Here are the requested logs:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/29 16:58
Program Version: Version 1.3.3.0
Windows Version: Windows XP SP3
==================================================
Hidden/Locked Files
-------------------
Path: c:\documents and settings\administrator\local settings\temp\~dfa556.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)
Path: c:\documents and settings\administrator\local settings\temp\~dfb8a1.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)
Path: c:\documents and settings\administrator\local settings\temp\~dfe65c.tmp
Status: Allocation size mismatch (API: 163840, Raw: 0)
Path: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
Status: Visible to the Windows API, but not on disk.
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8ASAYW0Q\trans_pixel[1].gif
Status: Invisible to the Windows API!
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\EA6DG7QK\ADSAdClient31[1].htm
Status: Invisible to the Windows API!
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\EA6DG7QK\default[3].htm
Status: Invisible to the Windows API!
Path: c:\documents and settings\administrator\local settings\temporary internet files\content.ie5\ea6dg7qk\errorinformation[1].htm
Status: Allocation size mismatch (API: 12288, Raw: 16384)
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NTVPWDIJ\mstoolbar[1].htm
Status: Invisible to the Windows API!
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NTVPWDIJ\footer[1].htm
Status: Invisible to the Windows API!
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NTVPWDIJ\toc[1].htm
Status: Invisible to the Windows API!
Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NTVPWDIJ\trans_pixel[1].gif
Status: Invisible to the Windows API!
Path: c:\documents and settings\administrator\local settings\temporary internet files\content.ie5\ntvpwdij\welcome[1].htm
Status: Allocation size mismatch (API: 118784, Raw: 262144)
OTL logfile created on: 7/29/2009 5:01:21 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.53 Mb Total Physical Memory | 808.64 Mb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 177.54 Gb Total Space | 94.52 Gb Free Space | 53.24% Space Free | Partition Type: NTFS
Drive D: | 37.26 Gb Total Space | 12.21 Gb Free Space | 32.77% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVEREST
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2008/07/02 19:38:24 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/07/29 16:59:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/04/13 20:00:00 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Stopped])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Stopped])
SRV - [2009/05/11 10:15:50 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2003/05/05 19:30:22 | 00,065,536 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps [Auto | Stopped])
SRV - [2002/04/12 00:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\System32\brsvc01a.exe -- (Brother XP spl Service [Auto | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/23 01:00:03 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c3e9885acf3e [Auto | Stopped])
SRV - [2008/04/13 20:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2001/10/08 12:59:36 | 00,049,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Fast.exe -- (InteractiveLogon [Auto | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2005/03/31 23:16:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [On_Demand | Stopped])
SRV - [2002/09/20 15:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [Auto | Stopped])
SRV - [2007/05/28 09:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...nampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12
FF - prefs.js..keyword.URL: "http://slirsredirect...inampab&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/04 03:13:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/22 04:06:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/21 22:01:53 | 00,000,000 | ---D | M]
[2009/04/13 16:34:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2009/04/13 16:34:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/28 04:55:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\umraneyu.default\extensions
[2009/05/16 21:33:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\umraneyu.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/05/16 21:33:35 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\umraneyu.default\searchplugins\winamp-search.xml
[2009/04/13 16:34:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/21 22:01:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/21 22:01:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/21 22:01:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/21 22:01:50 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/03/26 11:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 11:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/06/25 02:44:11 | 00,001,489 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2009/03/26 11:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 11:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 11:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 11:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
O1 HOSTS File: (2833 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com c3318.z1301.winmx.com c3319.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com c3318.z1302.winmx.com c3319.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com c3318.z1303.winmx.com c3319.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com c3315.z1304.winmx.com c3316.z1304.winmx.com c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com c3318.z1305.winmx.com c3319.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com c3315.z1306.winmx.com c3316.z1306.winmx.com c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com c3528.z1301.winmx.com c3529.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com 3528.z1302.winmx.com c3529.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com c3528.z1303.winmx.com c3529.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com c3528.z1304.winmx.com c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com c3528.z1305.winmx.com c3529.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com c3528.z1306.winmx.comc3529.z1306.winmx.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O8 - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/13 16:28:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/26 11:35:20 | 00,000,000 | ---D | M] - D:\autoruns -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 14 Days ==========
[2009/07/29 16:59:38 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/29 14:52:43 | 00,463,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal(2).zip
[2009/07/29 14:43:06 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to Internet Explorer.lnk
[2009/07/29 14:42:19 | 00,463,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.zip
[2009/07/29 14:30:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/07/29 14:29:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/07/29 14:10:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/07/29 14:10:04 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/29 14:10:02 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/29 14:10:01 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/29 14:10:01 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/29 14:10:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/29 14:09:34 | 03,775,200 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/29 14:09:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/29 14:08:30 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/29 14:08:30 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/29 14:08:29 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/29 14:08:08 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/07/29 14:03:49 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/07/29 13:45:27 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/29 02:14:31 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/07/29 02:13:43 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/29 02:13:43 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/07/29 02:13:43 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/07/29 02:13:43 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/07/29 02:13:42 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/29 02:13:25 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/29 02:13:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/07/29 02:05:56 | 32,299,960 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\avira_antivir_personal_en.exe
[2009/07/29 01:31:44 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/07/28 20:24:15 | 03,252,640 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup221.exe
[2009/07/28 15:26:45 | 02,069,088 | ---- | C] (ParetoLogic Inc.) -- C:\Documents and Settings\Administrator\Desktop\RegCureSetup_RW.exe
[2009/07/28 04:58:17 | 00,000,005 | -HS- | C] () -- C:\WINDOWS\System32\dadeeb0_g.dll
[2009/07/28 04:58:17 | 00,000,005 | ---- | C] () -- C:\WINDOWS\System32\cabffdaffeb4_g.ocx
[2009/07/28 04:56:27 | 00,814,552 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RegSupreme_1.4_setup.exe
[2009/07/28 04:43:59 | 00,000,000 | ---D | C] -- C:\vlc
[2009/07/27 22:59:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\BUGHUN22
[2009/07/27 22:58:59 | 00,286,734 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\BUGHUN22.ZIP
[2009/07/27 00:54:12 | 00,000,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to procexp.exe.lnk
[2009/07/26 23:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009/07/26 21:35:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\ProcessExplorer
[2009/07/26 19:25:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/07/26 16:58:15 | 00,000,000 | ---D | C] -- C:\Program Files\Creative Labs
[2009/07/26 16:57:06 | 00,000,000 | ---D | C] -- C:\Program Files\Eidos Interactive
[2009/07/26 15:27:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mess
[2009/07/26 04:17:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/07/26 01:08:53 | 00,000,000 | ---D | C] -- C:\MinGW
[2009/07/25 23:33:48 | 00,000,000 | ---D | C] -- C:\Program Files\XEmacs
[2009/07/25 22:51:33 | 00,000,000 | ---D | C] -- C:\cygwin
[2009/07/25 22:25:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\emacs-22.3-barebin-i386
[2009/07/25 22:13:27 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Notepad++.lnk
[2009/07/25 22:13:25 | 00,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2009/07/25 22:13:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Notepad++
[2009/07/25 20:28:54 | 00,334,792 | ---- | C] (Alcohol Soft Development Team) -- C:\WINDOWS\System32\_AxShlEx.dll
[2009/07/25 20:11:36 | 00,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/07/25 20:04:02 | 00,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/07/25 20:01:37 | 00,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2009/07/25 18:06:15 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2009/07/25 18:05:03 | 00,000,000 | ---D | C] -- C:\a120
[2009/07/25 18:04:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Folder
[2009/07/25 16:31:32 | 00,000,000 | ---D | C] -- C:\Program Files\Square Soft, Inc
[2009/07/25 16:26:04 | 00,000,156 | ---- | C] () -- C:\WINDOWS\tmpcpyis.bat
[2009/07/25 16:26:04 | 00,000,122 | ---- | C] () -- C:\WINDOWS\tmpdelis.bat
[2009/07/25 16:26:04 | 00,000,026 | ---- | C] () -- C:\WINDOWS\winstart.bat
[2009/07/25 16:24:20 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2009/07/24 03:39:53 | 00,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2009/07/24 03:26:21 | 00,000,000 | ---D | C] -- C:\Program Files\Final Fantasy VII
[2009/07/23 23:59:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/07/23 23:04:14 | 00,001,615 | ---- | C] () -- C:\WINDOWS\System32\sdbackup.reg
[2009/07/23 23:03:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\s4hide
[2009/07/23 22:37:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/07/23 22:13:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2009/07/23 22:12:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/07/23 22:01:22 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009/07/23 20:01:40 | 00,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2009/07/23 19:25:53 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Documents\Virtual CDs
[2009/07/23 19:25:47 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\My Documents\Virtual CD v9
[2009/07/23 19:00:05 | 00,000,768 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/19 00:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\dvdcss
[2009/07/17 22:22:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2009/07/17 21:59:12 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/07/17 21:58:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/07/15 19:56:06 | 00,000,000 | ---D | C] -- C:\Program Files\JFDuke3D
========== Files - Modified Within 14 Days ==========
[2009/07/29 16:59:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/29 16:52:38 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/29 16:44:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/29 16:43:23 | 03,712,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/07/29 14:52:41 | 00,463,738 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal(2).zip
[2009/07/29 14:44:41 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/29 14:44:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/29 14:43:06 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to Internet Explorer.lnk
[2009/07/29 14:42:21 | 00,463,738 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.zip
[2009/07/29 14:10:05 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/29 14:09:44 | 03,775,200 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/29 14:08:30 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/29 14:08:30 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/29 14:08:09 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/07/29 14:03:53 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/07/29 13:45:30 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/29 11:10:37 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/29 02:14:31 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/07/29 02:08:31 | 32,299,960 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\avira_antivir_personal_en.exe
[2009/07/29 01:47:51 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/28 15:27:20 | 02,069,088 | ---- | M] (ParetoLogic Inc.) -- C:\Documents and Settings\Administrator\Desktop\RegCureSetup_RW.exe
[2009/07/28 14:53:04 | 00,151,581 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/07/28 11:59:09 | 00,000,529 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/07/28 11:59:09 | 00,000,232 | -HS- | M] () -- C:\boot.ini
[2009/07/28 04:58:17 | 00,000,005 | -HS- | M] () -- C:\WINDOWS\System32\dadeeb0_g.dll
[2009/07/28 04:58:17 | 00,000,005 | ---- | M] () -- C:\WINDOWS\System32\cabffdaffeb4_g.ocx
[2009/07/28 04:56:28 | 00,814,552 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RegSupreme_1.4_setup.exe
[2009/07/28 04:17:36 | 03,252,640 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup221.exe
[2009/07/27 22:59:18 | 00,286,734 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\BUGHUN22.ZIP
[2009/07/27 00:54:13 | 00,000,608 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to procexp.exe.lnk
[2009/07/26 22:09:38 | 00,015,216 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/26 21:07:27 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/25 22:13:27 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Notepad++.lnk
[2009/07/25 20:11:36 | 00,716,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/07/25 20:04:02 | 00,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/07/25 16:26:14 | 00,000,768 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/07/25 16:26:14 | 00,000,156 | ---- | M] () -- C:\WINDOWS\tmpcpyis.bat
[2009/07/25 16:26:14 | 00,000,122 | ---- | M] () -- C:\WINDOWS\tmpdelis.bat
[2009/07/25 16:26:04 | 00,000,026 | ---- | M] () -- C:\WINDOWS\winstart.bat
[2009/07/23 23:59:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2009/07/23 23:04:14 | 00,001,615 | ---- | M] () -- C:\WINDOWS\System32\sdbackup.reg
[2009/07/22 21:18:34 | 00,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/17 22:23:17 | 00,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/17 22:23:17 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/07/17 22:23:17 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
========== LOP Check ==========
[2009/07/29 14:10:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2009/04/19 10:16:50 | 00,000,000 | R--D | M] -- C:\Documents and Settings\Administrator\Application Data\Brother
[2009/07/26 19:26:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DNA
[2009/07/19 00:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\dvdcss
[2009/07/23 22:13:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2009/06/25 04:20:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LimeWire
[2009/07/25 22:13:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Notepad++
[2009/04/25 22:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ubisoft
[2009/07/29 13:33:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/07/29 14:10:01 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/17 21:43:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2008/04/13 20:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/07/29 14:44:41 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/07/29 11:10:37 | 00,000,886 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/07/29 14:44:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:50550A1EBE70AA1E
< End of report >
OTL Extras logfile created on: 7/29/2009 5:01:21 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.53 Mb Total Physical Memory | 808.64 Mb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 177.54 Gb Total Space | 94.52 Gb Free Space | 53.24% Space Free | Partition Type: NTFS
Drive D: | 37.26 Gb Total Space | 12.21 Gb Free Space | 32.77% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVEREST
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"D:\Program Files\LimeWire\LimeWire.exe" = D:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- ()
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin" = C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin:*:Enabled:Game -- (Invictus-Games Kft.)
"C:\Program Files\Age of Wonders II\AoW2.exe" = C:\Program Files\Age of Wonders II\AoW2.exe:*:Enabled:Age of Wonders 2 -- (Triumph Studios)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\JFDuke3D\duke3d.exe" = C:\Program Files\JFDuke3D\duke3d.exe:*:Enabled:duke3d -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Wonders II" = Age of Wonders II
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"Duke Nukem 3D HRP" = Duke Nukem 3D HRP V 4.0 (321)
"EAX Unified (SHELL)" = EAX Unified (SHELL)
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"JAIELangPack" = Japanese Language Support
"JFDuke3D" = JFDuke3D 20050216
"LimeWire" = LimeWire PRO 4.12.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MinGW" = MinGW 5.1.4
"Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"Project Torque" = Project Torque
"Torrente_is1" = Torrente
"VLC media player" = VLC media player 0.9.9
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"XEmacs_is1" = XEmacs 21.4.21
"ZHCIELangPack" = Chinese (Simplified) Language Support
"ZHTIELangPack" = Chinese (Traditional) Language Support
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ System Events ]
Error - 7/29/2009 5:34:08 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/29/2009 5:39:43 PM | Computer Name = EVEREST | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.100 for the Network Card with network
address 000C6E2A34A4 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 7/29/2009 5:43:07 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/29/2009 7:41:59 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/29/2009 7:43:25 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/29/2009 7:44:37 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 7/29/2009 7:46:37 PM | Computer Name = EVEREST | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.100 for the Network Card with network
address 000C6E2A34A4 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 7/29/2009 7:48:51 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 7/29/2009 7:51:54 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 7/29/2009 7:58:22 PM | Computer Name = EVEREST | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
< End of report >