Jump to content


Photo

Java 6 Update 21 Installation Failed


  • This topic is locked This topic is locked
66 replies to this topic

#41 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 06 September 2010 - 10:37 PM

Hey, I was able to locate the files, except for the java_install.log file which did not show up. I've attached the files :blink:

Attached Files



#42 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 06 September 2010 - 10:48 PM

Well the one is an installer and the other is just the updater log. Please try to manually run the installer again and watch and see if you can find the log.

From the command line you can run something like this to force the creation of an install log file: C:\TEMP\ jre-6u21-windows-i586.exe /L C:\java_setup.log

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#43 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 07 September 2010 - 12:50 AM

That worked, here we go

Attached Files



#44 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 07 September 2010 - 03:27 AM

Please see if this folder exists and delete it. C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F83216016FF} it will probably contain a file named sp1033.MST just delete that folder and file.


Then search for 26A24AE4-039D-4CA4-87B4-2F83216016FF in the registry and remove it.

Then try the installer again with the logging enabled.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#45 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 07 September 2010 - 10:41 AM

I could not find that folder and I did a search for sp1033.MST and found nothing. Also I searched the registry for 26A24AE4-039D-4CA4-87B4-2F83216016FF using the find function and found nothing also :blink:

#46 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 07 September 2010 - 12:48 PM

Strange as the log show that it finds it and won't proceed because it too is unable to really locate it. So it appears to have some other reference to that location that is confusing it.
I'll have to keep looking to see what I can find. You might be able to obtain support from Sun about it. http://www.java.com/...oad/support.jsp

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#47 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 07 September 2010 - 02:43 PM

Okay thanks for the constant support. I'll contact Sun also.

#48 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 12 September 2010 - 10:45 AM

Heya AdvancedSetup any luck on your end? :P I've contacted Sun but I've gotten no response ;)

#49 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 12 September 2010 - 10:16 PM

try exporting as a hive your HKLM and HKU branches in the Registry. Then zip them up and upload them to like Rapidshare. Do not post the link here, just send me a PM with the link and I'll take a look at it further.

Also run the following program and post back the log.

download this program OTL.exe to your desktop.
  • Close all applications and windows so that you have nothing open and are at your Desktop
  • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
  • Place a checkmark in the "Scan All Users" checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
  • Click the Run Scan button
  • NOTE: Please be patient and let the scan run without using the computer
  • When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
  • In Notepad, click Edit, Select all then Edit, Copy
  • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
  • Submit your reply and close the Notepad window with OTList.txt
  • Also OTListIt's Extras.txt log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
  • In Notepad, click Edit, Select all then Edit, Copy
  • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
  • NOTE: If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#50 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 13 September 2010 - 12:45 AM

Hey, when I tried exporting those sections as hives it did not work, it gave me this error: Cannot export "file name/location": Error writing the file. There may be a disk or file system error. Though it lets me save seperate entries as hives. I was able to save the sections you requested as .reg files though. Do you still want me to upload them as .reg files or am I doing it wrong? Anyway here are my logs :P

OTL logfile created on: 9/13/2010 1:28:03 AM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 223.00 Mb Available Physical Memory | 44.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 51.93 Gb Free Space | 34.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/13 01:18:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/08/31 12:25:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/11 01:49:07 | 000,061,523 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npkcmsvc.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


========== Modules (SafeList) ==========

MOD - [2010/09/13 01:18:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/25 13:09:00 | 003,416,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/08/11 01:49:07 | 000,061,523 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\npkcmsvc.exe -- (npkcmsvc)
SRV - [2004/03/31 17:55:00 | 000,172,544 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\npkcsvc.exe -- (npkcsvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\scsk4.sys -- (scsk4)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/07/11 16:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/07/11 11:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/07/11 11:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2006/12/12 11:07:44 | 000,025,409 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npkcrypt.sys -- (npkcrypt)
DRV - [2005/03/22 23:00:57 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/04 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/21 17:45:25 | 000,009,856 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2004/06/08 18:13:49 | 000,003,968 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2004/06/01 05:02:00 | 000,006,016 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atiide.sys -- (atiide)
DRV - [2004/05/12 02:01:18 | 000,097,408 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2004/03/25 04:04:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/03/25 04:04:00 | 000,098,650 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/03/25 04:04:00 | 000,085,978 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/03/25 04:04:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/03/25 04:04:00 | 000,025,691 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/03/25 04:04:00 | 000,014,235 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/03/25 04:04:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/03/25 04:04:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/03/25 04:04:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/02/27 05:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/02/13 06:21:00 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/01/14 22:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/01/14 22:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2003/10/27 16:59:00 | 000,013,842 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2003/10/14 23:28:16 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2003/09/19 04:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2002/12/17 14:41:36 | 000,042,368 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sys.us.shuttle.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sys.us.shuttle.com

IE - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/27 17:12:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/27 17:12:22 | 000,000,000 | ---D | M]

[2008/10/25 00:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2008/10/25 00:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ddqu81zm.default\extensions
[2010/08/16 19:09:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/08/31 13:45:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\PrxerNsp.dll ( )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/02/22 16:18:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/13 01:18:06 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/09/07 01:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun
[2010/09/07 01:42:51 | 000,000,000 | ---D | C] -- C:\Temp
[2010/09/04 02:00:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/09/04 02:00:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/04 01:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/01 17:19:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/01 17:13:28 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/09/01 17:13:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/09/01 17:13:21 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2010/09/01 17:13:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/09/01 17:13:09 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/09/01 17:13:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/09/01 17:13:08 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/09/01 17:13:08 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/09/01 17:13:08 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/09/01 17:13:08 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/09/01 17:13:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/09/01 17:13:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/09/01 17:13:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/09/01 17:13:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/09/01 17:13:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/09/01 17:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/09/01 17:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/09/01 17:13:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/09/01 17:13:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/09/01 17:13:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/09/01 17:13:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/09/01 17:13:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/09/01 17:13:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/09/01 17:13:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/09/01 17:13:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/09/01 17:13:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/09/01 17:13:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/09/01 17:13:04 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/09/01 17:13:04 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/09/01 17:13:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/09/01 17:13:04 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/09/01 17:13:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/09/01 17:13:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/09/01 17:13:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/09/01 17:13:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/09/01 17:13:03 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/09/01 17:13:03 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/09/01 17:13:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/09/01 17:13:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/09/01 17:13:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/09/01 17:13:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/09/01 17:13:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/09/01 17:13:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/09/01 17:13:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/09/01 17:13:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/09/01 17:13:01 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/09/01 17:13:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/09/01 17:13:01 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/09/01 17:13:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/09/01 17:13:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/09/01 17:12:59 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/09/01 17:12:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/01 17:12:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/09/01 17:12:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/01 17:12:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/01 17:12:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/01 17:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/01 17:10:03 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010/09/01 17:07:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/09/01 17:07:22 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/09/01 17:07:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/09/01 17:07:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/09/01 17:07:18 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/09/01 17:03:59 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/09/01 17:01:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/01 17:01:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/09/01 16:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Dial-a-fix-v0.60.0.24
[2010/09/01 12:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/31 21:00:39 | 331,805,736 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2010/08/31 20:02:39 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/08/31 20:02:26 | 001,185,128 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Owner\Desktop\ccsetup235_slim.exe
[2010/08/31 13:51:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/30 13:59:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Avira
[2010/08/29 23:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Aug 29
[2010/08/29 12:14:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/29 12:12:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/08/29 12:12:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/08/29 12:12:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/08/29 12:12:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/29 12:11:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/27 21:55:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/08/27 21:55:51 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/08/27 21:55:51 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/08/27 21:55:51 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/08/27 21:55:51 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/08/27 21:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/08/27 21:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/08/27 19:30:13 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW.exe
[2010/08/27 19:29:14 | 000,703,352 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\autoruns.exe
[2010/08/27 16:36:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/08/27 16:35:26 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2010/08/26 18:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\JavaRa
[2010/08/26 15:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/25 20:48:37 | 000,000,000 | ---D | C] -- C:\ERDNT
[2010/08/25 20:47:16 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\Desktop\WinsockxpFix.exe
[2010/08/25 14:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\new tools
[2010/08/24 19:51:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/24 19:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Threat Expert
[2010/08/22 17:15:44 | 073,891,792 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\setup_9.0.0.722_22.08.2010_19-47.exe
[2010/08/22 17:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Virus Removal Tool1
[2010/08/22 17:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Virus Removal Tool
[2010/08/19 20:21:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/08/19 20:12:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/17 00:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/08/17 00:06:48 | 000,000,000 | ---D | C] -- C:\ClamWinPortable
[2010/08/16 19:05:37 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymDS.sys
[2010/08/16 19:05:37 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymEFA.sys
[2010/08/16 19:05:37 | 000,116,272 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\Ironx86.sys
[2010/08/16 19:05:35 | 000,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\cchpx86.sys
[2010/08/16 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/08/16 19:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/08/16 19:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/08/16 13:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/08/16 13:52:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/16 13:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/16 13:52:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/16 13:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/16 00:28:07 | 036,598,544 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdsetup 3.exe
[2010/08/16 00:16:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\@backup.vpn_client.co
[2010/08/16 00:01:43 | 036,317,320 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdsetup 2.exe
[2010/08/15 23:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:19:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:15:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:02:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\@backup.vpn_client.co
[2008/09/13 02:13:11 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\PrxerNsp.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/13 01:18:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/09/07 15:45:47 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pangya.lnk
[2010/09/07 15:45:46 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Albatross18_S3_Beta.lnk
[2010/09/07 15:45:46 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Albatross18.lnk
[2010/09/07 15:45:46 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Proxifier.lnk
[2010/09/07 15:45:45 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2010/09/07 15:45:45 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mabinogi.lnk
[2010/09/07 15:45:44 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PangYa Season4.lnk
[2010/09/07 15:45:43 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PangYa S3 Beta.lnk
[2010/09/07 15:45:43 | 000,001,488 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WINAMP.LNK
[2010/09/07 15:45:42 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DVD Decrypter.lnk
[2010/09/07 15:45:41 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneDVD2.lnk
[2010/09/07 15:45:38 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quake III Arena.lnk
[2010/09/06 11:03:32 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW.exe
[2010/09/04 01:58:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/04 01:55:28 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/04 01:45:07 | 003,835,232 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/09/03 11:50:19 | 000,107,574 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\error 2.JPG
[2010/09/03 11:48:46 | 000,145,422 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\error 1.JPG
[2010/09/01 20:26:31 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2010/09/01 17:21:03 | 000,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/01 17:21:03 | 000,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/01 17:21:02 | 000,458,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/01 17:20:19 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/01 17:20:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/01 17:20:12 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/01 17:19:37 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/01 17:18:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 17:18:40 | 000,160,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/01 17:17:20 | 004,718,592 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/09/01 17:17:20 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/09/01 17:06:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/01 16:54:16 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/01 16:54:16 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/01 12:18:41 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/09/01 12:18:41 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/09/01 12:08:21 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2010/08/31 21:00:39 | 331,805,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2010/08/31 20:04:22 | 000,335,992 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Dial-a-fix-v0.60.0.24.zip
[2010/08/31 20:02:48 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/08/31 20:02:26 | 001,185,128 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Owner\Desktop\ccsetup235_slim.exe
[2010/08/31 13:55:03 | 000,156,329 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\JavaRa.zip
[2010/08/31 13:51:21 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/31 13:45:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/30 12:01:27 | 000,003,119 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2010/08/30 11:57:36 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2010/08/30 11:56:54 | 000,065,368 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AutoRuns.zip
[2010/08/30 11:56:26 | 001,647,360 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AutoRuns.arn
[2010/08/30 11:52:42 | 000,703,352 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\autoruns.exe
[2010/08/29 12:14:45 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/29 11:45:45 | 003,830,790 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.com
[2010/08/27 21:56:04 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/08/27 21:39:19 | 006,951,930 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/08/27 19:41:26 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\avira_antivir_personal_en.exe
[2010/08/27 19:28:36 | 000,179,264 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\restoredefaultperms.exe
[2010/08/27 17:12:24 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/27 17:12:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/27 16:35:36 | 000,520,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2010/08/27 15:45:56 | 000,100,908 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SystemLook.exe
[2010/08/25 20:50:04 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\Desktop\WinsockxpFix.exe
[2010/08/25 16:49:28 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/24 19:56:45 | 000,004,696 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/22 13:49:46 | 073,891,792 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\setup_9.0.0.722_22.08.2010_19-47.exe
[2010/08/17 00:12:19 | 000,002,047 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Win 32. Backdoor . Poison Ivy Removal Tool.lnk
[2010/08/16 00:32:36 | 036,598,544 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdsetup 3.exe
[2010/08/15 23:56:10 | 036,317,320 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdsetup 2.exe
[2010/08/15 15:30:54 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Current.prx
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/04 01:45:08 | 003,835,232 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/09/03 11:50:19 | 000,107,574 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\error 2.JPG
[2010/09/03 11:48:46 | 000,145,422 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\error 1.JPG
[2010/09/01 17:13:25 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/09/01 17:13:25 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010/09/01 17:13:25 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010/09/01 17:13:25 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/09/01 17:13:25 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/09/01 17:13:25 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/09/01 17:13:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/09/01 17:13:24 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/09/01 17:13:24 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/09/01 17:13:24 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/09/01 17:13:24 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/09/01 17:13:24 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/09/01 17:13:24 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/09/01 17:13:24 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/09/01 17:13:24 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/09/01 17:13:24 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/09/01 17:13:24 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010/09/01 17:13:23 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/09/01 17:13:23 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/09/01 17:13:23 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/09/01 17:13:23 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/09/01 17:13:23 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/09/01 17:13:23 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/09/01 17:13:23 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/09/01 17:13:23 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/09/01 17:13:23 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/09/01 17:13:23 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/09/01 17:13:23 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/09/01 17:13:23 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/09/01 17:13:23 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/09/01 17:13:23 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/09/01 17:13:23 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/09/01 17:13:23 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/09/01 17:13:23 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/09/01 17:13:23 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/09/01 17:13:23 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/09/01 17:13:22 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/09/01 17:13:22 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/09/01 17:13:22 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/09/01 17:13:22 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010/09/01 17:13:22 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/09/01 17:13:22 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/09/01 17:13:22 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010/09/01 17:13:22 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010/09/01 17:13:22 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010/09/01 17:13:22 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010/09/01 17:13:22 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010/09/01 17:13:22 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/09/01 17:13:22 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/09/01 17:13:22 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/09/01 17:13:22 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/09/01 17:13:22 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010/09/01 17:13:22 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/09/01 17:13:22 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010/09/01 17:13:22 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010/09/01 17:13:22 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010/09/01 17:13:22 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/09/01 17:13:22 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010/09/01 17:13:22 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010/09/01 17:13:22 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010/09/01 17:13:22 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010/09/01 17:13:22 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010/09/01 17:13:22 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010/09/01 17:13:21 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/09/01 17:13:21 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/09/01 17:13:21 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/09/01 17:13:21 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/09/01 17:13:21 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/09/01 17:13:20 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/09/01 17:13:20 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/09/01 17:13:20 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/09/01 17:13:20 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/09/01 17:13:20 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/09/01 17:13:19 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010/09/01 17:13:19 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/09/01 17:13:19 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/09/01 17:13:19 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/09/01 17:13:19 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/09/01 17:13:19 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/09/01 17:13:19 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/09/01 17:13:19 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/09/01 17:13:19 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/09/01 17:07:23 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/09/01 17:07:22 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/09/01 17:07:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/09/01 12:18:41 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/09/01 12:18:41 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/08/31 20:04:16 | 000,335,992 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Dial-a-fix-v0.60.0.24.zip
[2010/08/30 12:01:27 | 000,003,119 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Attach.zip
[2010/08/30 11:56:54 | 000,065,368 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AutoRuns.zip
[2010/08/30 11:56:25 | 001,647,360 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AutoRuns.arn
[2010/08/29 12:14:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/08/29 12:14:43 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/29 12:12:23 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/29 12:12:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/29 12:12:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/29 12:12:23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/29 12:12:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/29 11:45:45 | 003,830,790 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.com
[2010/08/27 21:56:04 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/08/27 19:41:26 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\avira_antivir_personal_en.exe
[2010/08/27 19:29:38 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2010/08/27 19:28:34 | 000,179,264 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\restoredefaultperms.exe
[2010/08/27 15:45:56 | 000,100,908 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SystemLook.exe
[2010/08/26 18:08:26 | 000,156,329 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\JavaRa.zip
[2010/08/25 20:37:37 | 000,008,345 | ---- | C] () -- C:\Documents and Settings\Owner\reset.log
[2010/08/17 00:12:19 | 000,002,047 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Win 32. Backdoor . Poison Ivy Removal Tool.lnk
[2010/08/17 00:09:09 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2010/08/16 13:52:08 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/06 12:08:47 | 000,000,520 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/07/05 02:17:05 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2008/12/25 13:51:38 | 000,000,038 | -H-- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Thumbs.db
[2008/09/13 02:13:16 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Current.prx
[2007/08/11 05:23:07 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\INIvbank50.dll
[2007/08/11 05:23:04 | 000,521,726 | ---- | C] () -- C:\WINDOWS\System32\INIKeyLink50.dll
[2007/08/11 05:22:59 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\INInet52.dll
[2007/08/11 05:22:58 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\INImain50.dll
[2007/08/11 01:02:34 | 000,708,096 | ---- | C] () -- C:\WINDOWS\System32\INIcrypto20.dll
[2007/08/11 01:02:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\certstore.dll
[2007/08/11 01:02:15 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ISP_crgen.dll
[2007/08/11 01:02:11 | 002,904,064 | ---- | C] () -- C:\WINDOWS\System32\KvpVcmd.dll
[2006/10/08 23:53:05 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006/07/24 10:26:34 | 000,856,064 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/07/24 10:26:34 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/07/04 03:06:17 | 000,012,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2006/05/22 20:08:20 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/25 15:00:40 | 000,002,467 | ---- | C] () -- C:\WINDOWS\System32\nps_kor.ini
[2006/04/06 15:22:56 | 000,003,178 | ---- | C] () -- C:\WINDOWS\System32\nps_eng.ini
[2006/04/05 15:18:18 | 000,003,117 | ---- | C] () -- C:\WINDOWS\System32\nps_jpn.ini
[2006/03/14 22:54:50 | 000,000,338 | ---- | C] () -- C:\WINDOWS\d3xp.ini
[2006/03/14 22:23:04 | 000,000,331 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2006/03/05 21:42:50 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/03/05 21:42:34 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/02/25 17:35:37 | 000,000,810 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2006/02/25 17:07:38 | 000,000,948 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2005/11/08 16:59:00 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\INICRYPTOSDK.dll
[2005/09/06 19:03:14 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2005/07/18 16:51:14 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\INInet50.dll
[2005/06/30 14:44:12 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\KvpUpCom.dll
[2005/04/11 19:52:17 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/04/11 19:52:17 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/04/11 19:52:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/04/11 19:52:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/04/11 19:52:17 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/04/11 19:52:17 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/04/11 19:51:09 | 000,000,430 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/02/22 17:07:34 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/02/22 16:21:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/04 18:55:05 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/06/24 03:41:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/11/05 15:44:51 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[1997/06/13 00:00:00 | 001,690,896 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1997/06/13 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/06/13 00:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1997/06/13 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Files - Unicode (All) ==========
[2010/09/07 15:45:45 | 000,001,710 | ---- | M] ()(C:\Documents and Settings\All Users\Desktop\????.lnk) -- C:\Documents and Settings\All Users\Desktop\????.lnk
[2010/08/17 00:57:26 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/17 00:57:26 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:55:32 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:55:32 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:50:59 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:50:59 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:46:31 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:46:31 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:45:00 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:45:00 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:40:15 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:40:15 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:37:36 | 000,000,000 | ---D | M](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:37:36 | 000,000,000 | ---D | C](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:33:04 | 000,000,000 | ---D | M](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:33:04 | 000,000,000 | ---D | C](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:31:03 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:31:03 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:29:48 | 000,000,000 | ---D | M](C:\WINDOWS\System32\T?T?@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:29:48 | 000,000,000 | ---D | C](C:\WINDOWS\System32\T?T?@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:27:17 | 000,000,000 | ---D | M](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:27:17 | 000,000,000 | ---D | C](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:25:17 | 000,000,000 | ---D | M](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:25:17 | 000,000,000 | ---D | C](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:23:46 | 000,000,000 | ---D | M](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:23:46 | 000,000,000 | ---D | C](C:\WINDOWS\System32\????@backup.vpn_client.co) -- C:\WINDOWS\System32\????@backup.vpn_client.co
[2010/08/16 00:22:45 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:22:45 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:17:11 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:17:11 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:13:29 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:13:29 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:09:57 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:09:57 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:08:27 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/16 00:08:27 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:51:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:51:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:50:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:50:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:46:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:46:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:44:01 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:44:01 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:42:31 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:42:31 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:25:04 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:25:04 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:20:21 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:20:21 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:12:26 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:12:26 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:09:33 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:09:33 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:08:02 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2010/08/15 23:08:02 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??@backup.vpn_client.co) -- C:\WINDOWS\System32\??@backup.vpn_client.co
[2007/08/10 23:42:31 | 000,001,710 | ---- | C] ()(C:\Documents and Settings\All Users\Desktop\????.lnk) -- C:\Documents and Settings\All Users\Desktop\????.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >



OTL Extras logfile created on: 9/13/2010 1:28:03 AM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 223.00 Mb Available Physical Memory | 44.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 51.93 Gb Free Space | 34.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" File not found
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" File not found
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}" = DOOM 3: Resurrection of Evil
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44B3522B-195C-488D-84AC-9526FA99CB73}" = Motorola Handset USB Driver
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{50C94E8B-D6DC-4B61-A948-B84B08D40496}" = RagnarokOnline
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = B44Inst
"{584267B8-0BB0-4D18-9FFA-726576619E9A}" = Doom 3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{79F7B3A3-5EEC-47A5-8668-84DF6189CB3D}" = RagnarokOnline-Sakray
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Deluxe
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A70700000002}" = Adobe Reader 7.0.7
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{DA7F8DA4-FDC6-4491-88EE-C03798D373EF}" = Emil Chronicle Online
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F26E2781-2E22-4485-A33A-6F3E322A3F2D}" = PacketiX VPN Client (English)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 5.5" = Adobe Photoshop 5.5
"Advanced Tools" = Advanced Tools
"Albatross18" = Albatross18 (OGPlanet)
"Albatross18_S3_Beta" = Albatross18_S3_Beta (OGPlanet)
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent 5.0.7
"BlackBerry_{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"INFovine" = UBIKey ?????????? ?????
"kdefense" = K-Defense8 Control - ??????????
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.72 Basic
"KSignAccessToolkit" = KSignAccessToolkit v1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"npkcxp" = nProtect KeyCrypt
"npnv4" = nProtect Netizen(remove only)
"PangYa" = Pangya (Ntreev USA)
"PangYa_Cb_Jp" = PangYa_Cb_Jp (NtreevSoft)
"Pangya_Jp" = Pangya_Jp (NtreevSoft)
"Persona" = Hybrid Downloader 1,0,2,6
"PPTView97" = Microsoft PowerPoint Viewer 97
"Proxifier_is1" = Proxifier version 2.7
"Quake III Arena" = Quake III Arena
"Quake III Arena Point Release 1.31" = Quake III Arena Point Release 1.31
"Quake2UninstallKey" = Quake II
"SoftcampSCSK" = SoftCamp Secure KeyStroke 4.0
"Starcraft" = Starcraft
"Steam App 220" = Half-Life 2
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 3483" = Peggle Extreme
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"TricksterEng" = TricksterEng
"Winamp" = Winamp (remove only)
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/25/2010 2:30:50 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 2:48:18 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 4:44:55 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 4:50:57 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 5:06:08 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 8:12:22 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 8:22:01 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 8:26:46 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/25/2010 8:34:42 PM | Computer Name = OWNER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 8/29/2010 11:24:29 AM | Computer Name = OWNER | Source = pctsSvc.exe | ID = 0
Description =

[ System Events ]
Error - 9/3/2010 11:48:14 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:14 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:14 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 9/3/2010 11:48:15 AM | Computer Name = OWNER | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126


< End of report >

#51 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 13 September 2010 - 03:35 AM

My fault. Save the following as hive files. Then zip and upload to rapidshare and send me a private message with the link to the files.

HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE


Make sure you zip them as they'll be quite large. Mine is 11MB even zipped.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#52 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 13 September 2010 - 06:23 AM

Okay done ;) Oh I could save current user and all of its sub folders as one file but I couldnt do the same for local machine so I saved the subfolders seperatelty.

#53 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 14 September 2010 - 12:59 AM

Sorry just not enough time to review all of this tonight. Will try to take a look at it again for you tomorrow

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#54 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 14 September 2010 - 06:10 AM

No problem, take your time :lol: Oh and I found this install log for one of my install attempts. It wasn't there before for some reason, it's different from the forced log we made so this might help.

Attached Files



#55 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 14 September 2010 - 09:05 PM

So far nothing spectacular in the registry and that log file doesn't make too much sense as it just stops from what looks like it could not find an approval or not for adding in some other sponsored software. Still looking.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#56 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 15 September 2010 - 06:19 AM

Oh I see, thats weird :) thanks for all the effort :)

#57 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 20 September 2010 - 10:49 AM

Have any luck so far? :) Should I see if I can find an older version of Java to install? Or is there an alternative to Java?

#58 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 20 September 2010 - 08:10 PM

No, nothing yet. Unfortunately not able to find any direct similar issue posted about it either.

You might try running the SFC System File Checker and see if that helps

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#59 LuckyCat

LuckyCat

    Regular Member

  • Honorary Members
  • PipPip
  • 59 posts

Posted 20 September 2010 - 10:11 PM

Hmm I see. What's SFC and how do I use it? Also what are your thoughts on the Revo Uninstaller program? It seems like this person here:
http://www.computing...ing/186709.html
had the same issue I did and this was the only thing that worked, should I give it a try?

#60 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,030 posts
  • Gender:Male
  • Location:US

Posted 20 September 2010 - 10:14 PM

Certainly no harm in trying it. Its a reasonably well known uninstaller.

This link here discusses SFC in more detail
http://www.bleepingc...topic43051.html

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users