Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
      
2 Pages V   1 2 >  
 Closed TopicStart new topic
System running at 65-80% all the time with Teatime or Firefox maxing o, Image Name System
colbyclay
post Aug 29 2008, 05:28 PM
Post #1


Member
**
Posts: 22
OS: XP
Hi all,
I guess I had this in the wrong forum...

My XP system is running REALLY SLOW all of a sudden. I have run Ad-Aware, and Spybot and nothing has come up. I followed all the advice in the FAQ so now I come to you. Is there something amiss with my registry? Also, I tried to delete AVG but am getting hung up trying to run in safemode, XP freezes on me. That is secondary though to my performance issue. Thanks for any help you can provide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:39:32 PM, on 8/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
h:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ThreatFire] h:\Program Files\ThreatFire\TFTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Creative Detector] E:\creative\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: ERUNT AutoBackup.lnk = H:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {EA5276F1-F0E5-11D2-8CB7-00105AA1B80E} (PASSPORT Document) - http://passportvm.accd.edu/pecadmin/eclient/Passweb.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ThreatFire - PC Tools - h:\Program Files\ThreatFire\TFService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6777 bytes


Here is my mbam-log

Malwarebytes' Anti-Malware 1.25
Database version: 1093
Windows 5.1.2600 Service Pack 2

4:38:47 PM 8/29/2008
mbam-log-08-29-2008 (16-38-47).txt

Scan type: Quick Scan
Objects scanned: 42299
Time elapsed: 4 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Go to the top of the page
 
+Quote Post
sage5
post Sep 5 2008, 04:19 PM
Post #2


Trusted Helper
Group Icon
Posts: 2,026
From: NE Victoria, Australia
OS: WinXp SP3
Hi colbyclay,

Welcome to Geeks To Go,

I'm sorry that we haven't got to you until now, but the forum can get hectic at times.

I am sage5 and I will be helping you with this problem.

First I need you to download the following tools & save them to your Desktop.
OTViewIt


Run OTViewIt:
  • Close all open windows and double click the OTViewIt_beta icon on your Desktop
  • Tick the Scan all Users box, but leave the Use Whitelist un-ticked.
  • Click the Run Scan button and let the program run uninterrupted.
  • It will produce two logs for you. OTViewIt.txt will open automatically. The other one will be saved on your desktop as Extras.txt
  • I will need you to post both those logs here.

NOTE: These can be large files, and there is a limit to the number of characters that can be posted at once on this forum.
It may require you to make 2 posts, to get all the information to me


Cheers,

sage5
Go to the top of the page
 
+Quote Post
colbyclay
post Sep 5 2008, 06:54 PM
Post #3


Member
**
Posts: 22
OS: XP
Hi Sage5! Thanks in advance for any help you can give me. Here is the OTViewIt.Txt information:

OTViewIt logfile created on: 9/5/2008 7:48:05 PM - Run 2
OTViewIt by OldTimer - Version 1.0.2.1 beta Folder = C:\Documents and Settings\Skrunt\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.41 Mb Total Physical Memory | 659.25 Mb Available Physical Memory | 64.48% Memory free
3.88 Gb Paging File | 3.63 Gb Available in Paging File | 93.61% Paging File free
Paging file location(s): G:\pagefile.sys 3048 3048;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20.00 Gb Total Space | 8.83 Gb Free Space | 44.17% Space Free | Partition Type: NTFS
Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 10.00 Gb Total Space | 9.38 Gb Free Space | 93.83% Space Free | Partition Type: NTFS
Drive F: | 263.67 Gb Total Space | 223.71 Gb Free Space | 84.85% Space Free | Partition Type: NTFS
Drive G: | 4.41 Gb Total Space | 1.40 Gb Free Space | 31.83% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HAL
Current User Name: Skrunt
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: Off

===== Processes - Non-Microsoft Only =====

[06/23/2008 09:40 AM | 00,611,664 | ---- | M] (Lavasoft) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[11/14/2006 05:21 PM | 16,270,848 | ---- | M] (Realtek Semiconductor Corp.) - C:\WINDOWS\RTHDCPL.exe
[06/10/2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[04/19/2007 01:26 PM | 00,484,904 | ---- | M] (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[12/02/2004 07:23 PM | 00,102,400 | ---- | M] (Creative Technology Ltd) - E:\creative\Detector\CTDetect.exe
[08/18/2008 06:41 PM | 01,832,272 | RHS- | M] (Safer Networking Limited) - E:\Spybot - Search & Destroy\TeaTimer.exe
[12/09/2005 06:17 PM | 00,118,784 | ---- | M] (Nikon Corporation) - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[07/04/2008 06:52 AM | 00,231,192 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\Program Files\AVG\AVG8\avgwdsvc.exe
[12/13/1999 02:01 AM | 00,044,032 | ---- | M] (Creative Technology Ltd) - C:\WINDOWS\system32\CTSVCCDA.EXE
[11/23/2005 07:58 AM | 00,765,952 | ---- | M] (Diskeeper Corporation) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[04/19/2007 01:35 PM | 00,075,304 | ---- | M] (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[12/05/2007 02:41 AM | 00,155,716 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe
[01/04/2007 04:38 PM | 00,024,652 | ---- | M] (Viewpoint Corporation) - C:\Program Files\Viewpoint\Common\ViewpointService.exe
[10/06/2006 12:09 PM | 00,192,512 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxsrvc.exe
[09/05/2008 07:41 PM | 01,305,600 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\Skrunt\Desktop\OTViewIt_beta.exe

===== Win32 Services - Non-Microsoft Only =====

[06/23/2008 09:40 AM | 00,611,664 | ---- | M] (Lavasoft) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (aawservice [Auto | Running])
[07/04/2008 06:52 AM | 00,231,192 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\Program Files\AVG\AVG8\avgwdsvc.exe (avg8wd [Auto | Running])
[12/13/1999 02:01 AM | 00,044,032 | ---- | M] (Creative Technology Ltd) - C:\WINDOWS\system32\CTSVCCDA.EXE (Creative Service for CDROM Access [Auto | Running])
[11/23/2005 07:58 AM | 00,765,952 | ---- | M] (Diskeeper Corporation) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper [Auto | Running])
[08/03/2004 08:07 PM | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\dmadmin.exe (dmadmin [On_Demand | Stopped])
[04/14/2008 10:31 PM | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service [On_Demand | Stopped])
[04/04/2005 12:41 AM | 00,069,632 | ---- | M] (Macrovision Corporation) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT [On_Demand | Stopped])
[04/19/2007 01:35 PM | 00,075,304 | ---- | M] (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService [Auto | Running])
[12/05/2007 02:41 AM | 00,155,716 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe (NVSvc [Auto | Running])
File not found - h:\Program Files\ThreatFire\TFService.exe (ThreatFire [Auto | Stopped])
[01/04/2007 04:38 PM | 00,024,652 | ---- | M] (Viewpoint Corporation) - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Manager Service [Auto | Running])

===== Driver Services - Non-Microsoft Only =====

File not found - C:\DOCUME~1\Skrunt\LOCALS~1\Temp\Amsmpu4p.sys (Amsmpu4p [On_Demand | Stopped])
[07/04/2008 06:52 AM | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\system32\drivers\avgldx86.sys (AvgLdx86 [System | Stopped])
[07/04/2008 06:52 AM | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\system32\drivers\avgmfx86.sys (AvgMfx86 [System | Running])
[08/03/2004 08:07 PM | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmboot.sys (dmboot [Disabled | Stopped])
[08/03/2004 08:07 PM | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmio.sys (dmio [Boot | Running])
[08/03/2004 08:07 PM | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\drivers\dmload.sys (dmload [Boot | Running])
[12/20/2005 07:23 PM | 00,023,872 | ---- | M] (Your Corporation) - C:\Program Files\LiveUpdate\FXDrv32.sys (FXDrv32 [On_Demand | Stopped])
[01/07/2005 05:07 PM | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) - C:\WINDOWS\system32\drivers\Hdaudbus.sys (HDAudBus [On_Demand | Running])
[10/06/2006 02:24 PM | 01,181,824 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\igxpmp32.sys (ialm [On_Demand | Stopped])
[11/15/2006 02:34 PM | 04,225,920 | ---- | M] (Realtek Semiconductor Corp.) - C:\WINDOWS\system32\drivers\RtkHDAud.Sys (IntcAzAudAddService [On_Demand | Running])
[01/19/2006 03:01 AM | 00,017,280 | ---- | M] (Creative Technology Ltd.) - C:\WINDOWS\system32\drivers\ctpdusb.sys (Jukebox3 [On_Demand | Stopped])
[08/02/2006 11:45 AM | 00,114,560 | ---- | M] (Mars Semiconductor Corp.) - C:\WINDOWS\system32\drivers\mr7910.sys (mr7910 [On_Demand | Stopped])
[12/05/2007 02:41 AM | 07,435,392 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\drivers\nv4_mini.sys (nv [On_Demand | Running])
[06/19/2008 05:24 PM | 00,028,544 | ---- | M] (Panda Security, S.L.) - C:\WINDOWS\system32\drivers\pavboot.sys (pavboot [Boot | Running])
[05/23/2006 04:00 PM | 00,010,368 | ---- | M] (Padus, Inc.) - C:\WINDOWS\system32\drivers\pfc.sys (pfc [On_Demand | Running])
[08/03/2004 08:07 PM | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) - C:\WINDOWS\system32\drivers\ptilink.sys (Ptilink [On_Demand | Running])
[11/13/2007 05:25 AM | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) - C:\WINDOWS\system32\drivers\secdrv.sys (Secdrv [Auto | Running])
[04/24/2008 04:52 PM | 00,051,520 | ---- | M] (PC Tools) - C:\WINDOWS\system32\drivers\TfFsMon.sys (TfFsMon [Boot | Running])
[04/24/2008 04:52 PM | 00,033,088 | ---- | M] (PC Tools) - C:\WINDOWS\system32\drivers\TfNetMon.sys (TfNetMon [On_Demand | Stopped])
[04/24/2008 04:52 PM | 00,038,208 | ---- | M] (PC Tools) - C:\WINDOWS\system32\drivers\TfSysMon.sys (TfSysMon [Boot | Running])
[03/15/2006 08:51 AM | 00,244,608 | ---- | M] (Marvell) - C:\WINDOWS\system32\drivers\yk51x86.sys (yukonwxp [On_Demand | Running])

========== Run Keys ==========

[05/03/2005 06:43 PM | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.) - ALCMTR.EXE ("Alcmtr" HKLM:Run)
File not found - C:\PROGRA~1\AVG\AVG8\avgtray.exe ("AVG8_TRAY" HKLM:Run)
[11/22/2005 05:38 PM | 00,221,184 | ---- | M] (Diskeeper Corporation) - "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" ("DiskeeperSystray" HKLM:Run)
[10/06/2006 12:13 PM | 00,114,688 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\hkcmd.exe ("HotKeysCmds" HKLM:Run)
[10/06/2006 12:11 PM | 00,098,304 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxtray.exe ("IgfxTray" HKLM:Run)
[12/05/2007 02:41 AM | 08,523,776 | ---- | M] (NVIDIA Corporation) - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup ("NvCplDaemon" HKLM:Run)
[12/05/2007 02:41 AM | 00,081,920 | ---- | M] (NVIDIA Corporation) - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit ("NvMediaCenter" HKLM:Run)
[12/05/2007 02:41 AM | 01,626,112 | ---- | M] () - nwiz.exe /install ("nwiz" HKLM:Run)
[10/06/2006 12:10 PM | 00,094,208 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxpers.exe ("Persistence" HKLM:Run)
[11/14/2006 05:21 PM | 16,270,848 | ---- | M] (Realtek Semiconductor Corp.) - RTHDCPL.EXE ("RTHDCPL" HKLM:Run)
[05/16/2006 06:04 PM | 02,879,488 | ---- | M] (Realtek Semiconductor Corp.) - SkyTel.EXE ("SkyTel" HKLM:Run)
[06/10/2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) - "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" ("SunJavaUpdateSched" HKLM:Run)
File not found - h:\Program Files\ThreatFire\TFTray.exe ("ThreatFire" HKLM:Run)
[12/02/2004 07:23 PM | 00,102,400 | ---- | M] (Creative Technology Ltd) - E:\creative\Detector\CTDetect.exe /R ("Creative Detector" HKCU:Run)
[04/19/2007 01:26 PM | 00,484,904 | ---- | M] (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden ("LightScribe Control Panel" HKCU:Run)
[08/18/2008 06:41 PM | 01,832,272 | RHS- | M] (Safer Networking Limited) - E:\Spybot - Search & Destroy\TeaTimer.exe ("SpybotSD TeaTimer" HKCU:Run)
[12/02/2004 07:23 PM | 00,102,400 | ---- | M] (Creative Technology Ltd) - E:\creative\Detector\CTDetect.exe /R ("Creative Detector" HKU\S-1-5-21-57989841-1220945662-839522115-1003:Run)
[04/19/2007 01:26 PM | 00,484,904 | ---- | M] (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden ("LightScribe Control Panel" HKU\S-1-5-21-57989841-1220945662-839522115-1003:Run)
[08/18/2008 06:41 PM | 01,832,272 | RHS- | M] (Safer Networking Limited) - E:\Spybot - Search & Destroy\TeaTimer.exe ("SpybotSD TeaTimer" HKU\S-1-5-21-57989841-1220945662-839522115-1003:Run)

========== Startup Folders ==========

[04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[12/09/2005 06:17 PM | 00,118,784 | ---- | M] (Nikon Corporation) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
File not found - C:\Documents and Settings\Skrunt\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = H:\Program Files\ERUNT\AUTOBACK.EXE

========== Internet Explorer ==========

HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\: Main\\Local Page = %SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\: Main\\Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\: Main\\Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\: Main\\Local Page = C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\: Main\\Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_CURRENT_USER\: Main\\Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
HKEY_CURRENT_USER\: ProxyEnable = 0
HKEY_USERS\.DEFAULT\: ProxyEnable = 0
HKEY_USERS\S-1-5-18\: ProxyEnable = 0
HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\: Main\\Local Page = C:\WINDOWS\system32\blank.htm
HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\: Main\\Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\: Main\\Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\: ProxyEnable = 0

========== BHO's ==========

[12/18/2006 04:16 AM | 00,059,032 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (HKLM: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3})
File not found C:\Program Files\AVG\AVG8\avgssie.dll (HKLM: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0})
[06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (HKLM: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43})
File not found Reg Error: Key does not exist or could not be opened. (HKLM: {7E853D72-626A-48EC-A868-BA8D5E23E045})

========== *AppInit_DLLs* ==========

= avgrsstx.dll
>[07/04/2008 06:52 AM | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) - C:\WINDOWS\system32\avgrsstx.dll

========== Winlogon Notify Settings ==========

[10/06/2006 12:09 PM | 00,155,648 | ---- | M] (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll ("DllName")

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

========== HKLM Security Providers ==========

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[05/19/2007 06:55 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

Autorun []
[10/15/2005 01:42 AM | 00,253,952 | R--- | M] (Firaxis Games) D:\Autorun.exe [ CDFS ]

autorun.exe [MZ | ]
[10/15/2005 01:42 AM | 00,253,952 | R--- | M] (Firaxis Games) D:\autorun.exe [ CDFS ]

autorun.inf [[autorun] | OPEN=autorun.exe | ICON=Autorun\Civ4Installer.ico | LABEL=Sid Meier's Civilization 4 | | [appdata] | Mutex=Civ4 21031 | InstallFile=setup.exe | PlayFile=Civilization4.exe | RegKey=INSTALLDIR | | [0x09] | ;English | Background=Autorun\Civ4AutoRunBG.bmp | LegalPos=85,272,480 | LegalColor=255,255,255 | LegalShadow=0,0,0 | LegalFont=MS Sans Serif,8 | LegalStyle=bold | LegalText=©2005 Firaxis Games, Inc. All Rights Reserved. Manufactured and marketed by Take Two Interactive, New York, NY. All trademarks are the property of their respective owners. | ExecPos=117,201 | InstallImage=Autorun\BTN01-Install.bmp | InstallHilite=Autorun\BTN01-Install_OVER.bmp | PlayImage=Autorun\BTN01-Play.bmp | PlayHilite=Autorun\BTN01-Play_OVER.bmp | ReadmePos=265,202 | ReadmeImage=Autorun\BTN02-ReadMe.bmp | ReadmeHilite=Autorun\BTN02-ReadMe_OVER.bmp | ReadmeFile=Readme\English\Readme.htm | ExitPos=412,200 | ExitImage=Autorun\BTN03-Exit.bmp | ExitHilite=Autorun\BTN03-Exit_OVER.bmp | | [0x0c] | ;French | Background=Autorun\Civ4AutoRunBG.bmp | LegalPos=85,272,480 | LegalColor=255,255,255 | LegalShadow=0,0,0 | LegalFont=MS Sans Serif,8 | LegalStyle=bold | LegalText=©2005 Firaxis Games, Inc. Tous droits réservés. Fabriqué et commercialisé par Take Two Interactive, New York, NY. Toutes les marques commerciales sont la propriété de leurs détenteurs respectifs. | ExecPos=117,201 | InstallImage=Autorun\FR_BTN01-Install.bmp | InstallHilite=Autorun\FR_BTN01-Install_OVER.bmp | PlayImage=Autorun\FR_BTN01-Play.bmp | PlayHilite=Autorun\FR_BTN01-Play_OVER.bmp | ReadmePos=265,202 | ReadmeImage=Autorun\FR_BTN02-ReadMe.bmp | ReadmeHilite=Autorun\FR_BTN02-ReadMe_OVER.bmp | ReadmeFile=Readme\French\Readme.htm | ExitPos=412,200 | ExitImage=Autorun\FR_BTN03-Exit.bmp | ExitHilite=Autorun\FR_BTN03-Exit_OVER.bmp | | [0x10] | ;Italian | Background=Autorun\Civ4AutoRunBG.bmp | LegalPos=85,272,480 | LegalColor=255,255,255 | LegalShadow=0,0,0 | LegalFont=MS Sans Serif,8 | LegalStyle=bold | LegalText=©2005 Firaxis Games, Inc. Tutti i diritti riservati. Prodotto e distribuito da Take Two Interactive, New York, NY. Tutti i marchi sono di proprietà dei rispettivi detentori. | ExecPos=117,201 | InstallImage=Autorun\IT_BTN01-Install.bmp | InstallHilite=Autorun\IT_BTN01-Install_OVER.bmp | PlayImage=Autorun\IT_BTN01-Play.bmp | PlayHilite=Autorun\IT_BTN01-Play_OVER.bmp | ReadmePos=265,202 | ReadmeImage=Autorun\IT_BTN02-ReadMe.bmp | ReadmeHilite=Autorun\IT_BTN02-ReadMe_OVER.bmp | ReadmeFile=Readme\Italian\Readme.htm | ExitPos=412,200 | ExitImage=Autorun\IT_BTN03-Exit.bmp | ExitHilite=Autorun\IT_BTN03-Exit_OVER.bmp | | [0x07] | ;German | Background=Autorun\Civ4AutoRunBG.bmp | LegalPos=85,272,480 | LegalColor=255,255,255 | LegalShadow=0,0,0 | LegalFont=MS Sans Serif,8 | LegalStyle=bold | LegalText=© 2005 Firaxis Games, Inc. Alle Rechte vorbehalten. Herstellung und Vermarktung durch Take Two Interactive, New York, NY. Alle Warenzeichen sind Eigentum der jeweiligen Inhaber. | ExecPos=117,201 | InstallImage=Autorun\GE_BTN01-Install.bmp | InstallHilite=Autorun\GE_BTN01-Install_OVER.bmp | PlayImage=Autorun\GE_BTN01-Play.bmp | PlayHilite=Autorun\GE_BTN01-Play_OVER.bmp | ReadmePos=265,202 | ReadmeImage=Autorun\GE_BTN02-ReadMe.bmp | ReadmeHilite=Autorun\GE_BTN02-ReadMe_OVER.bmp | ReadmeFile=Readme\German\Readme.htm | ExitPos=412,200 | ExitImage=Autorun\GE_BTN03-Exit.bmp | ExitHilite=Autorun\GE_BTN03-Exit_OVER.bmp | | [0x0a] | ;Spanish | Background=Autorun\Civ4AutoRunBG.bmp | LegalPos=85,272,480 | LegalColor=255,255,255 | LegalShadow=0,0,0 | LegalFont=MS Sans Serif,8 | LegalStyle=bold | LegalText=©2005 Firaxis Games, Inc. Todos los derechos reservados. Creado y distribuido por Take Two Interactive, New York, NY. Todas las marcas comerciales pertenecen a sus respectivos propietarios. | ExecPos=117,201 | InstallImage=Autorun\SP_BTN01-Install.bmp | InstallHilite=Autorun\SP_BTN01-Install_OVER.bmp | PlayImage=Autorun\SP_BTN01-Play.bmp | PlayHilite=Autorun\SP_BTN01-Play_OVER.bmp | ReadmePos=265,202 | ReadmeImage=Autorun\SP_BTN02-ReadMe.bmp | ReadmeHilite=Autorun\SP_BTN02-ReadMe_OVER.bmp | ReadmeFile=Readme\Spanish\Readme.htm | ExitPos=412,200 | ExitImage=Autorun\SP_BTN03-Exit.bmp | ExitHilite=Autorun\SP_BTN03-Exit_OVER.bmp | ]
[10/15/2005 01:42 AM | 00,004,118 | R--- | M] () D:\autorun.inf [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48057f01-af4b-11dc-b787-0015588abe45}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{735eca17-116f-11dc-b606-0015588abe45}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96d32d38-4fdc-11dc-b6cc-0015588abe45}\Shell]
"" = Shell01

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ad877f2-7b8b-11dd-a456-806d6172696f}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eae23686-1109-11dc-b605-0015588abe45}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f930a27e-06d9-11dc-b5d9-0015588abe45}\Shell]
"" = None

========== DNS Name Servers ==========

{186D2133-7EB7-4953-A4F7-1E2A7E98C062} (Servers: | Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller)

========== Hosts File ==========

HOSTS File = (253869 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net



========== Files/Folders - Created Within 30 days ==========

[08/26/2008 06:01 PM | 00,000,211 | -HS- | C] () - C:\BOOT.BAK
[08/27/2008 09:02 PM | ---D | C] - C:\Config.Msi
[08/27/2008 09:19 PM | ---D | C] - C:\LiveUpdate_Temp
[08/27/2008 09:19 PM | -H-D | C] - C:\$AVG8.VAULT$
[08/27/2008 09:19 PM | ---D | C] - C:\WINDOWS\System32\drivers\Avg
[08/28/2008 04:56 PM | 00,017,144 | ---- | C] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys
[08/28/2008 04:56 PM | 00,038,472 | ---- | C] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[08/28/2008 05:23 PM | 00,012,608 | ---- | C] (PC Tools) - C:\WINDOWS\System32\drivers\TfKbMon.sys
[08/28/2008 05:23 PM | 00,033,088 | ---- | C] (PC Tools) - C:\WINDOWS\System32\drivers\TfNetMon.sys
[08/28/2008 05:23 PM | 00,038,208 | ---- | C] (PC Tools) - C:\WINDOWS\System32\drivers\TfSysMon.sys
[08/28/2008 05:23 PM | 00,051,520 | ---- | C] (PC Tools) - C:\WINDOWS\System32\drivers\TfFsMon.sys
[08/28/2008 08:33 PM | 00,028,544 | ---- | C] (Panda Security, S.L.) - C:\WINDOWS\System32\drivers\pavboot.sys
[08/24/2008 07:42 AM | 00,135,168 | ---- | C] (Sun Microsystems, Inc.) - C:\WINDOWS\System32\java.exe
[08/24/2008 07:42 AM | 00,135,168 | ---- | C] (Sun Microsystems, Inc.) - C:\WINDOWS\System32\javaw.exe
[08/24/2008 07:42 AM | 00,139,264 | ---- | C] (Sun Microsystems, Inc.) - C:\WINDOWS\System32\javaws.exe
[6 C:\WINDOWS\*.tmp files]
[08/28/2008 04:53 PM | ---D | C] - C:\WINDOWS\ERDNT
[08/28/2008 04:56 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/28/2008 05:23 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\PC Tools
[08/28/2008 05:24 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 124 bytes -> %AllUsersProfile%\Application Data\TEMP:1CA73D29
[08/08/2008 07:26 PM | ---D | C] - C:\Documents and Settings\Skrunt\Application Data\MSNInstaller
[08/24/2008 07:45 AM | ---D | C] - C:\Documents and Settings\Skrunt\Application Data\OpenOffice.org2
[08/28/2008 04:56 PM | ---D | C] - C:\Documents and Settings\Skrunt\Application Data\Malwarebytes
[08/07/2008 01:32 PM | ---D | C] - C:\Documents and Settings\Skrunt\Local Settings\Application Data\Nova Development
[08/31/2008 10:44 AM | ---D | C] - C:\Documents and Settings\Skrunt\Local Settings\Application Data\NOS
[08/20/2008 02:08 PM | 00,025,088 | ---- | C] () - C:\Documents and Settings\Skrunt\My Documents\Social Committe.doc
[08/20/2008 03:11 PM | ---D | C] - C:\Documents and Settings\Skrunt\My Documents\NNO
[08/28/2008 04:56 PM | 00,000,565 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/28/2008 05:24 PM | 00,000,520 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[08/31/2008 10:47 AM | 00,001,745 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[08/08/2008 02:01 PM | 00,018,432 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\Member Contact List(2).xls
[08/10/2008 07:08 PM | 00,039,929 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\13275lg.jpg
[08/11/2008 05:24 PM | 00,023,040 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\Lantana2009BoardBudget.xls
[08/20/2008 01:05 PM | 00,184,010 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\NNO_AWARD_tips_08.pdf
[08/24/2008 06:41 AM | 00,023,040 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\Lantana2009BoardBudget(2).xls
[08/24/2008 06:48 AM | 00,224,050 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\AM packet 2008.pdf
[08/25/2008 01:10 PM | 00,040,807 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\Fall08NLC_syllabus.pdf
[08/26/2008 12:03 PM | 00,127,488 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\bondingjeopardy.ppt
[08/27/2008 09:19 PM | ---D | C] - C:\Documents and Settings\Skrunt\Desktop\Fall 2006
[08/27/2008 09:22 PM | ---D | C] - C:\Documents and Settings\Skrunt\Desktop\Scrap
[08/28/2008 04:42 PM | 00,000,811 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\HijackThis.lnk
[08/28/2008 04:47 PM | 00,050,688 | ---- | C] (Atribune.org) - C:\Documents and Settings\Skrunt\Desktop\ATF_Cleaner.exe
[08/28/2008 04:53 PM | 00,000,501 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\ERUNT.lnk
[08/28/2008 04:53 PM | 00,000,514 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\NTREGOPT.lnk
[08/29/2008 09:02 AM | 00,093,389 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\eBayISAPI.dll
[08/29/2008 09:02 AM | ---D | C] - C:\Documents and Settings\Skrunt\Desktop\eBayISAPI_files
[09/01/2008 11:54 PM | 00,042,136 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\Chem 1406 Syllabus.pdf
[09/02/2008 11:18 PM | 00,022,016 | ---- | C] () - C:\Documents and Settings\Skrunt\Desktop\1405ScheduleMWF(2).xls
[09/05/2008 07:41 PM | 01,305,600 | ---- | C] (OldTimer Tools) - C:\Documents and Settings\Skrunt\Desktop\OTViewIt_beta.exe
[08/31/2008 10:47 AM | 00,001,762 | ---- | C] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[08/28/2008 04:53 PM | 00,000,658 | ---- | C] () - C:\Documents and Settings\Skrunt\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[08/28/2008 04:56 PM | ---D | C] - C:\Program Files\Common Files\Download Manager
[08/24/2008 07:42 AM | ---D | C] - C:\Program Files\OpenOffice.org 2.4
[08/27/2008 09:18 PM | ---D | C] - C:\Program Files\AVG
[08/27/2008 09:18 PM | ---D | C] - C:\Program Files\LightScribe
[08/27/2008 09:18 PM | ---D | C] - C:\Program Files\Marvell
[08/27/2008 09:19 PM | ---D | C] - C:\Program Files\Yahoo! Games
[08/27/2008 09:20 PM | ---D | C] - C:\Program Files\Messenger
[08/27/2008 09:20 PM | ---D | C] - C:\Program Files\Shutterfly
[08/28/2008 08:32 PM | ---D | C] - C:\Program Files\Panda Security

========== Files - Modified Within 30 days ==========

[08/17/2008 03:01 PM | 00,017,144 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys
[08/17/2008 03:01 PM | 00,038,472 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2 C:\WINDOWS\System32\*.tmp files]
[08/29/2008 07:56 AM | 00,296,456 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[08/30/2008 06:51 AM | 00,060,828 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[08/30/2008 06:51 AM | 00,400,794 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat
[08/30/2008 06:51 AM | 00,466,028 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI
[09/05/2008 10:09 AM | 00,002,206 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
[6 C:\WINDOWS\*.tmp files]
[08/27/2008 08:54 PM | 00,000,227 | ---- | M] () - C:\WINDOWS\system.ini
[08/28/2008 05:36 PM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[08/29/2008 11:07 PM | 00,000,594 | ---- | M] () - C:\WINDOWS\win.ini
[09/05/2008 03:46 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[09/05/2008 03:46 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[09/05/2008 07:17 PM | 00,000,256 | ---- | M] () - C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[09/01/2008 10:53 AM | 00,000,020 | -H-- | M] () - C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[08/30/2008 08:35 AM | 00,090,136 | ---- | M] () - C:\Documents and Settings\Skrunt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[08/20/2008 02:08 PM | 00,025,088 | ---- | M] () - C:\Documents and Settings\Skrunt\My Documents\Social Committe.doc
[08/28/2008 04:56 PM | 00,000,565 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/28/2008 05:24 PM | 00,000,520 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[08/31/2008 10:47 AM | 00,001,745 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[08/08/2008 02:01 PM | 00,018,432 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Member Contact List(2).xls
[08/10/2008 07:08 PM | 00,039,929 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\13275lg.jpg
[08/10/2008 09:50 PM | 00,026,112 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\bike milage 2008.xls
[08/11/2008 05:24 PM | 00,023,040 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Lantana2009BoardBudget.xls
[08/20/2008 01:05 PM | 00,184,010 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\NNO_AWARD_tips_08.pdf
[08/24/2008 06:41 AM | 00,023,040 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Lantana2009BoardBudget(2).xls
[08/24/2008 06:48 AM | 00,224,050 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\AM packet 2008.pdf
[08/25/2008 01:10 PM | 00,040,807 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Fall08NLC_syllabus.pdf
[08/26/2008 12:04 PM | 00,127,488 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\bondingjeopardy.ppt
[08/28/2008 04:42 PM | 00,000,811 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\HijackThis.lnk
[08/28/2008 04:47 PM | 00,050,688 | ---- | M] (Atribune.org) - C:\Documents and Settings\Skrunt\Desktop\ATF_Cleaner.exe
[08/28/2008 04:53 PM | 00,000,501 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\ERUNT.lnk
[08/28/2008 04:53 PM | 00,000,514 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\NTREGOPT.lnk
[08/29/2008 09:02 AM | 00,093,389 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\eBayISAPI.dll
[09/01/2008 11:54 PM | 00,042,136 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Chem 1406 Syllabus.pdf
[09/02/2008 11:18 PM | 00,022,016 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\1405ScheduleMWF(2).xls
[09/03/2008 10:34 AM | 00,002,497 | ---- | M] () - C:\Documents and Settings\Skrunt\Desktop\Microsoft Office Word 2003.lnk
[09/03/2008 10:35 AM | 00,174,080 | -HS- | M] () - C:\Documents and Settings\Skrunt\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
[09/05/2008 07:41 PM | 01,305,600 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\Skrunt\Desktop\OTViewIt_beta.exe
[08/31/2008 10:47 AM | 00,001,762 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[08/28/2008 04:53 PM | 00,000,658 | ---- | M] () - C:\Documents and Settings\Skrunt\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

< End of report >
Go to the top of the page
 
+Quote Post
colbyclay
post Sep 5 2008, 06:56 PM
Post #4


Member
**
Posts: 22
OS: XP
And here is the Extras.Txt:

OTViewIt Extras logfile created on: 9/5/2008 7:48:05 PM - Run 2
OTViewIt by OldTimer - Version 1.0.2.1 beta Folder = C:\Documents and Settings\Skrunt\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.41 Mb Total Physical Memory | 659.25 Mb Available Physical Memory | 64.48% Memory free
3.88 Gb Paging File | 3.63 Gb Available in Paging File | 93.61% Paging File free
Paging file location(s): G:\pagefile.sys 3048 3048;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20.00 Gb Total Space | 8.83 Gb Free Space | 44.17% Space Free | Partition Type: NTFS
Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 10.00 Gb Total Space | 9.38 Gb Free Space | 93.83% Space Free | Partition Type: NTFS
Drive F: | 263.67 Gb Total Space | 223.71 Gb Free Space | 84.85% Space Free | Partition Type: NTFS
Drive G: | 4.41 Gb Total Space | 1.40 Gb Free Space | 31.83% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08/03/2004 08:07 PM | 00,140,800 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08/03/2004 08:07 PM | 00,140,800 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
File not found

"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
File not found

"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
File not found

"C:\Program Files\UltraVNC\winvnc.exe" = C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:VNC server for Win32
[06/18/2006 02:56 PM | 00,712,704 | ---- | M] (UltraVNC)

"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home
File not found

"F:\Space Empires IV Gold\Se4.exe" = F:\Space Empires IV Gold\Se4.exe:*:Enabled:Space Empires IV
File not found

"F:\Sid Meier's Civilization 4\Civilization4.exe" = F:\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4
[05/16/2007 11:52 PM | 11,739,782 | ---- | M] (Firaxis Games)

"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
File not found

"F:\NeverwinterNights\nwmain.exe" = F:\NeverwinterNights\nwmain.exe:*:Enabled:Neverwinter Nights
[08/04/2006 05:45 PM | 05,636,096 | ---- | M] (Bioware Corp.)

"F:\NeverwinterNights\nwserver.exe" = F:\NeverwinterNights\nwserver.exe:*:Enabled:Neverwinter Nights Server
[08/04/2006 05:45 PM | 02,539,520 | ---- | M] (Bioware Corp.)

"F:\Neverwinter Nights 2\nwn2main.exe" = F:\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main
[12/17/2007 03:15 PM | 12,173,312 | ---- | M] (Obsidian Entertainment, Inc.)

"F:\Neverwinter Nights 2\nwn2main_amdxp.exe" = F:\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD
[12/17/2007 03:26 PM | 12,025,856 | ---- | M] (Obsidian Entertainment, Inc.)

"F:\Neverwinter Nights 2\nwupdate.exe" = F:\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater
[02/16/2008 04:13 PM | 02,465,792 | ---- | M] (Obsidian Entertainment, Inc.)

"F:\Neverwinter Nights 2\nwn2server.exe" = F:\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server
[12/13/2007 07:19 PM | 04,943,872 | ---- | M] (Obsidian Entertainment, Inc.)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)

"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
File not found

"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
File not found

"F:\EVE\bin\ExeFile.exe" = F:\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile
File not found

"F:\Hellgate London\Launcher.exe" = F:\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London
[07/29/2008 06:20 PM | 06,448,448 | ---- | M] (Flagship Studios)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.html [@ = FirefoxHTML] - [08/03/2008 10:51 AM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" /S

========== Winsock2 Catalogs ==========

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


========== HKEY_CURRENT_USER Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM - XPLPPFilter Class]
File not found C:\Program Files\AVG\AVG8\avgpp.dll
msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{20E5F823-61A4-4BCE-9DF4-5DB43F302B69}" = Diskeeper Professional Premier Edition
"{24F2E03B-ACF2-42FB-8A2A-5F015ACBDD16}" = FOX ONE
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37477865-A3F1-4772-AD43-AAFC6BCFF99F}" = MSXML 4.0 SP2 (KB927978)
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{67183F00-3DDC-497B-A090-4E2B79EAF1CD}" = Photo Viewer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373184D-8E8F-4308-912A-3901071FA1AD}" = LightScribe Applications
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7EC9E7A1-A576-43C8-9CBB-31BD5625EBCA}" = Fox LiveUpdate
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A6199025-CBF8-4ACB-BEE9-D14EC1CCD731}" = X2 - The Threat
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8589680-35C1-4732-ACCA-09B78921ECE3}" = Sid Meier's Civilization 4
"{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.2
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative Zen Nano Plus
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights Platinum Edition
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13D54AA-EE45-4394-8510-C612A56FD9BC}" = Creative Zen Touch
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{FC272B66-8372-49EF-A642-28CAD2B9EAC9}" = Tron 2.0
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire 3.5
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG8Uninstall" = AVG Free 8.0
"Creative Jukebox Driver" = Creative Jukebox Driver
"Creative Mass Storage Drivers" = Creative Mass Storage Drivers
"ERUNT_is1" = ERUNT 1.1j
"Fallout" = Fallout
"Fallout2" = Fallout2
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"KB873339" = Windows XP Hotfix - KB873339
"KB885835" = Windows XP Hotfix - KB885835
"KB885836" = Windows XP Hotfix - KB885836
"KB886185" = Windows XP Hotfix - KB886185
"KB887472" = Windows XP Hotfix - KB887472
"KB888111WXPSP2" = High Definition Audio Driver Package - KB888111
"KB888302" = Windows XP Hotfix - KB888302
"KB890046" = Security Update for Windows XP (KB890046)
"KB890859" = Windows XP Hotfix - KB890859
"KB891781" = Windows XP Hotfix - KB891781
"KB893756" = Security Update for Windows XP (KB893756)
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB894391" = Update for Windows XP (KB894391)
"KB896358" = Security Update for Windows XP (KB896358)
"KB896423" = Security Update for Windows XP (KB896423)
"KB896428" = Security Update for Windows XP (KB896428)
"KB898461" = Update for Windows XP (KB898461)
"KB899587" = Security Update for Windows XP (KB899587)
"KB899591" = Security Update for Windows XP (KB899591)
"KB900485" = Update for Windows XP (KB900485)
"KB900725" = Security Update for Windows XP (KB900725)
"KB901017" = Security Update for Windows XP (KB901017)
"KB901214" = Security Update for Windows XP (KB901214)
"KB902400" = Security Update for Windows XP (KB902400)
"KB904706" = Security Update for Windows XP (KB904706)
"KB905414" = Security Update for Windows XP (KB905414)
"KB905749" = Security Update for Windows XP (KB905749)
"KB908519" = Security Update for Windows XP (KB908519)
"KB908531" = Update for Windows XP (KB908531)
"KB910437" = Update for Windows XP (KB910437)
"KB911280" = Update for Windows XP (KB911280)
"KB911562" = Security Update for Windows XP (KB911562)
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB911927" = Security Update for Windows XP (KB911927)
"KB913580" = Security Update for Windows XP (KB913580)
"KB914388" = Security Update for Windows XP (KB914388)
"KB914389" = Security Update for Windows XP (KB914389)
"KB916595" = Update for Windows XP (KB916595)
"KB917344" = Security Update for Windows XP (KB917344)
"KB917422" = Security Update for Windows XP (KB917422)
"KB917734_WMP9" = Security Update for Windows Media Player 9 (KB917734)
"KB917953" = Security Update for Windows XP (KB917953)
"KB918118" = Security Update for Windows XP (KB918118)
"KB918439" = Security Update for Windows XP (KB918439)
"KB919007" = Security Update for Windows XP (KB919007)
"KB920213" = Security Update for Windows XP (KB920213)
"KB920670" = Security Update for Windows XP (KB920670)
"KB920683" = Security Update for Windows XP (KB920683)
"KB920685" = Security Update for Windows XP (KB920685)
"KB920872" = Update for Windows XP (KB920872)
"KB921503" = Security Update for Windows XP (KB921503)
"KB922582" = Update for Windows XP (KB922582)
"KB922819" = Security Update for Windows XP (KB922819)
"KB923191" = Security Update for Windows XP (KB923191)
"KB923414" = Security Update for Windows XP (KB923414)
"KB923689" = Security Update for Windows XP (KB923689)
"KB923694" = Security Update for Windows XP (KB923694)
"KB923789" = Security Update for Windows XP (KB923789)
"KB923980" = Security Update for Windows XP (KB923980)
"KB924191" = Security Update for Windows XP (KB924191)
"KB924270" = Security Update for Windows XP (KB924270)
"KB924496" = Security Update for Windows XP (KB924496)
"KB924667" = Security Update for Windows XP (KB924667)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB925902" = Security Update for Windows XP (KB925902)
"KB926255" = Security Update for Windows XP (KB926255)
"KB926436" = Security Update for Windows XP (KB926436)
"KB927779" = Security Update for Windows XP (KB927779)
"KB927802" = Security Update for Windows XP (KB927802)
"KB927891" = Update for Windows XP (KB927891)
"KB928255" = Security Update for Windows XP (KB928255)
"KB928843" = Security Update for Windows XP (KB928843)
"KB929123" = Security Update for Windows XP (KB929123)
"KB929969" = Security Update for Windows XP (KB929969)
"KB930178" = Security Update for Windows XP (KB930178)
"KB930916" = Update for Windows XP (KB930916)
"KB931261" = Security Update for Windows XP (KB931261)
"KB931768" = Security Update for Windows XP (KB931768)
"KB931784" = Security Update for Windows XP (KB931784)
"KB931836" = Update for Windows XP (KB931836)
"KB932168" = Security Update for Windows XP (KB932168)
"KB933360" = Update for Windows XP (KB933360)
"KB933566" = Security Update for Windows XP (KB933566)
"KB933729" = Security Update for Windows XP (KB933729)
"KB935448" = Hotfix for Windows XP (KB935448)
"KB935839" = Security Update for Windows XP (KB935839)
"KB935840" = Security Update for Windows XP (KB935840)
"KB936021" = Security Update for Windows XP (KB936021)
"KB936357" = Update for Windows XP (KB936357)
"KB936782_WMP10" = Security Update for Windows Media Player 10 (KB936782)
"KB936782_WMP9" = Security Update for Windows Media Player 9 (KB936782)
"KB937143" = Security Update for Windows XP (KB937143)
"KB937894" = Security Update for Windows XP (KB937894)
"KB938127" = Security Update for Windows XP (KB938127)
"KB938828" = Update for Windows XP (KB938828)
"KB938829" = Security Update for Windows XP (KB938829)
"KB939653" = Security Update for Windows XP (KB939653)
"KB941202" = Security Update for Windows XP (KB941202)
"KB941568" = Security Update for Windows XP (KB941568)
"KB941569" = Security Update for Windows XP (KB941569)
"KB941693" = Security Update for Windows XP (KB941693)
"KB942763" = Update for Windows XP (KB942763)
"KB942840" = Update for Windows XP (KB942840)
"KB943055" = Security Update for Windows XP (KB943055)
"KB943460" = Security Update for Windows XP (KB943460)
"KB944338" = Security Update for Windows XP (KB944338)
"KB944533" = Security Update for Windows XP (KB944533)
"KB944653" = Security Update for Windows XP (KB944653)
"KB945553" = Security Update for Windows XP (KB945553)
"KB946026" = Security Update for Windows XP (KB946026)
"KB946648" = Security Update for Windows XP (KB946648)
"KB948590" = Security Update for Windows XP (KB948590)
"KB948881" = Security Update for Windows XP (KB948881)
"KB950749" = Security Update for Windows XP (KB950749)
"KB950759" = Security Update for Windows XP (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838" = Security Update for Windows XP (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"mr7910_1ffef370f39864f3aaa62219d434ae06b02b70ab" = Windows Driver Package - (mr7910) Image 08/08/2006 1.4.0.0
"MuVo Driver" = Creative Mass Storage Drivers
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIA Drivers" = NVIDIA Drivers
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Shutterfly Plugin" = Shutterfly Plugin
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SShockDeinstallKey" = System Shock2
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"The Sims" = The Sims
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"WinAce Archiver" = WinAce Archiver
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"x2_allinone_bonus_package_is1" = X² All In One Bonus Package 1.04

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-57989841-1220945662-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========


[ Application Events ]
Error - 8/16/2008 8:45:00 PM - Computer Name = HAL - User Name = NT AUTHORITY\SYSTEM - Source = MsiInstaller
Description = Product: Microsoft Office Professional Edition 2003 - Update 'Office
2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Windows
Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127

Error - 8/20/2008 2:14:31 AM - Computer Name = HAL - User Name = NT AUTHORITY\SYSTEM - Source = MsiInstaller
Description = Product: Microsoft Office Professional Edition 2003 -- Error 1311.
Source file not found(cabinet): F:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB.
Verify that the file exists and that you can access it.

Error - 8/20/2008 2:14:40 AM - Computer Name = HAL - User Name = NT AUTHORITY\SYSTEM - Source = MsiInstaller
Description = Product: Microsoft Office Professional Edition 2003 - Update 'Office
2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Windows
Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127

Error - 8/20/2008 8:22:08 PM - Computer Name = HAL - User Name = HAL\Skrunt - Source = MsiInstaller
Description = Product: Scrapbook Factory Deluxe 4.0 -- Error 1311.Source file not
found(cabinet): C:\Documents and Settings\Skrunt\Local Settings\Temp\Data1.cab.
Verify that the file exists and that you can access it.

Error - 8/22/2008 4:13:20 PM - Computer Name = HAL - User Name = HAL\Skrunt - Source = MsiInstaller
Description = Product: Microsoft Office Professional Edition 2003 -- Error 1311.
Source file not found(cabinet): D:\Office11 - Disc 1 - Professional\SKU011.CAB.
Verify that the file exists and that you can access it.

Error - 8/22/2008 4:13:20 PM - Computer Name = HAL - User Name = HAL\Skrunt - Source = MsiInstaller
Description = Product: Microsoft Office Professional Edition 2003 -- Error 25090.
Office Setup encountered a problem with the Office Source Engine, system error:
-2147023179. Please open C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM
and look for "Office Source Engine" for information on how to resolve this problem.

Error - 8/26/2008 9:43:07 PM - Computer Name = HAL - User Name = User SID not found - Source = Application Error
Description = Faulting application passport.exe, version 14.1.7.22, faulting module
passtcp.dll, version 14.0.7.22, fault address 0x000072d8.

Error - 8/27/2008 9:14:07 PM - Computer Name = HAL - User Name = User SID not found - Source = EventSystem
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 8/27/2008 9:14:07 PM - Computer Name = HAL - User Name = User SID not found - Source = VSS
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 9/5/2008 9:02:13 PM - Computer Name = HAL - User Name = User SID not found - Source = Application Error
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.1.0.649, fault address 0x000ca199.


[ Security Events ]

[ System Events ]
Error - 8/30/2008 11:42:26 AM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/1/2008 12:01:11 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/2/2008 1:20:13 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/2/2008 2:15:19 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/3/2008 2:37:34 AM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/3/2008 12:46:19 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/4/2008 1:54:20 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/5/2008 3:09:52 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86

Error - 9/5/2008 8:47:04 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The ThreatFire service failed to start due to the following error:
%%3

Error - 9/5/2008 8:47:04 PM - Computer Name = HAL - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86


< End of report >
Go to the top of the page