This topic is locked
I am sure that you can help me.
Every time I press CTRL+ALT+DEL I get the message 'Can not find script file "C:\WINDOWS\system32\winjpg.jpg".'
I had problems with runnig System Restore and opening my hard drives, was getting messages:'Can not find script file "C:\winfile.jpg"' or 'Can not find script file "D:\winfile.jpg"', and something like that. But after I followed your guide I solved that, now there's only the task manager problem. Avast can't seem to find the trojan, or whatever it is, in the \system32 directory.
Here is the MBAM log(I apologize, it's in Croatian, if it's a problem I can translate):
Malwarebytes' Anti-Malware 1.37
Verzija baze podataka: 2229
Windows 5.1.2600 Service Pack 3
4.6.2009 20:55:30
mbam-log-2009-06-04 (20-55-30).txt
Tip provjere: Brza Provjera
Provjerenih objekata: 83544
Vrijeme trajanja: 3 minute(s), 4 second(s)
Zaraženi procesi u memoriji: 0
Zaraženi moduli u memoriji: 0
Zaraženi ključevi u registru: 5
Zaražene vrijednosti u registru: 4
Zaraženi podaci u registru: 1
Zaraženi spremnici: 0
Zaražene datoteke: 0
Zaraženi procesi u memoriji:
(Zloćudne stavke nisu otkrivene)
Zaraženi moduli u memoriji:
(Zloćudne stavke nisu otkrivene)
Zaraženi ključevi u registru:
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe (Security.Hijack) -> Quarantined and deleted successfully.
Zaražene vrijednosti u registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
Zaraženi podaci u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Zaraženi spremnici:
(Zloćudne stavke nisu otkrivene)
Zaražene datoteke:
(Zloćudne stavke nisu otkrivene)
Rooter log:
Rooter.exe (v1.0) by Eric_71
¨
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
32_bits - x86 Family 15 Model 43 Stepping 1, AuthenticAMD
¨
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:141517 Mo - Free:39110 Mo )
D:\ [Fixed-NTFS] .. ( Total:97848 Mo - Free:32119 Mo )
E:\ [CD_Rom]
F:\ [CD_Rom]
G:\ [Fixed-NTFS] .. ( Total:476938 Mo - Free:419221 Mo )
¨
Scan : 19:57.45
Path : C:\Documents and Settings\Decky\Desktop\Rooter.exe
User : Decky ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (700)
______ \??\C:\windows\system32\csrss.exe (764)
______ \??\C:\windows\system32\winlogon.exe (792)
______ C:\windows\system32\services.exe (836)
______ C:\windows\system32\lsass.exe (848)
______ C:\windows\system32\svchost.exe (1024)
______ C:\windows\system32\svchost.exe (1072)
______ C:\windows\System32\svchost.exe (1168)
______ C:\windows\system32\svchost.exe (1344)
______ C:\windows\system32\svchost.exe (1420)
______ C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1484)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1500)
______ C:\Program Files\Alwil Software\Avast4\ashServ.exe (1636)
______ C:\windows\Explorer.exe (1804)
______ C:\windows\system32\spoolsv.exe (352)
______ C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (420)
______ C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (476)
______ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (484)
______ C:\Program Files\QuickTime\QTTask.exe (496)
______ C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (568)
______ C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (592)
______ C:\Program Files\Java\jre6\bin\jusched.exe (872)
______ C:\windows\SOUNDMAN.EXE (992)
______ C:\windows\system32\RUNDLL32.EXE (1116)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (1128)
______ C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (1140)
______ C:\Program Files\BugCD Pretrazivac\BugCD Pretrazivac.exe (1152)
______ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (1188)
______ C:\windows\system32\ctfmon.exe (1244)
______ C:\Program Files\Messenger\msmsgs.exe (1260)
______ C:\Program Files\Steam\Steam.exe (1288)
______ C:\windows\system32\svchost.exe (1780)
______ C:\Program Files\Java\jre6\bin\jqs.exe (2092)
______ C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2132)
______ C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (2152)
______ C:\windows\system32\nvsvc32.exe (2172)
______ C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (2240)
______ C:\windows\system32\svchost.exe (2348)
______ C:\Program Files\Canon\CAL\CALMAIN.exe (3208)
______ C:\Program Files\Common Files\Teleca Shared\Generic.exe (3324)
______ C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (3572)
______ C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (3664)
______ C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (3736)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (3768)
______ C:\windows\system32\wbem\wmiprvse.exe (280)
______ C:\windows\System32\alg.exe (748)
______ C:\windows\system32\wuauclt.exe (3004)
______ C:\Program Files\Mozilla Firefox\firefox.exe (2668)
______ C:\Documents and Settings\Decky\Desktop\Rooter.exe (3548)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:148392244224)
\Device\Harddisk0\Partition0 (Start_Offset:148392276480 | Length:102602142720)
\Device\Harddisk0\Partition2 (Start_Offset:148392308736 | Length:102602110464)
¨
----------------------\\ Scheduled Tasks
¨
C:\windows\Tasks\Ad-Aware Update (Weekly).job
C:\windows\Tasks\desktop.ini
C:\windows\Tasks\SA.DAT
C:\windows\Tasks\SmartDefrag.job
C:\windows\Tasks\WGASetup.job
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
----------------------\\ Scan completed at 19:58.10
¨
C:\Rooter$\Rooter_1.txt - (14/06/2009 | 19:58.10)
OTL log:
OTL logfile created on: 14.6.2009 20:01:09 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Decky\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,12% Memory free
3,35 Gb Paging File | 2,83 Gb Available in Paging File | 84,64% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,20 Gb Total Space | 38,19 Gb Free Space | 27,64% Space Free | Partition Type: NTFS
Drive D: | 95,56 Gb Total Space | 31,37 Gb Free Space | 32,83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 409,40 Gb Free Space | 87,90% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DECKY-E93819898
Current User Name: Decky
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\windows\Explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Software Solutions AB)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\BugCD Pretrazivac\BugCD Pretrazivac.exe ()
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca Software Solutions)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Decky\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe (Macromedia)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (nTuneService [Auto | Running]) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (NVSvc [Auto | Running]) -- C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (StarWindService [Auto | Running]) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (Aavmker4 [System | Running]) -- C:\windows\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\windows\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdLLD [On_Demand | Running]) -- C:\windows\system32\DRIVERS\AmdLLD.sys (AMD, Inc.)
DRV - (ASAPIW2k [On_Demand | Running]) -- C:\windows\system32\drivers\ASAPIW2k.sys (Pinnacle Systems GmbH)
DRV - (Aspi32 [Auto | Running]) -- C:\windows\System32\drivers\aspi32.sys (Adaptec)
DRV - (aswFsBlk [Auto | Running]) -- C:\windows\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\windows\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (athsgt [Auto | Running]) -- C:\windows\system32\DRIVERS\athsgt.sys ()
DRV - (enodpl [Auto | Running]) -- C:\windows\System32\drivers\enodpl.sys ()
DRV - (ENTECH [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (k510bus [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k510bus.sys (MCCI)
DRV - (k510mdfl [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k510mdfl.sys (MCCI)
DRV - (k510mdm [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k510mdm.sys (MCCI)
DRV - (k510mgmt [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k510mgmt.sys (MCCI)
DRV - (k510obex [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k510obex.sys (MCCI)
DRV - (k750bus [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k750bus.sys (MCCI)
DRV - (k750mdfl [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k750mdfl.sys (MCCI)
DRV - (k750mdm [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k750mdm.sys (MCCI)
DRV - (k750mgmt [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k750mgmt.sys (MCCI)
DRV - (k750obex [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\k750obex.sys (MCCI)
DRV - (Lbd [Boot | Running]) -- C:\windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (limsgt [Auto | Running]) -- C:\windows\system32\DRIVERS\limsgt.sys ()
DRV - (nv [On_Demand | Running]) -- C:\windows\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvatabus [Boot | Running]) -- C:\windows\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\windows\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\windows\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVR0Dev [On_Demand | Running]) -- C:\windows\nvoclock.sys (NVidia Corp.)
DRV - (PQNTDrv [System | Running]) -- C:\windows\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (prodrv06 [System | Running]) -- C:\windows\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prohlp02 [Boot | Running]) -- C:\windows\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prosync1 [Boot | Running]) -- C:\windows\System32\drivers\prosync1.sys (Protection Technology)
DRV - (Ptilink [On_Demand | Running]) -- C:\windows\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (RivaTuner32 [On_Demand | Running]) -- C:\Program Files\RivaTuner v2.24\RivaTuner32.sys ()
DRV - (SCDEmu [System | Running]) -- C:\windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\windows\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfhlp01 [Boot | Running]) -- C:\windows\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (sfhlp02 [Boot | Running]) -- C:\windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync03 [Boot | Running]) -- C:\windows\System32\drivers\sfsync03.sys (Protection Technology)
DRV - (sfvfs02 [Boot | Running]) -- C:\windows\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sptd [Boot | Running]) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (tandpl [Auto | Running]) -- C:\windows\System32\drivers\tandpl.sys ()
DRV - (Vax347b [Boot | Running]) -- C:\windows\system32\DRIVERS\Vax347b.sys ( )
DRV - (Vax347s [Boot | Running]) -- C:\windows\System32\Drivers\Vax347s.sys ( )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Update_Check_Page = http://www.microsoft...mp;Ar=ie5update
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.oglasnik.hr/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.3
FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.4.18.11
FF - prefs.js..extensions.enabledItems: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374}:3.5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.3.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008.06.15 22:38:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009.01.16 16:20:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009.06.14 10:01:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009.06.14 10:01:51 | 00,000,000 | ---D | M]
[2008.06.25 23:02:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Extensions
[2008.06.25 23:02:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.06.14 19:56:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions
[2009.05.07 20:59:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009.04.29 09:08:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2009.06.14 19:56:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009.02.22 14:47:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}
[2009.05.10 09:33:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2008.01.11 13:06:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\[email protected]
[2009.05.05 17:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Decky\Application Data\mozilla\Firefox\Profiles\be0vk58y.default\extensions\[email protected]
[2009.06.14 19:56:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.06.14 10:01:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008.08.21 09:21:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009.01.16 16:21:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.04.09 12:26:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.06.14 10:01:43 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.06.14 10:01:43 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.05.03 12:59:11 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009.05.03 12:59:11 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009.05.03 12:59:11 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009.05.03 12:59:11 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009.05.03 12:59:12 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.05.03 12:59:12 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009.05.03 12:59:12 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (311670 bytes) - C:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 10680 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\windows\system32\PSDrvCheck.exe -CheckReg ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.24\RivaTuner.exe" /S ()
O4 - HKLM..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp (IObit)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [BugCD Pretrazivac] C:\Program Files\BugCD Pretrazivac\BugCD Pretrazivac.exe ()
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear (NVIDIA)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Decky\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: English<->French - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-French) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: English<->German - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-German) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: English<->Italian - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Italian) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: English<->Latin - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Latin) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: English<->Spanish - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Spanish) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: eng-scr - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Croatian) for Windows\Plugins\IE.htm ()
O8 - Extra context menu item: I&zvoz u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Stavi na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Stavi na blog u Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: English<->German - {2DDEE708-A225-6449-889B-1941E2FBAB6D} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-German) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : English<->German - {2DDEE708-A225-6449-889B-1941E2FBAB6D} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-German) for Windows\Plugins\IE.htm ()
O9 - Extra Button: English<->Latin - {4629E725-138D-0F4C-B01A-09EBD3D67834} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Latin) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : English<->Latin - {4629E725-138D-0F4C-B01A-09EBD3D67834} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Latin) for Windows\Plugins\IE.htm ()
O9 - Extra Button: English<->Italian - {73AD0419-12E3-E74C-B893-EA4EF48F451F} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Italian) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : English<->Italian - {73AD0419-12E3-E74C-B893-EA4EF48F451F} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Italian) for Windows\Plugins\IE.htm ()
O9 - Extra Button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: English<->French - {9771B718-0C1C-3248-A000-C378A44BF07B} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-French) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : English<->French - {9771B718-0C1C-3248-A000-C378A44BF07B} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-French) for Windows\Plugins\IE.htm ()
O9 - Extra Button: English<->Spanish - {A9919568-CF8E-C140-84DC-0FF917685E69} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Spanish) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : English<->Spanish - {A9919568-CF8E-C140-84DC-0FF917685E69} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Spanish) for Windows\Plugins\IE.htm ()
O9 - Extra Button: English<->Croatian - {B05D861D-C01F-7C4C-A7FF-A8003A8FE77C} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Croatian) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : eng-scr - {B05D861D-C01F-7C4C-A7FF-A8003A8FE77C} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Croatian) for Windows\Plugins\IE.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1200047154156 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\dwwinxp.exe: Debugger - C:\WINDOWS\system32\winxp.exe File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9484c51a-f4c1-11db-98e7-00016ce45155}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a1a75f18-faf5-11db-98fc-00016ce45155}\Shell\Auto\command - "" = H:\AdobeR.exe -- File not found
O33 - MountPoints2\{a1a75f18-faf5-11db-98fc-00016ce45155}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc6329a9-9efa-11db-97dd-00016ce45155}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{cc6329a9-9efa-11db-97dd-00016ce45155}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{da4bcfdb-5b8a-11d9-ba0e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{da4bcfdb-5b8a-11d9-ba0e-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{da4bcfdb-5b8a-11d9-ba0e-806d6172696f}\Shell\AutoRun\command - "" = C:\windows\system32\setup.exe -- [2008.04.14 05:42:36 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{dc6fa386-8f9f-11db-97a1-00016ce45155}\Shell - "" = AutoRun
O33 - MountPoints2\{dc6fa386-8f9f-11db-97a1-00016ce45155}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dc6fa386-8f9f-11db-97a1-00016ce45155}\Shell\AutoRun\command - "" = N:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009.06.14 19:59:11 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\windows\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (lsdelete) - C:\windows\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[58 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009.06.14 19:59:11 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Decky\Desktop\OTL.exe
[2009.06.14 19:58:10 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009.06.14 19:54:36 | 00,170,029 | ---- | C] (Eric_71) -- C:\Documents and Settings\Decky\Desktop\Rooter.exe
[2009.06.14 11:40:39 | 00,000,836 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\F1 2oo9 Delux Game (TPTB).lnk
[2009.06.13 14:17:19 | 00,056,982 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\Death.Race[2008][Unrated.Edition]DvDrip-aXXo.4560022.TPB.torrent
[2009.06.13 13:46:27 | 00,019,021 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\Transformers[2007]DvDrip[Eng]-aXXo.4477411.TPB.torrent
[2009.06.12 00:34:45 | 00,054,156 | -H-- | C] () -- C:\windows\QTFont.qfn
[2009.06.12 00:34:45 | 00,001,409 | ---- | C] () -- C:\windows\QTFont.for
[2009.06.08 18:09:31 | 00,000,285 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\Shortcut to Local Disk (G).lnk
[2009.06.07 21:55:44 | 00,053,248 | ---- | C] () -- C:\Documents and Settings\Decky\My Documents\Neutrum, das sächliche Geschlecht.ppt
[2009.06.04 22:17:25 | 00,015,688 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2009.06.04 22:09:35 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\windows\System32\drivers\Lbd.sys
[2009.06.04 22:09:13 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2009.06.04 22:02:28 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009.06.04 22:02:27 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009.06.04 21:59:04 | 37,452,296 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Decky\Desktop\Ad-AwareAE.exe
[2009.06.04 21:36:54 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Decky\Desktop\setup-spybotsd162.exe
[2009.06.04 20:49:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Decky\Application Data\Malwarebytes
[2009.06.04 20:49:57 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.06.04 20:49:55 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009.06.04 20:49:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.06.04 20:49:53 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009.06.04 20:49:53 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.06.04 20:47:57 | 03,371,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Decky\Desktop\mbam-setup.exe
[2009.06.04 20:47:26 | 00,000,000 | ---D | C] -- C:\windows\ERDNT
[2009.06.04 20:46:33 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\NTREGOPT.lnk
[2009.06.04 20:46:33 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\ERUNT.lnk
[2009.06.04 20:46:32 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009.06.04 20:43:53 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Decky\Desktop\erunt_setup.exe
[2009.06.04 20:37:12 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Decky\Desktop\SysRestorePoint.exe
[2009.06.04 20:30:44 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Decky\Desktop\TFC.exe
[2009.06.04 19:57:11 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\HijackThis.lnk
[2009.06.04 19:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009.06.02 18:13:27 | 00,020,258 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\S.T.A.L.K.E.R_Clear_sky(Eng).mds.4380925.TPB [mininova].torrent
[2009.05.19 16:01:36 | 18,373,590 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\MVI_1387.avi
[2009.05.19 15:38:12 | 30,565,050 | ---- | C] () -- C:\Documents and Settings\Decky\Desktop\MVI_1384.avi
[2009.05.01 13:06:50 | 00,118,784 | ---- | C] () -- C:\windows\System32\NxExtensions.dll
[2009.04.09 12:50:52 | 00,000,164 | R--- | C] () -- C:\windows\avrack.ini
[2009.03.27 10:03:00 | 01,724,416 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2009.03.27 10:03:00 | 01,503,232 | ---- | C] () -- C:\windows\System32\nview.dll
[2009.03.27 10:03:00 | 01,101,824 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2009.03.27 10:03:00 | 00,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2008.10.07 09:13:30 | 00,197,912 | ---- | C] () -- C:\windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll
[2008.08.27 23:03:26 | 00,042,320 | ---- | C] () -- C:\windows\System32\xfcodec.dll
[2008.04.13 20:27:32 | 00,000,012 | ---- | C] () -- C:\windows\dirsaver.ini
[2008.04.09 09:33:50 | 00,027,648 | -HS- | C] () -- C:\windows\System32\Smab0.dll
[2008.02.03 21:37:27 | 00,022,328 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2007.12.24 00:29:00 | 00,000,391 | ---- | C] () -- C:\windows\wininit.ini
[2007.11.30 16:44:58 | 00,408,576 | ---- | C] () -- C:\windows\System32\Smab.dll
[2007.11.30 16:44:57 | 00,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll
[2007.06.20 10:54:02 | 00,000,065 | ---- | C] () -- C:\windows\mp3wavcon.ini
[2007.03.25 20:02:58 | 00,639,224 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2007.03.12 13:01:30 | 00,217,088 | ---- | C] () -- C:\windows\NVGfxOgl.dll
[2007.01.31 00:12:44 | 00,000,023 | ---- | C] () -- C:\windows\BlendSettings.ini
[2007.01.08 11:40:01 | 00,000,000 | ---- | C] () -- C:\windows\mngui.INI
[2006.10.22 18:45:06 | 00,000,200 | ---- | C] () -- C:\windows\MATLAB.INI
[2006.07.29 09:22:15 | 00,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll
[2006.07.28 16:13:57 | 00,069,632 | R--- | C] () -- C:\windows\System32\xmltok.dll
[2006.07.28 16:13:57 | 00,036,864 | R--- | C] () -- C:\windows\System32\xmlparse.dll
[2006.07.27 18:21:10 | 00,164,992 | ---- | C] () -- C:\windows\System32\drivers\athsgt.sys
[2006.07.27 18:21:10 | 00,012,544 | ---- | C] () -- C:\windows\System32\drivers\limsgt.sys
[2006.07.26 18:43:10 | 00,007,552 | ---- | C] () -- C:\windows\System32\drivers\enodpl.sys
[2006.07.26 18:43:10 | 00,004,736 | ---- | C] () -- C:\windows\System32\drivers\tandpl.sys
[2006.07.13 13:05:32 | 00,000,632 | ---- | C] () -- C:\windows\CoDUO.INI
[2006.07.12 16:49:18 | 00,034,308 | ---- | C] () -- C:\windows\System32\BASSMOD.dll
[2006.07.12 16:46:50 | 00,159,616 | ---- | C] ( ) -- C:\windows\System32\drivers\Vax347b.sys
[2006.07.12 16:46:50 | 00,005,248 | ---- | C] ( ) -- C:\windows\System32\drivers\Vax347s.sys
[2006.07.12 12:49:58 | 00,000,394 | ---- | C] () -- C:\windows\ODBC.INI
[2006.07.12 11:55:58 | 00,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2006.07.11 10:12:08 | 00,000,204 | ---- | C] () -- C:\windows\RtlRack.ini
[2006.07.11 10:09:50 | 00,156,672 | R--- | C] () -- C:\windows\System32\RTLCPAPI.dll
[2005.06.19 09:49:00 | 00,010,752 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2005.06.11 11:47:00 | 00,045,056 | ---- | C] () -- C:\windows\System32\fpprintmon.dll
[2005.02.24 18:56:45 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2003.12.22 14:40:06 | 01,663,068 | ---- | C] () -- C:\windows\System32\libmmd.dll
[2003.08.07 14:01:52 | 00,237,568 | ---- | C] () -- C:\windows\System32\lame_enc.dll
[2003.07.01 09:36:02 | 00,005,373 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
[2001.08.23 14:00:00 | 00,000,981 | ---- | C] () -- C:\windows\win.ini
[2001.08.23 14:00:00 | 00,000,231 | ---- | C] () -- C:\windows\system.ini
[1995.03.22 09:00:00 | 00,056,832 | ---- | C] () -- C:\windows\System32\iyvu9_32.dll
========== Files - Modified Within 30 Days ==========
[58 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009.06.14 19:59:11 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Decky\Desktop\OTL.exe
[2009.06.14 19:54:36 | 00,170,029 | ---- | M] (Eric_71) -- C:\Documents and Settings\Decky\Desktop\Rooter.exe
[2009.06.14 19:47:02 | 00,000,260 | ---- | M] () -- C:\windows\tasks\WGASetup.job
[2009.06.14 19:46:59 | 00,212,296 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2009.06.14 19:46:54 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009.06.14 19:46:51 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Decky\Local Settings\desktop.ini
[2009.06.14 19:46:49 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2009.06.14 15:30:39 | 00,000,565 | ---- | M] () -- C:\Documents and Settings\Decky\My Documents\Moje mape za zajedničko korištenje.lnk
[2009.06.14 12:45:55 | 00,311,670 | R--- | M] () -- C:\windows\System32\drivers\etc\hosts
[2009.06.14 12:41:48 | 00,000,981 | ---- | M] () -- C:\windows\win.ini
[2009.06.14 12:17:26 | 00,000,836 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\F1 2oo9 Delux Game (TPTB).lnk
[2009.06.14 09:58:45 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2009.06.13 14:17:19 | 00,056,982 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\Death.Race[2008][Unrated.Edition]DvDrip-aXXo.4560022.TPB.torrent
[2009.06.13 13:46:27 | 00,019,021 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\Transformers[2007]DvDrip[Eng]-aXXo.4477411.TPB.torrent
[2009.06.12 11:14:39 | 00,439,264 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009.06.12 11:14:39 | 00,070,968 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009.06.12 11:14:38 | 00,516,804 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009.06.12 11:12:25 | 00,270,984 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2009.06.12 09:35:56 | 00,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2009.06.12 00:34:45 | 00,054,156 | -H-- | M] () -- C:\windows\QTFont.qfn
[2009.06.12 00:34:45 | 00,001,409 | ---- | M] () -- C:\windows\QTFont.for
[2009.06.11 22:09:34 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2009.06.08 18:09:31 | 00,000,285 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\Shortcut to Local Disk (G).lnk
[2009.06.07 21:55:44 | 00,053,248 | ---- | M] () -- C:\Documents and Settings\Decky\My Documents\Neutrum, das sächliche Geschlecht.ppt
[2009.06.04 22:09:01 | 00,015,688 | ---- | M] () -- C:\windows\System32\lsdelete.exe
[2009.06.04 22:08:51 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\windows\System32\drivers\Lbd.sys
[2009.06.04 22:02:27 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009.06.04 22:01:12 | 37,452,296 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Decky\Desktop\Ad-AwareAE.exe
[2009.06.04 21:54:31 | 00,000,391 | ---- | M] () -- C:\windows\wininit.ini
[2009.06.04 21:41:05 | 00,311,656 | R--- | M] () -- C:\windows\System32\drivers\etc\hosts.20090614-124555.backup
[2009.06.04 21:38:34 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\Spybot - Search & Destroy.lnk
[2009.06.04 21:37:27 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Decky\Desktop\setup-spybotsd162.exe
[2009.06.04 20:49:57 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.06.04 20:49:25 | 03,371,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Decky\Desktop\mbam-setup.exe
[2009.06.04 20:46:33 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\NTREGOPT.lnk
[2009.06.04 20:46:33 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\ERUNT.lnk
[2009.06.04 20:43:54 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Decky\Desktop\erunt_setup.exe
[2009.06.04 20:37:12 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Decky\Desktop\SysRestorePoint.exe
[2009.06.04 20:30:44 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Decky\Desktop\TFC.exe
[2009.06.04 19:57:11 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\HijackThis.lnk
[2009.06.02 18:13:27 | 00,020,258 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\S.T.A.L.K.E.R_Clear_sky(Eng).mds.4380925.TPB [mininova].torrent
[2009.06.01 18:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MRT.exe
[2009.05.31 22:00:00 | 00,000,384 | ---- | M] () -- C:\windows\tasks\SmartDefrag.job
[2009.05.26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009.05.26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009.05.21 13:54:31 | 00,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[2009.05.20 16:57:43 | 00,000,023 | ---- | M] () -- C:\windows\BlendSettings.ini
[2009.05.20 12:14:12 | 00,002,377 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\FBWH BenchTool.lnk
[2009.05.19 16:01:36 | 18,373,590 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\MVI_1387.avi
[2009.05.19 15:38:12 | 30,565,050 | ---- | M] () -- C:\Documents and Settings\Decky\Desktop\MVI_1384.avi
< End of report >
OTL Extras:
OTL Extras logfile created on: 14.6.2009 20:01:09 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Decky\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,12% Memory free
3,35 Gb Paging File | 2,83 Gb Available in Paging File | 84,64% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,20 Gb Total Space | 38,19 Gb Free Space | 27,64% Space Free | Partition Type: NTFS
Drive D: | 95,56 Gb Total Space | 31,37 Gb Free Space | 32,83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 409,40 Gb Free Space | 87,90% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DECKY-E93819898
Current User Name: Decky
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"15155:TCP" = 15155:TCP:*:Enabled:NortonAV
"16556:TCP" = 16556:TCP:*:Enabled:NortonAV
"17096:TCP" = 17096:TCP:*:Enabled:NortonAV
"17464:TCP" = 17464:TCP:*:Enabled:NortonAV
"13299:TCP" = 13299:TCP:*:Enabled:NortonAV
"12569:TCP" = 12569:TCP:*:Enabled:NortonAV
"15798:TCP" = 15798:TCP:*:Enabled:NortonAV
"17026:TCP" = 17026:TCP:*:Enabled:NortonAV
"13516:TCP" = 13516:TCP:*:Enabled:NortonAV
"13575:TCP" = 13575:TCP:*:Enabled:NortonAV
"18893:TCP" = 18893:TCP:*:Enabled:NortonAV
"18350:TCP" = 18350:TCP:*:Enabled:NortonAV
"16026:TCP" = 16026:TCP:*:Enabled:NortonAV
"18699:TCP" = 18699:TCP:*:Enabled:NortonAV
"18167:TCP" = 18167:TCP:*:Enabled:NortonAV
"17674:TCP" = 17674:TCP:*:Enabled:NortonAV
"18146:TCP" = 18146:TCP:*:Enabled:NortonAV
"12715:TCP" = 12715:TCP:*:Enabled:NortonAV
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\EA GAMES\Medal of Honor Pacific Assault™\mohpa.exe:*:Disabled:Medal of Honor Pacific Assault™ File not found
C:\Program Files\Atari\BOILING POINT\Xenus.exe:*:Disabled:Xenus ()
D:\Program Files\THQ\MotoGP URT 3\motogp.exe:*:Disabled:motogp File not found
D:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe:*:Disabled:Speed File not found
D:\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Disabled:Test Drive Unlimited File not found
D:\Program Files\Live for Speed S2\LFSspotter.exe:*:Disabled:LFSspotter ()
D:\Program Files\Live for Speed S2\LFS.exe:*:Disabled:LFS ()
D:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Disabled:DarkCrusade (THQ Canada Inc.)
D:\Program Files\THQ\Dawn of War\W40k.exe:*:Disabled:W40K File not found
D:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Disabled:Test Drive Unlimited (Eden Games)
D:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 (Firefly Studios)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent File not found
C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser (Opera Software)
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.321\English\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup (Kaspersky Lab)
C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)
C:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe:*:Enabled:Miro_Downloader File not found
C:\Program Files\DNA\btdna.exe:*:Enabled:DNA (BitTorrent, Inc.)
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent File not found
D:\Program Files\EA SPORTS\FIFA 07\fifa07.exe:*:Enabled:fifa07 File not found
C:\WINDOWS\system32\oykfqe.exe:*:Enabled:oykfqe File not found
C:\WINDOWS\winlogon.exe File not found
C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ File not found
D:\Program Files\Team6 game studios\Scooter War3z\Scooter.exe:*:Enabled:Scooter File not found
C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire (FrostWire Group)
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire (Xfire Inc.)
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon (MessengerDiscovery)
D:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe:*:Enabled:sof3 File not found
C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component File not found
C:\Program Files\Atari\Shadow Ops Red Mercury\System\RM.exe:*:Enabled:RM File not found
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\DrivingSpeed2\DrivingSpeed.exe:*:Enabled:Driving Speed Application File not found
C:\Program Files\Ea Sports\F1 Challenge 2007\F1Challenge2007.exe:*:Enabled:F1 Challenge 99-02 File not found
C:\Program Files\Empire Interactive\FlatOut\flatout.exe:*:Enabled:flatout File not found
D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Documents and Settings\Decky\My Documents\Download\Programi\SRO_NEW_Full-Client_Downloader.exe:*:Enabled:Full-Client Downloader File not found
C:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:pandora ()
C:\Program Files\Eidos\25 to Life\TTL.exe:*:Enabled:TTL File not found
D:\Program Files\UFOAI-2.2.1\ufo.exe:*:Enabled:UFO:Alien Invasion File not found
C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation)
C:\Program Files\Crave Entertainment\World Championship Poker 2\WCP2.exe:*:Enabled:WCP2 ()
D:\Program Files\Techland\Xpand Rally\xpandrally.exe:*:Disabled:XpandRally (Techland)
D:\Program Files\id Software\Quake 4\Quake4.exe:*:Disabled:Quake 4 File not found
D:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe:*:Enabled:NFSC File not found
D:\Program Files\THQ\Dawn of War\W40kWA.exe:*:Enabled:W40kWA File not found
C:\Program Files\eMule\emule.exe:*:Enabled:eMule File not found
C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord (www.BitLord.com)
C:\Program Files\Sierra\FEARCombat\FEARServer.exe:*:Enabled:F.E.A.R. - Stand-Alone Server File not found
D:\Program Files\THQ\Dawn of War - Soulstorm\Soulstorm.exe:*:Enabled:Soulstorm (THQ Canada Inc.)
D:\Program Files\Half-Life 2\hl2 -steam -console.exe:*:Disabled:hl2 -steam -console File not found
C:\Program Files\Steam\steamapps\mposlon\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 ()
C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3a\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service File not found
D:\Program Files\UT2004\System\UT2004.exe:*:Enabled:UT2004 ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = Race Driver 3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow
"{0D093D4A-C6F5-4258-8E13-94F8EA6C6A4C}" = PilotDown
"{1064CABD-7390-4336-94E4-8A53DFBCB636}_is1" = GT Legends 1.0.0.0
"{10E33F6D-16E6-400E-BA1E-DF9F1BCD1B30}" = SuperUtility
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}" = The Godfather™ The Game
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 13
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{300A470B-681B-449F-82AE-6D19114702CE}" = PhysX Screen Saver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34B9B494-EF4A-4592-87A8-BE40D0442E86}" = Dawn of War - Soulstorm
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{47836B39-2465-4F39-9D7E-52F70A1C3D72}" = Axis & Allies
"{478DCE85-E854-4E55-9B6A-D285F9CABAFF}" = Windows Live installer
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4B9535BF-CC90-4158-AF32-CAF57A8820CA}" = Macromedia Contribute 3.11
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"{544DB849-AB59-4C12-A333-2F214E24870F}" = Commandos Strike Force
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{63D64340-C694-48C4-893F-481AD9A1ACCE}" = Windows Live Writer
"{657201DD-30C8-4E50-88AD-164B3812E8F5}" = Framebuffer Crysis WARHEAD Benchmark Tool
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{83ED1E80-A1B7-4256-BCF1-AC4A88151A6B}" = Microsoft MapPoint Europe 2006
"{844A01D6-3B94-4CAC-BAF8-22ECF081C14F}" = Windows Live Mail
"{851367C1-2F9F-4087-B3E8-8DECFE328370}" = The Da Vinci Code
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{9011041A-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{97DDA53A-8346-467A-880C-655E847CC7D3}" = Ski Racing 2006
"{993A94A9-DCE3-4774-B35D-D8C74FC1E0BE}" = Royale Remixed Theme
"{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}" = Crashday
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A267A14C-6FDA-41A1-8B22-50A5D1E4444E}" = Mathematica 5
"{A7651FB4-AC2E-4020-90E2-B71C8C379F48}" = Macromedia Captivate
"{ABB2901A-3D0A-4F21-8324-2F13C3EFE163}" = LightScribe 1.4.62.1
"{AC76BA86-7AD7-1033-7B44-A70700000002}" = Adobe Reader 7.0.7
"{B2E01847-F5DF-4BD9-B20F-260A794EF934}" = Windows Live Galerija fotografija
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}" = Tom Clancy's Splinter Cell Chaos Theory
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}" = Dual-Core Optimizer
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C098DAEC-29EF-4A59-B18E-0E950169CA3C}" = Western Australian Time Zone Update
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C550F6FC-6C3C-4CB4-BC13-3960B17959DD}" = Windows Live Messenger
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CC67770B-581D-4E96-B72A-A7907CE18725}" = Colin McRae Rally 2005
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E4628D0D-5DC8-49EC-985A-F0C12EDBF1D2}" = Agatha Christie - And Then There Were None
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FA075505-EFF6-4006-8E9F-921E09774684}" = Big Mutha Truckers 2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBF91C7D-988A-432A-91C3-5081787C85C1}" = World Championship Poker 2
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"7-Zip" = 7-Zip 4.57
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Analyze for Speed" = Analyze for Speed 1.0
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"BitLord" = BitLord 1.1
"BSPlayer1" = BSPlayer
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CD Recovery Toolbox Free_is1" = CD Recovery Toolbox Free 1.1
"Crysis WARHEAD®" = Crysis WARHEAD®
"CSCLIB" = Canon Camera Support Core Library
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"F1 Screensaver 2006" = F1 Screensaver 2006
"F1PerfView" = F1PerfView 1.24
"ferrari_marzo2008.scr" = ferrari_marzo2008 ScreenSaver
"ffdshow_is1" = ffdshow [rev 1228] [2007-06-03]
"FLV Player2.0 " = FLV Player
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free Pascal_is1" = Free Pascal 2.0.4
"FrostWire" = FrostWire 4.17.2
"Gear Ratio Calculator" = Gear Ratio Calculator 2.5.2
"GSplit21Set" = GSplit 2.1
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 5" = Pinnacle Hollywood FX 5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Infinite Patience v2.2_is1" = Infinite Patience v2.2
"InSim RaceAnalyzer" = InSim RaceAnalyzer 0.1.1.11
"InstallShield_{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{A267A14C-6FDA-41A1-8B22-50A5D1E4444E}" = Mathematica 5
"IsoBuster_is1" = IsoBuster 1.9.1
"KIMI RÄIKKÖNEN Screen Saver" = KIMI RÄIKKÖNEN Screen Saver
"LFS GhostcarMod" = LFS GhostcarMod 1.01
"LFS PitSpotter" = LFS PitSpotter 1.1b
"LFS SmokeMod" = LFS SmokeMod 1.1
"LingvoSoft Talking Dictionary 2007 English<->Croatian for Windows" = LingvoSoft Talking Dictionary 2007 English<->Croatian for Windows
"LingvoSoft Talking Dictionary 2007 English<->French for Windows" = LingvoSoft Talking Dictionary 2007 English<->French for Windows
"LingvoSoft Talking Dictionary 2007 English<->German for Windows" = LingvoSoft Talking Dictionary 2007 English<->German for Windows
"LingvoSoft Talking Dictionary 2007 English<->Italian for Windows" = LingvoSoft Talking Dictionary 2007 English<->Italian for Windows
"LingvoSoft Talking Dictionary 2007 English<->Latin for Windows" = LingvoSoft Talking Dictionary 2007 English<->Latin for Windows
"LingvoSoft Talking Dictionary 2007 English<->Spanish for Windows" = LingvoSoft Talking Dictionary 2007 English<->Spanish for Windows
"Live for Speed S2" = Live for Speed S2 0.5Q
"Live for Speed S2 Car Skin" = Live for Speed S2 Car Skin
"Live for Speed S2 Dedicated Host" = Live for Speed S2 Dedicated Host 0.5Q
"Live for Speed S2 HiRes Sky Textures" = Live for Speed S2 HiRes Sky Textures
"Live for Speed S2 Music Tracks" = Live for Speed S2 Music Tracks
"Magic DVD Ripper_is1" = Magic DVD Ripper V3.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatlabDeinstKey" = MATLAB 10-22-2006
"Messenger Plus! Live" = Messenger Plus! Live & Sponsor (CiD)
"MessengerDiscovery Live_is1" = MessengerDiscovery Live 1.4.5408
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"Registry Repair_is1" = Registry Repair 2.4
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"RivaTuner" = RivaTuner v2.24
"Sketchpad" = Sketchpad
"Smart Defrag_is1" = Smart Defrag 1.11
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SUPER ©" = SUPER © Version 2008.bld.30 (Mar 22, 2008)
"SystemRequirementsLab" = System Requirements Lab
"UT2004" = Unreal Tournament 2004
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Script" = Microsoft Windows Script 5.7
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 31.3.2009 14:59:11 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 18.4.2009 13:07:16 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\UxTheme.dll failed, 00000005.
Error - 26.5.2009 15:29:59 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 28.5.2009 9:24:51 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 31.5.2009 4:25:27 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 1.6.2009 2:42:51 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 3.6.2009 9:07:56 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\uxtheme.dll failed, 00000005.
Error - 7.6.2009 13:44:57 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\SYSTEM32\UXTHEME.DLL failed, 00000005.
Error - 10.6.2009 9:59:32 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\windows\system32\UxTheme.dll failed, 00000005.
Error - 10.6.2009 11:16:45 | Computer Name = DECKY-E93819898 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://s52.hotfile.c...en_june.iso.001
failed, 00000084.
[ Application Events ]
Error - 4.4.2009 3:04:44 | Computer Name = DECKY-E93819898 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
[ System Events ]
Error - 14.6.2009 13:38:37 | Computer Name = DECKY-E93819898 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31
Error - 14.6.2009 13:38:37 | Computer Name = DECKY-E93819898 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31
Error - 14.6.2009 13:38:37 | Computer Name = DECKY-E93819898 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31
Error - 14.6.2009 13:38:37 | Computer Name = DECKY-E93819898 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31
Error - 14.6.2009 13:38:37 | Computer Name = DECKY-E93819898 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 AFD aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT Processor prodrv06 RasAcd Rdbss SCDEmu
Tcpip
Error - 14.6.2009 13:38:48 | Computer Name = DECKY-E93819898 | Source = sfsync03 | ID = 262145
Description =
Error - 14.6.2009 13:39:03 | Computer Name = DECKY-E93819898 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 14.6.2009 13:39:09 | Computer Name = DECKY-E93819898 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 14.6.2009 13:39:31 | Computer Name = DECKY-E93819898 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 14.6.2009 13:45:40 | Computer Name = DECKY-E93819898 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
Many thanks in advance, I'll be very grateful if you can help me!
Sign In
Create Account
