Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Need Help with Error Code 718 (-2146893798, 0)

Started by Walt, Nov 11 2008 08:25 PM

You cannot reply to this topic
Go to first unread post

22 replies to this topic

#1
Walt

Posted 11 November 2008 - 08:25 PM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

I just downloaded Malwarebytes' Anti-Malware software and tried to install it. During installation the Error Code 718 (-2146893798, 0) came up several times. Does anyone know what this means?

Thanks

#2
AdvancedSetup

Posted 12 November 2008 - 05:31 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Hi Walt and Welcome to Malwarebytes.

Are you using a Dialup modem for your Internet connection? Looking up this error points to a PPP dialup issue for most users so just trying to get to the bottom of the issue.

Are you now or have you had issues connecting to any sites with this system?

Please go into your Control Panel, Admin Tools and look at the Event Viewer and read some of the error messages and see if that gives you a hint to the root cause of the issue.

What operating system are you using and what service pack level is it at? Did you download MBAM for curiosity or to help clean up an infection? Just curious of some infection may be the cause of the error or not.

#3
Walt

Posted 14 November 2008 - 03:02 AM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

AdvancedSetup, on Nov 12 2008, 06:31 AM, said:

I am running Windows XP with Service Pack 3 and have downloaded all the latest updates (checked again just now). I'm not aware of any infection and run SpyBot and AdAware as well as Avast Antivirus weekly. I looked at the Event viewer but I'm afraid I didn't see anything that looked relevant but then I'm not much of a techie either. I deleted the Anti-Malware software and just reinstalled but continued to get the same error message. Any other ideas??

Thanks for the help.

#4
AdvancedSetup

Posted 14 November 2008 - 05:58 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Well you can try running this routine and it will provide a lot of logging information that we can review to see if we can find something that might be causing it or not.

Important!
[indent]All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.

I also need for you to download this program OTListIt.exe to your desktop.

Close all applications and windows so that you have nothing open and are at your Desktop
Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
Place a checkmark in the "Scan All Users" checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
Click the Run Scan button
NOTE: Please be patient and let the scan run without using the computer
When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
In Notepad, click Edit, Select all then Edit, Copy
Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
Submit your reply and close the Notepad window with OTList.txt
Also OTListIt's Extras.txt log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
In Notepad, click Edit, Select all then Edit, Copy
Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
NOTE: If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.[/indent]

[/indent]
[indent]Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.[/indent]

#5
Walt

Posted 15 November 2008 - 05:57 PM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

AdvancedSetup, on Nov 14 2008, 05:58 AM, said:

Close all applications and windows so that you have nothing open and are at your Desktop
Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
Place a checkmark in the "Scan All Users" checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
Click the Run Scan button
NOTE: Please be patient and let the scan run without using the computer
When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
In Notepad, click Edit, Select all then Edit, Copy
Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
Submit your reply and close the Notepad window with OTList.txt
Also OTListIt's Extras.txt log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
In Notepad, click Edit, Select all then Edit, Copy
Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
NOTE: If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.[/indent]

[/indent]
[indent]Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.[/indent]

Here's what the OTListIt.Txt found

OTListIt logfile created on: 11/15/2008 12:53:29 PM - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Walt's Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.48 Mb Total Physical Memory | 382.02 Mb Available Physical Memory | 42.71% Memory free
2.12 Gb Paging File | 1.67 Gb Available in Paging File | 78.75% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182.10 Gb Total Space | 98.95 Gb Free Space | 54.34% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 1.04 Gb Free Space | 24.80% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: UPSTAIRS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/07/19 09:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/07/19 09:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2008/08/10 12:13:24 | 00,380,536 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
[2008/07/19 09:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2008/07/09 08:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2007/06/17 12:40:36 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
[2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
[2005/08/28 01:14:26 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
[2008/07/09 08:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
[2008/07/19 09:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2008/07/23 09:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2008/07/07 07:15:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/07/18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/11/15 12:51:11 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Walt's Downloads\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/08/10 12:13:24 | 00,380,536 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Auto | Running])
[2008/07/07 07:15:18 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [On_Demand | Running])
[2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Disabled | Stopped])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/07/19 09:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Disabled | Stopped])
[2007/06/13 13:29:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
File not found -- -- (Automatic LiveUpdate Scheduler [Disabled | Stopped])
[2008/07/19 09:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/07/19 09:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/07/23 09:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service [On_Demand | Stopped])
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[1999/12/12 12:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Disabled | Stopped])
[2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr [Disabled | Stopped])
[2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched [Auto | Running])
[2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2007/10/11 20:35:15 | 01,838,592 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager [On_Demand | Stopped])
[2007/02/04 18:04:57 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
File not found -- -- (LiveUpdate [Disabled | Stopped])
[2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
[2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
[2005/08/28 01:14:26 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Auto | Running])
[2007/03/26 12:06:24 | 00,292,864 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
[2005/11/17 22:34:28 | 00,833,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Disabled | Stopped])
[2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [Disabled | Stopped])
[2008/07/09 08:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2008/07/19 09:32:15 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2005/02/23 14:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc [On_Demand | Running])
[2007/04/25 15:20:48 | 04,030,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM [On_Demand | Running])
[2001/08/17 22:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde [Boot | Running])
[2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\amdagp.sys -- (amdagp [Boot | Running])
[2006/07/01 21:39:40 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2001/08/17 22:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc.sys -- (asc [Boot | Running])
[2001/08/17 22:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550 [Boot | Running])
[2008/07/19 09:37:42 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/07/19 09:37:21 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/07/19 09:33:42 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/07/19 09:35:18 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/07/19 09:32:36 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2006/02/21 19:46:26 | 01,505,792 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2007/01/31 08:33:46 | 00,005,632 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avgarkt.sys -- (AVG Anti-Rootkit [Boot | Running])
[2007/01/18 07:00:28 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln [System | Running])
[2004/03/05 16:09:00 | 00,003,744 | ---- | M] () -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO [Auto | Running])
[2006/06/23 16:00:26 | 00,031,488 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])
[2005/08/31 10:34:52 | 00,020,480 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio [On_Demand | Running])
[2006/01/19 13:31:34 | 00,010,068 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT [On_Demand | Stopped])
[2006/07/16 16:06:16 | 00,023,040 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])
[2008/04/13 13:46:33 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys -- (BthEnum [On_Demand | Stopped])
[2005/07/30 07:21:32 | 00,011,988 | ---- | M] () -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum [On_Demand | Running])
[2005/05/01 05:50:10 | 00,028,271 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running])
[2008/04/13 13:46:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])
[2008/04/13 13:51:34 | 00,101,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Stopped])
[2008/06/13 06:05:51 | 00,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2008/04/13 13:46:29 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys -- (BTHUSB [On_Demand | Stopped])
[2006/10/04 21:42:42 | 00,002,432 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
[2006/10/04 21:42:42 | 00,002,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
[2001/08/17 22:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde [Boot | Running])
[2001/08/17 22:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GearAspiWDM [On_Demand | Running])
[2005/10/21 18:58:52 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Running])
[2005/10/21 18:58:58 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
[2005/10/21 18:52:48 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Running])
[2005/07/22 10:01:10 | 00,231,168 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
[2004/06/17 17:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Stopped])
[2005/07/22 10:02:12 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2004/05/18 00:25:00 | 00,016,880 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctpdusb.sys -- (Jukebox3 [On_Demand | Stopped])
[2007/07/19 14:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
[2005/03/28 15:07:40 | 00,004,736 | ---- | M] (Laplink Software, Inc.) -- C:\WINDOWS\system32\drivers\llusbflt.sys -- (LLUSBFLT [On_Demand | Stopped])
[2004/03/05 16:09:02 | 00,003,904 | ---- | M] () -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM [Auto | Running])
[2005/10/05 14:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2001/08/17 22:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x [Boot | Running])
[2004/11/22 18:36:34 | 00,019,345 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5 [On_Demand | Stopped])
[2004/11/22 18:36:39 | 00,018,003 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5 [On_Demand | Stopped])
[2001/08/17 15:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. ) -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic [On_Demand | Stopped])
[2004/08/04 00:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Stopped])
[2008/04/02 21:58:18 | 00,016,694 | ---- | M] (PalmSource, Inc.) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD [On_Demand | Running])
[2003/09/20 08:45:48 | 00,021,248 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2004/06/03 11:10:00 | 00,071,596 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\PFModNT.sys -- (PfModNT [Auto | Running])
[2005/03/28 15:07:42 | 00,008,960 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\drivers\usbbc2.sys -- (PLUsbbc2 [On_Demand | Stopped])
[2005/12/01 14:57:58 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32 [On_Demand | Running])
[2008/01/22 04:18:40 | 00,007,808 | ---- | M] (Secunia) -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI [On_Demand | Stopped])
[2004/08/10 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2006/09/27 16:53:22 | 00,036,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2001/08/17 22:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080 [Boot | Running])
[2001/08/17 22:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160 [Boot | Running])
[2001/08/17 22:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280 [Boot | Running])
[2008/04/13 13:46:32 | 00,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Stopped])
[2004/08/10 14:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Running])
[2008/02/25 11:54:56 | 00,105,088 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp [Boot | Running])
[2001/08/17 23:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow [Boot | Running])
[2004/07/21 10:24:04 | 00,341,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])
[2008/02/27 02:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2004/11/15 19:41:54 | 00,036,804 | ---- | M] (Alcor Micro Corp.) -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt [On_Demand | Running])
[2001/08/17 23:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Boot | Running])
[2001/08/17 23:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Boot | Running])
[2005/11/19 10:14:43 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
[2001/08/17 23:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Boot | Running])
[2001/08/17 23:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Boot | Running])
[2008/09/25 11:33:16 | 00,043,552 | ---- | M] (RapidSolution Software AG) -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd [On_Demand | Stopped])
[2001/08/17 22:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra [Boot | Running])
[2004/10/19 13:37:38 | 00,061,312 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm [On_Demand | Running])
[2006/02/28 16:57:22 | 00,084,836 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])
[2008/07/09 08:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [System | Running])
[2005/07/22 10:01:00 | 00,717,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2008/09/27 13:52:47 | 00,035,363 | ---- | M] () -- C:\WINDOWS\system32\windrvNT.sys -- (windrvNT [Auto | Running])
[2004/08/10 14:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])
[2005/03/28 15:07:36 | 00,006,560 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\system32\zntport.sys -- (zntport [Auto | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/index.html
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/index.html
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\S-1-5-21-3113870545-3567692883-938910631-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-3113870545-3567692883-938910631-1006\S-1-5-21-3113870545-3567692883-938910631-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (289483 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 9975 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
O2 - BHO: (CGreenPrintPDF Object) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint\GreenPrint\GPIEPlugin.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\.DEFAULT\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\.DEFAULT\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\.DEFAULT\..\Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-18\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-18\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-18\..\Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..\Toolbar: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe (PalmSource, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint\GreenPrint\GPIEPlugin.dll (TODO: <Company name>)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 51 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: free.aol.com (http in Trusted sites)
O15 - HKCU\..Trusted Sites: www.nytimes.com (http in Trusted sites)
O15 - HKCU\..Trusted Sites: turbotax.com (http in Trusted sites)
O15 - HKCU\..Trusted Sites: turbotax.com (https in Trusted sites)
O15 - HKCU\..Trusted Sites: 52 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Sites: 31 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Sites: 31 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..Trusted Sites: free.aol.com (http in Trusted sites)
O15 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..Trusted Sites: www.nytimes.com (http in Trusted sites)
O15 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..Trusted Sites: turbotax.com (http in Trusted sites)
O15 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..Trusted Sites: turbotax.com (https in Trusted sites)
O15 - HKU\S-1-5-21-3113870545-3567692883-938910631-1006\..Trusted Sites: 52 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsi.cab (SupportSoft SmartIssue)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsr.cab (SupportSoft Script Runner Class)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://help.bellsout...oad/tgctlcm.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative....031/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...p/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {41F841C1-AE16-11D5-8817-0050DA6EF5E5} https://www.acsenterprisesystem.com/CAB%20a...es/SPR32X60.cab (FarPoint Spread 6.0)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp...ads/sysinfo.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} http://home3.ca.com/...an/pestscan.cab (PSFormX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://scan.safety.live.com/resource/downl...lscbase5059.cab (Windows Live Safety Center Base Module)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1131747723062 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} http://pbells.broadjump.com/wizlet/Standar...wActiveXCab.CAB (BinAg1 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab (Reg Error: Value does not exist or could not be read.)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.c...driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: {EA7F451B-94DD-4009-A8BF-8F977B0B2696} http://pbells.broadjump.com/wizlet/Standar...aller_4-2-0.cab (Reg Error: Value does not exist or could not be read.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.h.../qdiagh.cab?326 (QDiagHUpdateObj Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative....15031/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - ms-itss - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2005/04/13 12:20:25 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

Autorun.inf [[AUTORUN] | SHELLEXECUTE=Info.exe folder.htt 480 480 | ]
[2004/09/13 12:15:24 | 00,000,053 | -HS- | M] () -- D:\Autorun.inf -- [ FAT32 ]

========== Files/Folders - Created Within 30 Days ==========

[2008/11/15 12:42:31 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/15 12:42:30 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/15 12:42:28 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/15 12:42:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/15 12:42:26 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/11 17:49:06 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/11/11 17:47:18 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/11/11 17:46:51 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2008/11/08 10:39:02 | 00,001,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlueSoleil.lnk
[2008/11/08 10:35:05 | 00,000,000 | ---D | C] -- C:\Program Files\IVT Corporation
[2008/10/25 09:46:07 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/18 17:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sonic
[2008/10/18 17:18:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Canneverbe_Limited
[2008/10/18 17:18:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\CDBurnerXP Projects
[2008/10/18 13:20:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Any Video Converter
[2008/10/18 13:20:10 | 00,000,715 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Any Video Converter.lnk
[2008/10/18 13:20:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Any Video Converter
[2008/10/18 13:20:00 | 00,000,000 | ---D | C] -- C:\Program Files\Any Video Converter
[2008/10/18 13:06:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\RapidSolution
[2008/10/18 13:05:59 | 00,000,000 | ---D | C] -- C:\Program Files\PixiePack Codec Pack
[2008/10/18 13:02:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2008/10/18 10:10:07 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2008/10/18 10:09:37 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/10/18 10:09:33 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/10/18 10:09:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

========== Files - Modified Within 30 Days ==========

[2008/11/15 12:52:16 | 20,518,944 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/11/15 12:49:22 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/15 12:42:31 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/15 12:34:39 | 00,059,848 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/15 11:48:27 | 00,289,483 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/11/14 11:13:18 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Word.lnk
[2008/11/14 10:52:57 | 00,352,921 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/11/14 10:52:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/14 10:51:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/14 10:51:50 | 93,800,4480 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/14 10:51:50 | 00,226,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/13 23:17:54 | 00,234,104 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/11/13 23:17:26 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2008/11/13 21:48:47 | 00,563,804 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/13 21:48:47 | 00,477,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/13 21:48:47 | 00,079,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/11 18:48:35 | 00,002,471 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Excel.lnk
[2008/11/11 17:49:17 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/11/10 21:46:28 | 00,001,366 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2008/11/08 18:04:01 | 00,288,766 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081115-114827.backup
[2008/11/08 14:05:18 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2008/11/08 11:49:58 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/08 10:39:02 | 00,001,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlueSoleil.lnk
[2008/11/03 19:10:25 | 17,318,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/10/31 18:06:50 | 00,270,687 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081108-180400.backup
[2008/10/25 11:43:03 | 00,269,761 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081031-190650.backup
[2008/10/24 06:21:09 | 00,455,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2008/10/24 06:21:09 | 00,455,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/18 16:03:40 | 00,058,880 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/18 13:20:10 | 00,000,715 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Any Video Converter.lnk

< End of report >

#6
Walt

Posted 15 November 2008 - 06:04 PM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

Here's the report from Extras.txt

OTListIt Extras logfile created on: 11/15/2008 12:53:29 PM - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Walt's Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.48 Mb Total Physical Memory | 382.02 Mb Available Physical Memory | 42.71% Memory free
2.12 Gb Paging File | 1.67 Gb Available in Paging File | 78.75% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182.10 Gb Total Space | 98.95 Gb Free Space | 54.34% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 1.04 Gb Free Space | 24.80% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: UPSTAIRS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
File not found -- C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
[2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL
File not found -- C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL
File not found -- C:\Program Files\iMesh Applications\iMesh6\iMesh6.exe:*:Enabled:iMesh 6
[2005/07/11 16:35:18 | 00,011,352 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2005/11/02 22:01:14 | 00,050,792 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1140139756\ee\aolsoftware.exe:*:Enabled:AOL Services
[2006/01/09 14:31:29 | 00,050,792 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1140139756\ee\aim6.exe:*:Enabled:AIM
[2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/03/08 00:25:56 | 09,950,760 | ---- | M] (Intuit, Inc.) -- C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax
[2007/03/30 21:28:53 | 03,679,784 | ---- | M] (Intuit, Inc.) -- C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager
[2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[2004/12/14 22:16:18 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[2004/12/14 22:16:30 | 00,036,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[2004/12/14 22:13:04 | 00,081,920 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[2005/05/10 20:50:34 | 00,200,704 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005/05/10 20:07:26 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2004/11/04 18:29:02 | 00,516,096 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe
[2004/11/04 10:21:30 | 00,151,637 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
[2004/12/14 22:17:06 | 00,450,560 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[2004/10/08 08:42:04 | 00,413,696 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[2004/12/14 22:29:52 | 00,057,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008/03/05 22:29:49 | 10,343,712 | ---- | M] (Intuit, Inc.) -- C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax
[2007/10/22 17:56:52 | 03,597,600 | ---- | M] (Intuit, Inc.) -- C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager
[2006/07/16 17:33:36 | 00,626,176 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/10/01 17:57:04 | 14,258,472 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0917447C-477A-4C56-99E5-87186FDEBBEE}" = QuickWrite
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{0DC00F90-E7E7-4B19-959A-0A53032DA52C}" = Documents To Go
"{0E2DAB2F-5A2F-8F65-1006-30E94506B15D}" = Skins
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F6C900-C138-4888-A56C-91D3D063023A}" = HP Update
"{269D9176-CEF5-81BE-D204-B90ACA0ECD79}" = Catalyst Control Center Core Implementation
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2CCBABCB-6427-4A55-B091-49864623C43F}" =
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{393C1150-6EBF-D1DA-BDC2-3E1D1D772B44}" = Catalyst Control Center Graphics Full Existing
"{3C080B57-0D1E-4C73-B03B-68A9EF9F23F3}" =
"{3c1e9fe1 0da3 4eee 851c f4814090e899}}_is1" = SimoHealth 1.0.1
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{57F7C02B-D36E-3F81-239B-FD031984ADFE}" = Catalyst Control Center Graphics Previews Common
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69580770-C77E-67FE-014F-BE02DF5D8A4F}" = ccc-core-preinstall
"{6EACA7EA-CA28-1333-206C-C985F7F22C2F}" = CCC Help English
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{8318FEFD-F467-44D6-82B8-129374BFE9B1}" = Opera 9.62
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8D0049D9-265D-145D-96D7-CD5814DA7092}" = ccc-core-static
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{98F2555F-6749-49BA-949F-FC887831A524}" = Palm Desktop by ACCESS
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{996D8BB8-9B47-46C7-92DC-DCCE64467AB8}" = BlueSoleil
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AD088F72-2C65-4A21-8ACF-CFC2B28F8EE8}" = Text Complete (English)
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BA9A7A5D-5976-3682-826C-CDE03A0DE33D}" = Catalyst Control Center Graphics Full New
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C7793EE8-F666-4E6B-9827-76468679480E}" = Tweakui Powertoy for Windows XP
"{CA74E4E3-FAF1-4F5E-8A77-D89A5C5A02E8}" = GreenPrint
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CBB6F775-E76E-49F7-98D3-1519414B1E4B}" = YouSendIt Express
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{D721F201-E316-0825-7D23-48C16939914F}" = ccc-utility
"{D8320DD6-FE47-41DE-B116-4158B7AE3F37}" = ACDSee for PENTAX 2.0
"{D9A812DA-143D-4780-BEDC-FD6D41386317}" =
"{DC3065BF-95B4-42C5-B47D-0B713CDA75D0}" = Creative Zen Vision M
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E07FEDF6-3E9E-2F4C-3734-15B839CC3CD3}" = Catalyst Control Center Graphics Light
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EBC91840-41E1-4CC3-AC11-0B889546223C}" = Microsoft IntelliPoint 5.5
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB745B2C-E7BA-472E-9523-2B200CF2F500}" = Before You Know It 3.6
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{fe7ccec2-0f76-4921-bc75-caaf255cbbf2}" = DFX for Windows Media Player
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = Multimedia Keyboard Driver
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"98SE_is1" = 98SE
"Abacast Client" = Abacast Client
"AddressBook" =
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"Analyse-it for Excel" = Analyse-it for Microsoft Excel
"Any Video Converter_is1" = Any Video Converter 2.6.5
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"a-squared Free_is1" = a-squared Free 3.1
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"AVGantiRootkit" = AVG Anti-Rootkit Free
"BellsouthHelpCenter4.0b_is1" = FastAccess� DSL Help Center 4.2
"BroadJump Client Foundation" = BroadJump Client Foundation
"Cassini-Huygens screensaver Screensaver" = Cassini-Huygens screensaver Screensaver
"CCleaner" = CCleaner (remove only)
"CheckIt Diagnostics" = CheckIt Diagnostics
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"Connection Manager" =
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Creative File Manager" =
"Creative Jukebox Driver" = Creative Jukebox Driver
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"Creative Zen Touch" =
"DirectAnimation" =
"DirectDrawEx" =
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Folder Lock" = Folder Lock
"Fontcore" =
"GENEUIDE" = USB Storage Driver
"GMailFS" = GMail Drive Shell Extension
"Google Desktop" = Google Desktop
"GoogleVideoPlayer" = Google Video Player
"Handmark Solitaire for Palm OS" = Handmark Solitaire for Palm OS
"Handmark� MobileDB™ for Palm OS" = Handmark� MobileDB™ for Palm OS
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"ICW" =
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE40" =
"IE4Data" =
"IE5BAKEX" =
"ie7" = Windows Internet Explorer 7
"IEData" =
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InstallShield_{CBB6F775-E76E-49F7-98D3-1519414B1E4B}" = YouSendIt Express
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MGI PhotoSuite Mobile Edition" = MGI PhotoSuite Mobile Edition (Remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MobileOptionPack" =
"Mozilla Firefox (3.0.3)" = Mozilla Firefox (3.0.3)
"Mozilla Thunderbird (2.0.0.17)" = Mozilla Thunderbird (2.0.0.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MSNINST" = MSN
"MWSnap 3" = MWSnap 3
"MySharedPhotos Uploader_is1" = MySharedPhotos Uploader 2.6.4
"Nero BurnRights!UninstallKey" = Nero BurnRights
"Nero PhotoShow Express 4" = Nero PhotoShow Express 4
"NetMeeting" =
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OutlookExpress" =
"PCHealth" =
"Picasa2" = Picasa 2
"PictureItPrem_v10" = Microsoft Picture It! Premium 10
"PocketDVDStudio" = Pocket-DVD Studio(remove only)
"powerOne Personal v2.1.1 for Handhelds" = powerOne Personal v2.1.1 for Handhelds
"RealAlt_is1" = Real Alternative 1.46
"SchedulingAgent" =
"Secunia PSI (RC1)" = Secunia PSI (RC1)
"Shareaza_is1" = Shareaza 2.3.1.0
"Shockwave" =
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"StorageSync" = StorageSync Backup Software
"SysInfo" = Creative System Information
"The Ultimate Troubleshooter" = The Ultimate Troubleshooter
"TurboTax Deluxe 2005" = TurboTax Deluxe 2005
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Live Safety Scanner" = Windows Live Safety Scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YouTube Downloader_is1" = YouTube Downloader 2.5
"Zipeg" = Zipeg
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{234B42B9-2110-465A-9247-2E4224724906}" = GreenPrint
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3113870545-3567692883-938910631-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{234B42B9-2110-465A-9247-2E4224724906}" = GreenPrint
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 9/29/2008 7:44:57 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\palmOne\KoczotW\Backup\Bejeweled!.PRC failed,
0000001E.

Error - 9/29/2008 7:46:55 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\palmOne\KoczotW\Backup\psysLaunchDB.PDB failed,
0000A420.

Error - 9/29/2008 7:48:24 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\palmOne\KoczotW0\Backup\Bejeweled!.PRC failed,
0000001E.

Error - 9/29/2008 7:50:23 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\palmOne\KoczotW0\Backup\psysLaunchDB.PDB failed,
0000A420.

Error - 9/29/2008 8:05:22 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\Sony Handheld\KoczotW0\Backup\Bejeweled!.PRC
failed, 0000001E.

Error - 9/29/2008 8:07:19 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\Sony Handheld\KoczotW0\Backup\psysLaunchDB.PDB
failed, 0000A420.

Error - 9/29/2008 8:10:07 AM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\StorageSync\Drive_C\Program Files\Sony Handheld\KoczotW0\BackupOLD\psysLaunchDB.PDB
failed, 0000A420.

Error - 11/1/2008 6:25:07 PM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

Error - 11/8/2008 7:05:14 PM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

Error - 11/14/2008 7:01:58 PM | Computer Name = UPSTAIRS | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

[ Application Events ]
Error - 8/21/2008 8:35:52 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.8.20080.4669, faulting
module firefox.exe, version 1.8.20080.4669, fault address 0x0006c917.

Error - 8/25/2008 10:26:19 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application greenprintview.exe, version 1.0.0.1, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x000429fa.

Error - 9/7/2008 10:22:13 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x00011669.

Error - 9/11/2008 11:04:08 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application spywatchinstaller.exe, version 0.0.0.0, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Error - 9/27/2008 12:37:36 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application ad-aware.exe, version 7.1.0.11, faulting module
ad-aware.exe, version 7.1.0.11, fault address 0x0014b4ec.

Error - 10/23/2008 7:27:07 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application greenprintview.exe, version 1.0.0.1, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x000429fa.

Error - 10/28/2008 7:55:25 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3188, faulting module
npmnqmp071101000055.dll, version 711.1.0.55, fault address 0x000a71b7.

Error - 11/8/2008 3:53:47 PM | Computer Name = UPSTAIRS | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 Professional -- Error 1706. No valid
source could be found for product Microsoft Office 2000 Professional. The Windows
installer cannot continue.

Error - 11/12/2008 12:09:18 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x02dd4028.

Error - 11/12/2008 12:09:45 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

[ System Events ]
Error - 11/13/2008 8:01:07 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7023
Description = The HidServ service terminated with the following error: %%126

Error - 11/13/2008 8:01:14 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PQIMount

Error - 11/13/2008 8:01:28 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7024
Description = The RemoteAccess service terminated with service-specific error 2147500037
(0x80004005).

Error - 11/13/2008 11:22:05 PM | Computer Name = UPSTAIRS | Source = Removable Storage Service | ID = 262255
Description = RSM could not load media in drive Drive 0 of library Memorex DVD+-RAM
525G v1.

Error - 11/14/2008 11:52:39 AM | Computer Name = UPSTAIRS | Source = Print | ID = 23
Description = Printer Microsoft XPS Document Writer failed to initialize because
a suitable Microsoft XPS Document Writer driver could not be found.

Error - 11/14/2008 11:52:45 AM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7000
Description = The BroadJump PPPoE Helper Protocol service failed to start due to
the following error: %%2

Error - 11/14/2008 11:52:45 AM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7023
Description = The HidServ service terminated with the following error: %%126

Error - 11/14/2008 11:52:47 AM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PQIMount

Error - 11/14/2008 11:53:00 AM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7024
Description = The RemoteAccess service terminated with service-specific error 2147500037
(0x80004005).

Error - 11/15/2008 1:25:17 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7034
Description = The BlueSoleil Hid Service service terminated unexpectedly. It has
done this 1 time(s).

< End of report >

THANKS FOR YOUR HELP ON THIS.

Edited by AdvancedSetup, 15 November 2008 - 09:24 PM.
Removed full quoting

#7
Raid

Posted 15 November 2008 - 09:13 PM

Malware Researcher

Experts
1,549 posts

Gender:Male
Location:United States

npmnqmp071101000055.dll

Can you locate and attach this file to the forum please?

#8
AdvancedSetup

Posted 15 November 2008 - 09:22 PM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

You may need to zip it up and upload it here: HJT Log Requested File Upload

If you have trouble uploading there then please try here: UploadNET�

#9
Walt

Posted 17 November 2008 - 02:49 AM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

AdvancedSetup, on Nov 15 2008, 10:22 PM, said:

You may need to zip it up and upload it here: HJT Log Requested File Upload

If you have trouble uploading there then please try here: UploadNET�

I've uploaded the file to UploadNET. Thanks for your help.

#10
Raid

Posted 17 November 2008 - 03:49 AM

Malware Researcher

Experts
1,549 posts

Gender:Male
Location:United States

Walt, on Nov 16 2008, 09:49 PM, said:

I've uploaded the file to UploadNET. Thanks for your help.

Hi There. It's a Trojan.Agent variant, thanks for submitting your sample.
MBAM will have detection for this shortly.

#11
AdvancedSetup

Posted 17 November 2008 - 04:13 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Please update MBAM and do a Quick Scan and fix anything found and reboot.

Run a new HJT scan and post back both logs please.

#12
Walt

Posted 18 November 2008 - 03:46 AM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

AdvancedSetup, on Nov 17 2008, 05:13 AM, said:

Please update MBAM and do a Quick Scan and fix anything found and reboot.

Run a new HJT scan and post back both logs please.

I'm unable to run MBAM as I continue to receive the error code 718 (-2146893798, 0) even after uninstalling and reinstalling the software. Should I just delete the npmnqmp071101000055.dll file? How can I get the 718 error code to go away?

Thanks

#13
AdvancedSetup

Posted 18 November 2008 - 06:46 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Hi Walt,

Yes, if you can please delete that file. Let me know if you're unable to and we can try another tool to assist you.

#14
Walt

Posted 19 November 2008 - 01:49 AM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

AdvancedSetup, on Nov 18 2008, 07:46 AM, said:

Hi Walt,

Yes, if you can please delete that file. Let me know if you're unable to and we can try another tool to assist you.

OK - I deleted the file successfully. Still have the same issues in trying to install Malwarebytes. Any ideas? Thanks for helping me find and remove the bad file.

#15
AdvancedSetup

Posted 19 November 2008 - 02:55 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Well this could be a difficult one to fix Walt. You have a LOT of programs that are failing to start or run based on just a few of the Event Logs shown near the bottom of the OTLIST report.

I'm not sure they're Malware related at all. It could just be from various broken Registry and or file entries.

Let's try this though and see where we get.

Close ALL programs and Click on START - RUN and copy / paste this into the box and click OK.
This will set your hard drive to check the disk and automatically restart your computer for you.

CMD /C ECHO Y|CHKDSK C: /F | SHUTDOWN /R /T 30

Then after the restart click on START - RUN and type in REGEDIT and click OK
Highlight the tree branch named HKEY_CLASSES_ROOT and click on File, Export.
In the drop down box select Registry Hive *.* and save the file as Walt_classes with no extension.

Do the same for these branches
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_CONFIG

Then ZIP them up or use RAR and name it waltsreg.zip

Then click on START - RUN and type in EVENTVWR and click OK
Highlight the Application branch and right click and choose Save Log File As and choose Event Log (*.evt) and save it as waltapplication.evt
Then do the same for Security and System

Then ZIP them up or use RAR and name it waltseventlogs.zip and upload both of the zip files (or put them all in one ZIP) to rapidshare.com and make sure you save the link that Rapidshare gives you as they will not mail it to you and if you lose it you can not get back to the file. Then send me a Private Message with the link to the file and I'll download it and review it and see if I can determine what's else might be going on with your system.

[indent]How To Use Compressed (Zipped) Folders in Windows XP
Compress and uncompress files (zip files) in Vista
[/indent]

#16
Walt

Posted 20 November 2008 - 03:35 AM

New Member

Members
8 posts

Gender:Male
Location:Louisville, KY USA

In trying to copy HKEY_LOCAL_MACHINE & HKEY_USERS I repeatedly got an error message "error writing file - may be disk or file system error" so those are not included

One other thing I wanted to mention, I use a program called "The Ultimate Troubleshooter" which among other things allows you control startups, tasks and services. I've used the services tab to turn program startups from automatic to manual or disable and to keep programs from starting at startup. This may cause a number of the failures to start up.

I appreciate any help you can offer me. While I'm able to keep up my computer by running antivirus and such weekly, the registry has always been intimidating to me.

#17
AdvancedSetup

Posted 20 November 2008 - 04:04 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Thanks Walt. I got the files and I removed the links from your post.

I'll check it out and get back to you.

#18
AdvancedSetup

Posted 20 November 2008 - 08:40 PM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Did not have time to review the data last night but will try to squeeze it in tonight if I can.

#19
AdvancedSetup

Posted 24 November 2008 - 10:36 AM

Forum Deity

Administrators
22,568 posts

Gender:Male
Location:US

Sorry for the Delay Walt but just too many things going on and not enough time in the day.

Okay I loaded up the portions you uploaded but those are of very little help. I really needed the HKLM and HKCU keys of the Registry as those hold all the details. The classes have many COM things but are of little value without the other pieces.

I did notice you're using a program called Folder Lock. It might be a good idea to remove this for now and try to get your system cleaned back up before turning it back on.

Just not enough information here to see what's going on.

I would like you to follow the directions here and we'll proceed as though your system is infected and run some routines to check for an infection.

Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

#20
jtsmith

Posted 09 February 2010 - 07:05 AM

New Member

Members
2 posts

Hi
I am getting the same error code when starting a Malwarebytes scan. Previously I was able to use it though.

I tried to uninstal and re install the program, followed this thread and , here is my hijackthis log. I assume it is better to post in a similar thread.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:09 AM, on 2/9/2010
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\System32\GPhotos.scr/200
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 4265 bytes

The guifan is one I do use, the reason I mention this is other have not recognized it and questioned it's legitimacy

Thanks for the help

Back to General Malwarebytes Anti-Malware Forum · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Malwarebytes

Need Help with Error Code 718 (-2146893798, 0)

#1
Walt

Posted 11 November 2008 - 08:25 PM

#2
AdvancedSetup

Posted 12 November 2008 - 05:31 AM

#3
Walt

Posted 14 November 2008 - 03:02 AM

#4
AdvancedSetup

Posted 14 November 2008 - 05:58 AM

#5
Walt

Posted 15 November 2008 - 05:57 PM

#6
Walt

Posted 15 November 2008 - 06:04 PM

#7
Raid

Posted 15 November 2008 - 09:13 PM

#8
AdvancedSetup

Posted 15 November 2008 - 09:22 PM

#9
Walt

Posted 17 November 2008 - 02:49 AM

#10
Raid

Posted 17 November 2008 - 03:49 AM

#11
AdvancedSetup

Posted 17 November 2008 - 04:13 AM

#12
Walt

Posted 18 November 2008 - 03:46 AM

#13
AdvancedSetup

Posted 18 November 2008 - 06:46 AM

#14
Walt

Posted 19 November 2008 - 01:49 AM

#15
AdvancedSetup

Posted 19 November 2008 - 02:55 AM

#16
Walt

Posted 20 November 2008 - 03:35 AM

#17
AdvancedSetup

Posted 20 November 2008 - 04:04 AM

#18
AdvancedSetup

Posted 20 November 2008 - 08:40 PM

#19
AdvancedSetup

Posted 24 November 2008 - 10:36 AM

#20
jtsmith

Posted 09 February 2010 - 07:05 AM

1 user(s) are reading this topic

Products

About

Partners

Follow Us

Malwarebytes

Need Help with Error Code 718 (-2146893798, 0)

#1 Walt Posted 11 November 2008 - 08:25 PM

#2 AdvancedSetup Posted 12 November 2008 - 05:31 AM

#3 Walt Posted 14 November 2008 - 03:02 AM

#4 AdvancedSetup Posted 14 November 2008 - 05:58 AM

#5 Walt Posted 15 November 2008 - 05:57 PM

#6 Walt Posted 15 November 2008 - 06:04 PM

#7 Raid Posted 15 November 2008 - 09:13 PM

#8 AdvancedSetup Posted 15 November 2008 - 09:22 PM

#9 Walt Posted 17 November 2008 - 02:49 AM

#10 Raid Posted 17 November 2008 - 03:49 AM

#11 AdvancedSetup Posted 17 November 2008 - 04:13 AM

#12 Walt Posted 18 November 2008 - 03:46 AM

#13 AdvancedSetup Posted 18 November 2008 - 06:46 AM

#14 Walt Posted 19 November 2008 - 01:49 AM

#15 AdvancedSetup Posted 19 November 2008 - 02:55 AM

#16 Walt Posted 20 November 2008 - 03:35 AM

#17 AdvancedSetup Posted 20 November 2008 - 04:04 AM

#18 AdvancedSetup Posted 20 November 2008 - 08:40 PM

#19 AdvancedSetup Posted 24 November 2008 - 10:36 AM

#20 jtsmith Posted 09 February 2010 - 07:05 AM

1 user(s) are reading this topic

Products

About

Partners

Follow Us

#1
Walt

Posted 11 November 2008 - 08:25 PM

#2
AdvancedSetup

Posted 12 November 2008 - 05:31 AM

#3
Walt

Posted 14 November 2008 - 03:02 AM

#4
AdvancedSetup

Posted 14 November 2008 - 05:58 AM

#5
Walt

Posted 15 November 2008 - 05:57 PM

#6
Walt

Posted 15 November 2008 - 06:04 PM

#7
Raid

Posted 15 November 2008 - 09:13 PM

#8
AdvancedSetup

Posted 15 November 2008 - 09:22 PM

#9
Walt

Posted 17 November 2008 - 02:49 AM

#10
Raid

Posted 17 November 2008 - 03:49 AM

#11
AdvancedSetup

Posted 17 November 2008 - 04:13 AM

#12
Walt

Posted 18 November 2008 - 03:46 AM

#13
AdvancedSetup

Posted 18 November 2008 - 06:46 AM

#14
Walt

Posted 19 November 2008 - 01:49 AM

#15
AdvancedSetup

Posted 19 November 2008 - 02:55 AM

#16
Walt

Posted 20 November 2008 - 03:35 AM

#17
AdvancedSetup

Posted 20 November 2008 - 04:04 AM

#18
AdvancedSetup

Posted 20 November 2008 - 08:40 PM

#19
AdvancedSetup

Posted 24 November 2008 - 10:36 AM

#20
jtsmith

Posted 09 February 2010 - 07:05 AM