/03 12:17:38 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/25 18:25:08 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/21 22:16:38 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/21 19:24:00 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\biem0nd\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2011/08/12 03:10:32 | 000,436,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 03:10:32 | 000,068,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\biem0nd\*.tmp files -> C:\Documents and Settings\biem0nd\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/10 00:54:53 | 002,469,248 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011/09/10 00:54:53 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011/09/10 00:54:53 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011/09/10 00:54:53 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011/09/10 00:54:53 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011/09/09 03:06:50 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\Spybot - Search & Destroy.lnk
[2011/09/09 02:45:04 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/09 02:45:04 | 000,000,390 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011/09/09 02:40:26 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/09/09 02:39:52 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/09/09 00:28:17 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\biem0nd\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/09/09 00:28:17 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareGuard.lnk
[2011/09/09 00:22:43 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/09/09 00:11:41 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\SpywareBlaster.lnk
[2011/09/07 11:33:31 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\biem0nd\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 00:06:29 | 1073,074,176 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/21 19:23:58 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\biem0nd\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2011/03/18 13:55:13 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/01/16 18:26:57 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\Media Holder.xml
[2010/10/31 18:19:35 | 000,000,128 | -H-- | C] () -- C:\WINDOWS\€nlsPreferences.dat
[2010/05/31 23:15:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/25 23:17:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/26 19:22:53 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\keyfile3.drm
[2009/10/03 22:26:38 | 000,058,996 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2008/12/06 17:49:45 | 000,000,287 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/01 19:01:18 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\biem0nd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/06 14:00:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/09/01 12:55:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2006/09/01 12:55:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2006/09/01 12:55:58 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2006/09/01 12:55:41 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2006/09/01 12:55:41 | 000,000,337 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2006/08/15 20:59:39 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/07/23 12:07:04 | 000,000,494 | ---- | C] () -- C:\Documents and Settings\biem0nd\Application Data\wklnhst.dat
[2006/07/19 21:42:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/19 21:32:03 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/19 21:31:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/07/19 21:26:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/19 21:20:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/19 21:20:13 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/07/19 16:58:56 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/07/19 16:57:28 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2005/09/23 07:27:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/09/23 07:27:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005/09/23 07:27:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/09/23 07:27:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005/09/23 07:27:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/09/23 07:27:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/09/23 07:27:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005/09/23 07:27:00 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/02/17 10:07:48 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004/08/19 10:07:40 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004/08/19 10:07:40 | 000,002,540 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/19 10:07:12 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 10:07:09 | 000,436,248 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 10:07:09 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 10:07:09 | 000,068,978 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 10:07:09 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 10:07:09 | 000,004,487 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 10:07:06 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 10:07:06 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 10:07:01 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 10:07:01 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 10:06:55 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 10:06:45 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
< End of report >
3. Rin Scan - Extras
OTL Extras logfile created on: 9/10/2011 20:37:47 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\biem0nd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.30 Mb Total Physical Memory | 268.88 Mb Available Physical Memory | 26.28% Memory free
2.40 Gb Paging File | 1.74 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43.67 Gb Total Space | 11.24 Gb Free Space | 25.74% Space Free | Partition Type: FAT32
Drive D: | 28.97 Gb Total Space | 22.68 Gb Free Space | 78.28% Space Free | Partition Type: FAT32
Computer Name: BIEMOND | User Name: biem0nd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1078081533-1979792683-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{10F5387D-1728-423A-A578-B00982CF2646}" = Windows Live Messenger
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 27
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}" = Windows Live Call
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}" = Windows Live Essentials
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}" = HostsMan 3.2.73
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7CD7A451-7224-49C8-95EF-9A1859C66607}" = mZConfig
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTDR_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.0.0 Home Edition
"ENTERPRISER" = Microsoft Office Enterprise 2007
"HControl" = ATK0100 ACPI UTILITY
"HSPA USB MODEM ALCATEL_is1" = HSPA USB MODEM
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PRJSTDR" = Microsoft Office Project Standard 2007
"ProInst" = Intel(R) PROSet/Wireless Software
"PROR" = Microsoft Office Professional 2007 Trial
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/8/2011 16:25:27 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 16:25:30 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752570
Description =
Error - 9/8/2011 16:25:30 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 16:25:31 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752570
Description =
Error - 9/8/2011 16:25:31 | Computer Name = BIEMOND | Source = LiveUpdate | ID = 2752567
Description =
Error - 9/8/2011 19:59:06 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.
Error - 9/8/2011 20:09:01 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.
Error - 9/8/2011 20:22:20 | Computer Name = BIEMOND | Source = Application Hang | ID = 1002
Description = Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 9/8/2011 20:40:02 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 9/10/2011 11:55:19 | Computer Name = BIEMOND | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The DeviceManager service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The NLS Service service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The OwnershipProtocol service terminated unexpectedly. It has done
this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The RegSrvc service terminated unexpectedly. It has done this 1 time(s).
Error - 9/10/2011 13:46:20 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The SbPF.Launcher service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:22 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 9/10/2011 13:46:22 | Computer Name = BIEMOND | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
< End of report >
