WiredWX Hobby Weather ToolsLog in

 


descriptionwiloggApp.exe problem EmptywiloggApp.exe problem

more_horiz
I have a problem accessing some programs under one of the users on my laptop. It's an administrator. The applications I can't access are the 3 mobile network application, and the OpenOffice suite. Both versions of these applications are the most current and run on the other two users on the laptop. Can you help please?
Here are the results of the OTL scans.
OTL logfile created on: 04/10/2010 12:59:11 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Toni\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000083C | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106.61 Gb Total Space | 41.84 Gb Free Space | 39.25% Space Free | Partition Type: NTFS
Drive D: | 5.18 Gb Total Space | 1.17 Gb Free Space | 22.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TONI2-PC
Current User Name: Toni
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/10/04 12:34:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Downloads\OTL.com
PRC - [2010/05/21 00:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/17 14:23:58 | 003,965,680 | ---- | M] (Birdstep Technology) -- C:\Program Files\3 Mobile Broadband\3Connect\WilogApp.exe
PRC - [2009/11/17 14:13:48 | 000,667,648 | ---- | M] (Birdstep Technology) -- C:\Program Files\3 Mobile Broadband\3Connect\AutoUpdateSrv.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/23 14:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/19 21:19:18 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/17 16:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/18 13:12:39 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/02/21 23:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/01/19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 08:33:40 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
PRC - [2008/01/02 21:15:26 | 000,103,712 | R--- | M] (MacroGaming LTD.) -- C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
PRC - [2007/08/22 09:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
PRC - [2007/05/17 15:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/04/10 15:46:44 | 000,996,712 | ---- | M] (Microsoft Corporation
) -- C:\Windows\vVX6000.exe
PRC - [2007/04/02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2007/02/28 02:02:36 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2007/01/02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/12/10 21:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2006/09/06 21:12:46 | 000,323,216 | ---- | M] (Napster) -- C:\Program Files\Napster\napster.exe
PRC - [2005/06/07 00:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe


========== Modules (SafeList) ==========

MOD - [2010/10/04 12:34:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Downloads\OTL.com
MOD - [2010/03/05 15:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2009/04/11 07:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009/04/11 07:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009/04/11 07:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 08:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008/01/19 08:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008/01/19 08:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008/01/19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/09/01 15:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/19 21:19:18 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/17 16:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 16:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 16:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 16:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 12:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/05/21 12:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008/02/21 23:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 09:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/05/17 15:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/04/02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2007/02/28 02:00:14 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/02/28 02:00:14 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2006/06/26 18:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/09/28 09:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101003.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 09:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101003.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/15 19:11:07 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100915.004\IDSvix86.sys -- (IDSvix86)
DRV - [2010/05/26 09:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 09:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/09/10 13:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/24 14:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/13 19:13:24 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/05 15:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 18:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/01 02:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/02/01 02:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/02/01 02:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/08/09 01:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/09 18:33:34 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/04/26 17:19:26 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/04/26 17:18:04 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/04/26 17:17:54 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/04/10 15:46:44 | 002,385,896 | ---- | M] (Microsoft Corporation
) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX6000Xp.sys -- (VX6000)
DRV - [2007/03/30 11:57:38 | 001,671,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/03/30 11:57:38 | 001,671,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007/02/22 16:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/01/30 13:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/17 17:20:26 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2006/11/17 17:20:26 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/16 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/16 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/16 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/15 06:24:00 | 000,179,256 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/11/09 10:02:30 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/06/28 18:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/06/28 18:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/04/28 16:24:42 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2005/01/07 10:07:40 | 000,286,720 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WPN111.sys -- (WPN111)
DRV - [2004/10/14 18:24:00 | 000,043,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athwpn.sys -- (ATHFMWDL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://uk.search.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://uk.search.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ie/0SEENIE/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ga-ie
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 4D 76 B1 DE 57 CB 01 [binary data]
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-392627087-1961301002-2192104653-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-392627087-1961301002-2192104653-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SWEETIE Class) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SweetIM For Internet Explorer) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000\..\Toolbar\WebBrowser: (SweetIM For Internet Explorer) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1003\..\Toolbar\WebBrowser: (SweetIM For Internet Explorer) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1004\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-1004\..\Toolbar\WebBrowser: (SweetIM For Internet Explorer) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-501\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-501\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-501\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-392627087-1961301002-2192104653-501\..\Toolbar\WebBrowser: (SweetIM For Internet Explorer) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (Macrogaming)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe (MacroGaming LTD.)
O4 - HKLM..\Run: [VX6000] C:\Windows\vVX6000.exe (Microsoft Corporation
)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [SoftAuto.exe] C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe (MacroGaming LTD.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-501..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-392627087-1961301002-2192104653-501..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\jarrook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\jarrook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe File not found
O4 - Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\S-1-5-21-392627087-1961301002-2192104653-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15030/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-ie/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.mail.live.com/mail/w1/resources/VistaMSNPUplden-ie.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx (CamImage Class)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15030/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 15:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2009/11/18 15:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/03/20 18:20:32 | 000,027,750 | R--- | M] () - G:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/11/17 15:01:12 | 000,000,047 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b25b06c9-bf43-11df-ac04-001636ce04e8}\Shell - "" = AutoRun
O33 - MountPoints2\{b25b06c9-bf43-11df-ac04-001636ce04e8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/11/18 15:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/04 12:21:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Adobe Reader 9 Installer
[2010/10/04 12:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/10/04 12:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010/10/04 12:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/10/04 12:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/10/04 12:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/10/04 12:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/10/04 12:15:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/04 12:15:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Adobe
[2010/10/04 12:06:39 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\JavaRa[1]
[2010/10/04 11:48:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/04 11:48:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/04 11:48:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/01 12:01:51 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Apple
[2010/09/29 14:53:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/09/29 14:39:50 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Google
[2010/09/29 14:39:49 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Google
[2010/09/29 14:39:15 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Macromedia
[2010/09/29 14:39:10 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Adobe
[2010/09/29 14:39:05 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Birdstep Technology
[2010/09/29 12:53:38 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\OpenOffice.org
[2010/09/29 12:52:16 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\HP
[2010/09/29 12:51:47 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\QuickPlay
[2010/09/29 12:51:46 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\yahoo!
[2010/09/29 12:51:29 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Symantec
[2010/09/29 12:51:13 | 000,000,000 | R--D | C] -- C:\Users\Toni\Searches
[2010/09/29 12:51:02 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Identities
[2010/09/29 12:50:57 | 000,000,000 | R--D | C] -- C:\Users\Toni\Contacts
[2010/09/29 12:50:34 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\VirtualStore
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Temporary Internet Files
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Templates
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Start Menu
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\SendTo
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Recent
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\PrintHood
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\NetHood
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Videos
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Pictures
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Music
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\My Documents
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Local Settings
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\History
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Cookies
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Application Data
[2010/09/29 12:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Application Data
[2010/09/29 12:50:22 | 000,000,000 | --SD | C] -- C:\Users\Toni\AppData\Roaming\Microsoft
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Videos
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Saved Games
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Pictures
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Music
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Links
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Favorites
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Downloads
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Documents
[2010/09/29 12:50:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Desktop
[2010/09/29 12:50:22 | 000,000,000 | -H-D | C] -- C:\Users\Toni\AppData
[2010/09/29 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Temp
[2010/09/29 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Microsoft Help
[2010/09/29 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Microsoft
[2010/09/29 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Media Center Programs
[2010/09/15 13:38:46 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/09/13 15:41:21 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010/09/13 15:41:21 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010/09/13 15:41:21 | 000,101,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2010/09/13 15:41:21 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010/09/13 15:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\3 Mobile Broadband
[2010/09/13 15:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Birdstep Technology
[2010/09/13 15:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei Modems
[2010/03/13 10:22:30 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe6538.dll

========== Files - Modified Within 30 Days ==========

[2010/10/04 13:01:59 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{77DE991C-71CD-489C-AAFD-81F2D846E194}.job
[2010/10/04 13:00:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/04 13:00:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/04 12:59:21 | 000,786,432 | -HS- | M] () -- C:\Users\Toni\NTUSER.DAT
[2010/10/04 12:46:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/04 12:23:31 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/04 12:18:19 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010/10/04 12:18:19 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/10/04 11:47:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/10/04 11:47:43 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/04 11:47:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/04 11:47:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/04 10:31:46 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/10/04 09:04:21 | 000,000,151 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/10/04 09:03:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/04 09:00:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/10/04 09:00:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/04 09:00:35 | 2134,978,560 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/01 12:53:57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/10/01 12:53:49 | 000,065,536 | -HS- | M] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/10/01 12:53:48 | 000,524,288 | -HS- | M] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/10/01 12:53:36 | 002,500,675 | -H-- | M] () -- C:\Users\Toni\AppData\Local\IconCache.db
[2010/09/29 14:39:32 | 000,000,943 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/29 13:01:25 | 000,524,288 | -HS- | M] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/09/29 12:54:10 | 000,001,028 | ---- | M] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/09/29 12:51:46 | 000,195,568 | ---- | M] () -- C:\Users\Toni\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/29 12:50:24 | 000,000,020 | -HS- | M] () -- C:\Users\Toni\ntuser.ini
[2010/09/24 22:25:14 | 000,715,876 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/24 22:25:14 | 000,604,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/24 22:25:14 | 000,107,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/15 14:01:40 | 000,000,240 | ---- | M] () -- C:\Windows\win.ini
[2010/09/13 15:42:38 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk
[2010/09/13 15:40:40 | 000,071,262 | ---- | M] () -- C:\Windows\Huawei ModemsUninstall.exe

========== Files Created - No Company Name ==========

[2010/10/04 12:23:31 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/04 12:18:19 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010/10/04 12:18:19 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/10/04 10:31:46 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/09/29 14:39:32 | 000,000,943 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/29 12:54:10 | 000,001,028 | ---- | C] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/09/29 12:52:01 | 000,000,000 | ---- | C] () -- C:\Users\Toni\AppData\Local\QSwitch.txt
[2010/09/29 12:52:01 | 000,000,000 | ---- | C] () -- C:\Users\Toni\AppData\Local\DSwitch.txt
[2010/09/29 12:52:01 | 000,000,000 | ---- | C] () -- C:\Users\Toni\AppData\Local\AtStart.txt
[2010/09/29 12:50:24 | 000,000,020 | -HS- | C] () -- C:\Users\Toni\ntuser.ini
[2010/09/29 12:50:22 | 000,524,288 | -HS- | C] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/09/29 12:50:22 | 000,524,288 | -HS- | C] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/29 12:50:22 | 000,262,144 | -H-- | C] () -- C:\Users\Toni\ntuser.dat.LOG1
[2010/09/29 12:50:22 | 000,065,536 | -HS- | C] () -- C:\Users\Toni\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/29 12:50:22 | 000,000,258 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/09/29 12:50:22 | 000,000,240 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/09/29 12:50:22 | 000,000,000 | -H-- | C] () -- C:\Users\Toni\ntuser.dat.LOG2
[2010/09/29 12:50:21 | 000,786,432 | -HS- | C] () -- C:\Users\Toni\NTUSER.DAT
[2010/09/13 15:42:38 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk
[2010/09/13 15:09:48 | 000,071,262 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2010/07/22 11:09:40 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/11/01 13:09:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/11/19 21:05:53 | 000,002,985 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/02/15 00:04:41 | 000,000,064 | ---- | C] () -- C:\Windows\PrintWorkShop2007.ini
[2007/07/09 18:32:42 | 000,651,264 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2007/07/09 18:32:42 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2007/06/09 07:54:01 | 000,002,278 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/04/10 15:46:44 | 000,015,497 | ---- | C] () -- C:\Windows\VX6KStd.ini
[2007/03/30 12:27:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2006/11/29 08:32:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/06 12:02:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 10:05:40 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/19 08:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/19 08:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/08 05:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 08:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/04/11 07:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 08:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 08:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 08:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 08:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 08:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 08:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 08:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 08:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 08:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 08:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 08:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 08:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 08:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 08:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2010/06/21 14:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2007/01/30 13:23:52 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
< %SYSTEMDRIVE%\*.* >
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/01/21 23:50:18 | 000,230,424 | ---- | M] () -- C:\DC6810xp-001.raw
[2008/01/25 00:55:38 | 000,230,424 | ---- | M] () -- C:\DC6810xp-002.raw
[2009/02/07 13:20:59 | 000,230,424 | ---- | M] () -- C:\DC6810xp-005.raw
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/10/04 09:00:35 | 2134,978,560 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/01/18 21:08:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/18 21:08:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/05/22 00:02:44 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2010/05/22 00:02:44 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2010/05/22 00:02:44 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2010/05/22 00:02:44 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{c6a86d69-6528-11df-a9f0-001636ce04e8}.TM.blf
[2010/05/22 00:02:44 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{c6a86d69-6528-11df-a9f0-001636ce04e8}.TMContainer00000000000000000001.regtrans-ms
[2010/05/22 00:02:44 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{c6a86d69-6528-11df-a9f0-001636ce04e8}.TMContainer00000000000000000002.regtrans-ms
[2010/10/04 09:00:33 | 2450,849,792 | -HS- | M] () -- C:\pagefile.sys
[2010/06/10 11:40:15 | 000,000,000 | ---- | M] () -- C:\rasphone.pbk
[2010/07/23 16:26:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt00.sqm
[2010/07/23 16:28:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt01.sqm
[2010/07/23 15:50:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt02.sqm
[2010/07/23 15:52:30 | 000,000,296 | ---- | M] () -- C:\sqmnoopt03.sqm
[2010/07/23 15:54:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt04.sqm
[2010/07/23 15:56:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt05.sqm
[2010/07/23 15:58:32 | 000,000,296 | ---- | M] () -- C:\sqmnoopt06.sqm
[2010/07/23 16:00:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt07.sqm
[2010/07/23 16:02:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt08.sqm
[2010/07/23 16:04:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt09.sqm
[2010/07/23 16:06:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt10.sqm
[2010/07/23 16:08:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt11.sqm
[2010/07/23 16:10:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt12.sqm
[2010/07/23 16:12:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt13.sqm
[2010/07/23 16:14:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt14.sqm
[2010/07/23 16:16:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt15.sqm
[2010/07/23 16:18:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt16.sqm
[2010/07/23 16:20:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt17.sqm
[2010/07/23 16:22:24 | 000,000,296 | ---- | M] () -- C:\sqmnoopt18.sqm
[2010/07/23 16:24:25 | 000,000,296 | ---- | M] () -- C:\sqmnoopt19.sqm
[2007/06/01 00:19:09 | 000,916,690 | ---- | M] () -- C:\TB.log
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2007/03/18 20:34:19 | 000,000,152 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2010/09/13 15:40:19 | 000,000,000 | ---D | M] -- C:\Program Files\3 Mobile Broadband
[2010/10/04 12:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/03/13 10:15:51 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/03/17 18:48:31 | 000,000,000 | ---D | M] -- C:\Program Files\Audible
[2008/01/13 17:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\Belfield Software
[2010/10/04 12:19:33 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/06/28 00:47:29 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/03/17 18:49:06 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2007/06/30 14:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Creative Installation Information
[2009/05/27 12:56:53 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2007/06/17 16:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2007/06/17 16:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2006/12/09 11:56:47 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2010/09/13 15:09:50 | 000,000,000 | ---D | M] -- C:\Program Files\Huawei Modems
[2010/09/13 15:40:18 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/09/29 14:55:23 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/04/10 15:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/07/21 11:57:49 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2008/03/02 01:10:05 | 000,000,000 | ---D | M] -- C:\Program Files\Macrogaming
[2010/01/18 21:01:30 | 000,000,000 | ---D | M] -- C:\Program Files\MagicDisc
[2010/10/04 12:18:17 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2009/04/04 19:25:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/07/22 11:07:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2007/05/08 23:03:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2007/12/16 19:47:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2010/07/22 11:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/10/01 11:50:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/01/23 19:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/04/04 19:29:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/10/16 13:05:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/07/22 11:04:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/15 00:57:53 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/03/05 18:21:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2006/12/09 11:54:22 | 000,000,000 | ---D | M] -- C:\Program Files\Napster
[2007/07/09 18:32:43 | 000,000,000 | ---D | M] -- C:\Program Files\NETGEAR
[2009/04/14 12:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\Norton 360
[2010/10/04 12:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2006/12/09 11:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2008/11/20 00:01:55 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 2.0
[2010/07/21 14:05:25 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/07/24 13:29:13 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2008/02/16 16:12:21 | 000,000,000 | ---D | M] -- C:\Program Files\Print Workshop 2007 LE
[2010/03/13 10:19:00 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2006/12/09 11:30:35 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/03/13 10:21:20 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2010/03/13 10:22:09 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson
[2010/03/13 10:08:04 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Setup
[2009/01/13 19:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2006/12/09 11:05:52 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/11/24 11:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/11/24 11:11:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/11/24 11:11:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/11/24 11:11:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/05/03 23:04:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2007/03/21 00:42:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
[2009/04/04 19:25:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/09/15 14:03:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/11/24 11:11:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/11/24 11:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/25 14:19:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/11/24 11:11:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/05/22 00:02:41 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/09/13 15:00:16 | 000,000,000 | ---D | M] -- C:\Program Files\ZTE Mobile Connection

< %appdata%\*.* >


< MD5 for: AGP440.SYS >
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/13 00:41:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/13 00:41:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/13 00:41:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2007/06/02 03:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2007/06/02 03:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2007/06/02 03:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2008/01/19 06:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/19 06:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/11 05:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/11 05:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/11 05:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 09:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-04 11:32:31
< End of report >

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
OTL Extras logfile created on: 04/10/2010 12:59:11 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Toni\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000083C | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106.61 Gb Total Space | 41.84 Gb Free Space | 39.25% Space Free | Partition Type: NTFS
Drive D: | 5.18 Gb Total Space | 1.17 Gb Free Space | 22.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TONI2-PC
Current User Name: Toni
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\TEMP.Toni2-pc.001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9DNFXJ9\profile[1].exe" = C:\Users\Public\infocard.exe:*:Enabled:Firewall Administrating -- File not found
"C:\Users\Public\infocard.exe" = C:\Windows\infocard.exe:*:Enabled:Firewall Administrating -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00897B59-7559-4DB3-8323-F757643753D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0E74ED4B-3992-44FC-B18C-A9F71E9CA30F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{11474BD5-93D9-434C-A759-81E39E1EFA46}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1479CA45-4312-4C8C-BB4C-2B6F3E9348B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1493AD96-90E0-4F38-92E1-CA829CF7991A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{159B522E-DC5A-4B38-B487-8CC51C231124}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{166C7EBE-D221-448C-B3CE-1A2908268DD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{17EEA894-C231-4C64-AF22-8A716BF1A992}" = lport=2869 | protocol=6 | dir=in | app=system |
"{181F1BCF-A62F-47DA-8954-6D7999F2B313}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1B37862E-F1AE-4581-AA46-86494C380B84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1D5AD6B4-58AF-4B12-8634-580397909026}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1DB86483-B8A7-463B-B04B-60E08CB6B633}" = rport=137 | protocol=17 | dir=out | app=system |
"{1FF7C9C1-9F94-41C8-9BEB-507A698E074C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{21F4D847-051C-400B-AA50-88B5C9D8EA4F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2C8C6A17-0966-4932-9AE2-6E68FAEB1B39}" = lport=2869 | protocol=6 | dir=in | app=system |
"{32A8CA49-CE9E-4FD2-828A-27098AA7C9A0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34FE39DF-8F55-4D4E-906D-64D13EA501BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{356DE8B0-BC51-4D7E-9086-5568D8EC5AED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A35F67F-A29C-45A6-B07B-848B6AB93F55}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A6956A9-F7BA-4A55-8BA3-DCD5AF518D9C}" = rport=445 | protocol=6 | dir=out | app=system |
"{3D6B5537-AB6A-45B9-9EDE-7685E72BF0BF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{44BEB0FF-2701-43AC-8511-FFD465637B1D}" = lport=137 | protocol=17 | dir=in | app=system |
"{4C560ACB-4132-434D-A205-2904B250C74C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4E442DF1-C54D-47B2-9A14-DC0E27DBA023}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5202B21C-B5C6-45EA-829B-5A65415D78FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5361CC68-A924-4B3C-8156-39B47F8CD668}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5466B254-4FE2-49CA-BD4A-D8B7A9E82097}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{56DB1499-5DFC-440D-AF67-AA7F36F62B99}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D2B3363-A511-4D61-A33F-ADA0A94A9B95}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5E080D5C-AF22-4FAF-93AB-7B2BC041C7CA}" = rport=139 | protocol=6 | dir=out | app=system |
"{5FF52A91-2344-437C-8411-44AF26ADD4B9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{648273D8-6E04-4C52-B00A-041A57CC1767}" = lport=2869 | protocol=6 | dir=in | app=system |
"{69291458-B21E-4B79-9B25-22FC82AFA92F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6A004A38-A323-4C95-BE6A-E15A636DEB64}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6AFE8464-757C-47E1-B003-C91BAC119AB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6C555A06-BEB1-4F21-ABD2-52C8EE62061D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F932F2C-11FF-4631-9E6A-00B0678CB71D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7A98270F-BB85-4CC8-AF77-A55542FD87CF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{80E3CFF3-6EA3-47E7-8409-F222912FC9B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{83191188-032C-4AC5-8EDA-F5C731E4FDF5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{86684962-52FA-4A6A-8E17-BA31E4EAAC8B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{86A42DD1-AE49-4679-9402-016969E5AD86}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8B9C6BB8-8990-462D-BEBC-B98B68478C54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8DFC046C-E26B-4C0E-AACE-4049FF712E17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8E02DDE4-9617-49F1-9BAA-BCD37C9FFBBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8EE199D1-BECB-4831-9B85-718C94A6AFC7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{903D5295-6950-463A-9AA1-DE393B4DC576}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9211643E-9C43-470F-9FBB-A4865DC045FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{92E0649E-61EF-4F57-BEDE-A4A34CCAB5CF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{95525DFD-FD04-4C42-84C0-3029B9C4DD9E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{981B4B4D-E3DA-4290-B89F-0B35BDE07E5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{989CDBE4-8A99-4234-AEEF-5A85B0FA00AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9B20FB2B-4AE6-43D0-B58C-0434C877B9ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9CAC0954-9161-41CA-9078-65C78F605288}" = lport=138 | protocol=17 | dir=in | app=system |
"{9E65F076-F8A8-4B6F-8071-5EEE40E711EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A8A203B9-5ADC-4D31-8C39-55D7F4DCE5EE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB7CCF96-8F7F-41BF-887F-484759907664}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B84BD6E1-DE73-43AD-930D-84A4314FCD43}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B8EFB86F-E2F3-4E94-B38F-2521CF5B204C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE66E25A-259C-4ACE-AB8E-A6F14978D2C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BEBF6542-182E-4937-91C0-5BE3522A94D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C310AF33-8E94-4351-B7CC-3BF6C5195901}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C379AE53-5491-4905-8551-08DCE7A92BE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CCC327B0-03E3-47C7-950E-7F5128587037}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D25BF735-962F-4C23-A8B1-136674130717}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D74BB98C-A8B0-4858-B04E-3074E55DCF10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DD326765-B56B-4D7F-91FD-6800FC750FBC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DFA4F5AB-3CC7-4CFE-9E35-90C8DADCFCBE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E8C9D67F-387F-4123-A77A-2233428D1F2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F6A24E19-0936-421A-BF70-5D86B7FC5C30}" = lport=139 | protocol=6 | dir=in | app=system |
"{F82D7A90-E2E0-4AC2-8C21-32FEB56A7B0F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA76E301-61B3-47C8-A594-59CCBA95C937}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FA92384C-F655-403A-907F-E323BE3BEECC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FB65C764-8391-4940-9740-2D66FCB05CE9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04917D26-C4D6-484A-9BD8-C82FAEAAE548}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{10723C6D-E108-424E-BCBB-EDD86D325B2B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{12BBD035-3154-409E-AF20-B2A8D7C7D955}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{15867F2C-4B74-4482-82CC-9A5DDABAB250}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1636B0BB-D975-4F3E-B579-7C56DCD6891A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{16BF4EC4-1D0F-497E-848E-FCB85447583C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1ADBDD96-54D5-4832-B408-C3AB4F2B8983}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1EFC3EBF-DF0E-4105-A333-8E21E2FBBC8E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1FB80C68-CDA4-44CB-B66A-3E0621ECC84E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{20E6D344-7FFA-4A6E-B7B1-3955E1737D58}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{28851349-AA3C-46A6-A2D7-7D2526A0508F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{29593CDB-1B45-434E-A7D9-3D621141C422}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{303D68AE-78BC-4253-9095-1D1B0A2C363E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3157E768-09C3-4993-8BF5-3ECCE19E09B0}" = protocol=6 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{318CEBA5-1476-4778-8B95-564AD86A0093}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3237084A-8373-4DF6-B2A8-BF041E702C52}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{333A0EC6-8505-431B-8B62-04AEDFFB74EC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3439547B-C43C-46A0-889F-5295332797D9}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{35A26086-759E-4544-8336-B17968117C9F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3781B090-0F32-40BA-A3B0-FE61E68626EE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3C3CD6AF-2399-4AE7-8FDA-12C9ACC56DDF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3DA4DAFF-575C-403A-8BB5-D59A820548FD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{458CA78B-DF24-4C75-8470-6DE6F4B45464}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{45B27703-DFCB-404F-A6E1-DABD565CC22A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{48498DAB-6D76-4478-A8B0-46B935F89992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{497ADF64-820A-44C6-92ED-61023142E724}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{4A524C2F-7DFC-4C14-8694-CC7651349313}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{4E071188-FCFA-4B1E-BA2C-1D0E74F577F0}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{5D971F55-1425-4F77-9307-265995E8FB49}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5DEC6502-5FD8-4893-98D5-0824D2B15798}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{63583311-BFFB-43DB-A325-2D757017A1B8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{654CF293-48E9-4195-964D-F464CFDE9F18}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{66D74E00-3E65-4711-B469-E2B8058E1968}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{69986873-C718-4205-B015-5E3B21EDF039}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{6D34145E-3E74-4ED9-9EF6-42146699D9C5}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{72BB8C33-F11F-4951-A9D4-09FC41AEEBCE}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{735A8CC3-37CD-4B92-A26C-73C8617BE89B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{740E8D48-C98B-4065-BC65-16CF0EC2F99F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{75E56794-2D22-4FCB-968A-B2B0C50ED4E3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{807CA776-0FAB-40E9-972B-1D1E059433C1}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{8721C309-655C-44FE-86C4-0A8053735E99}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{8749769E-F6D7-401B-9DD6-8A92FFBCBA9F}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{8BD19171-2623-4042-AA01-3192812916C9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9494A05D-F258-4B6B-BFD7-B0435E236CE4}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{9963BA92-A187-41B8-AD60-FED95680CBC4}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A06D1AC4-A0D2-4644-8F27-C83F53923278}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{A24F87CC-A239-4DC6-A111-AFAA70F5FDB5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A302ACED-0FE4-4904-859A-28FCDAE6A068}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A47F0C59-C6AF-4E51-BB00-3D1C5C56E8C2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A4965DA0-7250-4146-9BFC-A8924D1ADB03}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{A71F540C-A93F-429D-872F-04BBAE5E36A7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A74B5FAC-8B61-49A0-9CBC-2C9F2012D187}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AD7417B7-7A45-42B1-B52A-819BFAF5CC48}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{B5AE5F9C-6294-4894-A105-F66C0276E94F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B6679BC2-190A-483C-98CE-D6FF5684D9D5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B9B51C91-FB24-44E1-811E-E5DB56618766}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BA6C5B48-A678-4CDC-A58C-00DA09F06842}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{BBADD2B4-52E6-4AEC-980A-6697EDBA8185}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BBE0C08D-E880-444C-81AB-7DCB9AFE931D}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{BF99039D-5B96-4DF4-ADF6-1D61FD097EA4}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{C18723C8-0AD8-423E-838B-4C2DE23F10FB}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{C427B687-DD83-4A16-B8DF-FA18E3719727}" = protocol=17 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{C86A4A31-C57F-4A8E-AB36-FDF28D040DF8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{CFD32E77-A879-4073-BBDF-F2A2CE426F76}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{D04D291E-0F96-46F4-9E34-4FB17A880C4F}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{D19CB43D-5735-47CE-89AE-5C440E86E56D}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{D96E015D-C418-475A-8FBA-0C2C12A97C84}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{DF1D526A-5C37-4AF6-8329-9B64D20AE602}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{E43222A1-8692-4DB6-AD45-A754CC6DC7D3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E681125E-6291-4C3C-BAE0-A2EA440F011E}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{E6CCCCDF-27FA-49D2-BB9C-97D354586E71}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EC20F549-5825-427E-A4DA-96D94BB7A5D6}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{EFB0A01D-93BE-42AA-AF7E-7F10E1AA400F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F145B757-7594-4807-AC58-C47485CBD617}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F2356179-5D4F-4C8B-AC8E-DC05A45EFD44}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FB5FC242-2DD5-4A28-8E32-80395C27238A}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{FC9D826B-A5D5-4C55-8434-7B6EE7C7BBCB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{FCC64FCC-9911-41F7-836A-4EB713E2D2F7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FCF2E97D-D0F5-48F2-A37A-08D0B7E01E16}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}" = Norton 360
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{502358FB-0718-45BC-B142-7511F1694D58}" = Macrogaming SweetIM 2.1
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR WPN111 Smart Wizard Wireless Utility
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{868F24EB-5CA7-4285-B39B-3617CF37462A}" = D2300_Help
"{89990AF9-F174-4708-B517-6C208704F6EC}" = SymNet
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF023DA1-5B52-467E-857C-EAF1BC0604E0}" = Print Workshop 2007 LE
"{D297A783-A680-4FDB-8882-913EBA36ABC5}" = D2300
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB4E5DC3-42E9-4469-8AD5-F59EE975C1A9}" = Belfield Software Tide Plotter 2008
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}" = HP Driver Diagnostics
"{ED4905E3-2B32-4DD8-BC14-7CAFD30E9ECD}" = HP User Guide 0048
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6D63A65-BD23-46F3-B9A3-87F442423481}" = SweetIM For Internet Explorer 3.0b
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AudibleManager" = AudibleManager
"Bejeweled 2 Deluxe 1.1" = Bejeweled 2 Deluxe 1.1
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045_SprtHDzm" = HDAUDIO Soft Data Fax Modem with SmartCP
"Creative Centrale" = Creative Centrale
"DTE" = DTE
"eLearn 1.2.1_is1" = eLearn CDROM 1.0
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Huawei Modems" = Huawei modem
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZENX-FI" = Creative ZEN X-Fi User's Guide

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23/02/2010 13:35:34 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 24/02/2010 15:05:27 | Computer Name = Toni2-pc | Source = Application Error | ID = 1000
Description = Faulting application ccSvcHst.exe, version 107.0.6.4, time stamp 0x48f51148,
faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000005, fault offset 0x00023f44, process id 0x6d4, application start time
0x01cab584120e0528.

Error - 26/02/2010 06:03:52 | Computer Name = Toni2-pc | Source = Application Error | ID = 1000
Description = Faulting application ccSvcHst.exe, version 107.0.6.4, time stamp 0x48f51148,
faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000005, fault offset 0x00066fcf, process id 0x6c0, application start time
0x01cab6cad3dc2560.

Error - 26/02/2010 06:35:05 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 26/02/2010 08:35:05 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 02/03/2010 13:38:32 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 02/03/2010 13:41:28 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 03/03/2010 13:41:05 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 06/03/2010 12:28:01 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =

Error - 08/03/2010 04:16:04 | Computer Name = Toni2-pc | Source = Google Update | ID = 20
Description =


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
The user which has the problems is "Jarrook".
I appreciate any help you can give me.
Thanks!

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4814

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

13/10/2010 22:18:27
mbam-log-2010-10-13 (22-18-27).txt

Scan type: Quick scan
Objects scanned: 199972
Time elapsed: 14 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz

  • Download combofix from here
    Link 1
1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to svchost as follows:

wiloggApp.exe problem CF_download_FF

wiloggApp.exe problem 2aflf5z

3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See HERE for how to disable your AV.
  • Double click on svchost.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
ComboFix 10-10-18.06 - Toni 19/10/2010 22:51:34.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.2037.1041 [GMT 1:00]
Running from: c:\users\Toni\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\programdata\hpe6538.dll

.
((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 )))))))))))))))))))))))))))))))
.

2010-10-19 22:01 . 2010-10-19 22:01 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-10-19 22:01 . 2010-10-19 22:01 -------- d-----w- c:\users\TEMP.Toni2-pc.001\AppData\Local\temp
2010-10-19 07:43 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{668D0187-759A-460F-9F81-4E2A632D073D}\mpengine.dll
2010-10-13 21:35 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-13 21:35 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-13 20:57 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-13 20:57 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-13 20:57 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-13 20:57 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-13 20:57 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-13 20:51 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-13 20:51 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-13 20:51 . 2010-10-13 20:51 -------- d-----w- c:\programdata\Malwarebytes
2010-10-13 20:51 . 2010-10-13 20:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-13 20:51 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-13 20:49 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-13 20:48 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 20:48 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-13 20:43 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-13 20:43 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-13 20:43 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-13 20:43 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-13 20:43 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-13 20:42 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-05 10:06 . 2010-10-05 10:06 -------- d-----w- c:\users\jarrook\Office Genuine Advantage
2010-10-04 11:19 . 2010-10-04 11:19 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-10-04 11:18 . 2010-10-04 11:18 -------- d-----w- c:\programdata\McAfee
2010-10-04 11:18 . 2010-10-04 11:18 -------- d-----w- c:\programdata\McAfee Security Scan
2010-10-04 11:18 . 2010-10-10 12:46 -------- d-----w- c:\program files\McAfee Security Scan
2010-09-29 13:53 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 13:50 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-09-29 11:50 . 2010-09-29 11:51 -------- d-----w- c:\users\Toni
2010-09-29 11:28 . 2010-09-29 11:28 -------- d-----w- c:\users\Mark\AppData\Roaming\OpenOffice.org
2010-09-29 11:25 . 2010-09-29 11:25 -------- d-----w- c:\users\Mark\AppData\Roaming\AdobeUM
2010-09-29 11:25 . 2010-09-29 11:25 -------- d-----w- c:\users\Mark\AppData\Roaming\Leadertech
2010-09-26 17:04 . 2010-09-26 17:04 -------- d-----w- c:\users\Mark\Office Genuine Advantage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-18 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-11-24 167936]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"NapsterShell"="c:\program files\Napster\napster.exe" [2006-09-06 323216]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-11-28 46704]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-30 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-30 147456]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-30 126976]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX6000"="c:\windows\vVX6000.exe" [2007-04-10 996712]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\users\jarrook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-1-18 576000]

c:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

c:\users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111 Configuration Utility\wpn111.exe [2007-7-9 491606]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9dec2461447df;Google Update Service (gupdate1c9dec2461447df);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 133104]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;c:\windows\system32\Drivers\athwpn.sys [2004-10-14 43392]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\DRIVERS\VX6000Xp.sys [2007-04-10 2385896]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\DRIVERS\WPN111.sys [2005-01-07 286720]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20101013.001\IDSvix86.sys [2010-09-15 287792]
S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-26 102448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 101248]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 11:56]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 11:56]

2010-10-19 c:\windows\Tasks\User_Feed_Synchronization-{77DE991C-71CD-489C-AAFD-81F2D846E194}.job
- c:\windows\system32\msfeedssync.exe [2010-10-13 04:25]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://home.sweetim.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-10-19 23:03:42
ComboFix-quarantined-files.txt 2010-10-19 22:03

Pre-Run: 44,640,714,752 bytes free
Post-Run: 44,744,830,976 bytes free

- - End Of File - - 5E0B97CE2891AF4E852E624A4B00B2D3

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
The only thing written in the log was this:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
The ESET scanned 203161 files
According to the end window there were 0 infected files and 0 cleaned files, altogether no threats.

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
How is the machine running now?

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
Still get a fatal error when I try to run OpenOffice.org and a WillogAppexe error when I try to activate the 3 network application when logged in using the jarrook administrator user

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
Hi,

Have you tried re-installing OpenOffice?

descriptionwiloggApp.exe problem EmptyRe: wiloggApp.exe problem

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum