Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Do some one hawe time to help me to?

Started by HXIS , Mar 15 2009 10:03 AM

  • Please log in to reply

#1
HXIS
Posted 15 March 2009 - 10:03 AM

HXIS

    New Member

  • Member
  • Pip
  • 1 posts
Microsoft Windows XP Professional (5.1.2600) Service Pack 3, v.5657

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:20026 Mo/Free:3933 Mo)
D:\ [Fixed] - NTFS - (Total:374256 Mo/Free:3989 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:170745 Mo/Free:2072 Mo)
G:\ [Fixed] - NTFS - (Total:190771 Mo/Free:908 Mo)
H:\ [Fixed] - NTFS - (Total:190781 Mo/Free:2535 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)
K:\ [Fixed] - NTFS - (Total:238474 Mo/Free:1316 Mo)
L:\ [Removable] (Total:0 Mo/Free:0 Mo)
M:\ [Removable] (Total:0 Mo/Free:0 Mo)
N:\ [Removable] (Total:0 Mo/Free:0 Mo)
O:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Z:\ [Network] (Total:953859 Mo/Free:1104 Mo)

15.03.2009|14:09

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
--Locked-- cmdagent.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\Program Files\Spyware Terminator\sp_rsser.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Synergy\synergyc.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
--Locked-- cfp.exe
---------- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
---------- C:\Program Files\PeerGuardian2\pg2.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


OTListIt logfile created on: 15.03.2009 14:38:02 - Run 1
OTListIt2 by OldTimer - Version 2.0.3.8 Folder = C:\Documents and Settings\Galeman\Desktop
Windows XP Professional Edition Service Pack 3, v.5657 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 96,58% Memory free
4,00 Gb Paging File | 3,79 Gb Available in Paging File | 94,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,56 Gb Total Space | 11,85 Gb Free Space | 60,58% Space Free | Partition Type: NTFS
Drive D: | 365,48 Gb Total Space | 23,90 Gb Free Space | 6,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 166,74 Gb Total Space | 138,02 Gb Free Space | 82,78% Space Free | Partition Type: NTFS
Drive G: | 186,30 Gb Total Space | 48,89 Gb Free Space | 26,24% Space Free | Partition Type: NTFS
Drive H: | 186,31 Gb Total Space | 58,48 Gb Free Space | 31,39% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 232,89 Gb Total Space | 33,29 Gb Free Space | 14,29% Space Free | Partition Type: NTFS
Drive Z: | 931,50 Gb Total Space | 821,08 Gb Free Space | 88,15% Space Free | Partition Type: NTFS

Computer Name: DADDA-085F03732
Current User Name: Galeman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files\Synergy\synergyc.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
PRC - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
PRC - C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)
PRC - C:\Documents and Settings\Galeman\Desktop\OTListIt2.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Disabled | Stopped]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (netsvc [Auto | Stopped]) -- File not found
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (sp_rssrv [Auto | Running]) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Synergy Client [Auto | Running]) -- C:\Program Files\Synergy\synergyc.exe ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AmdPPM [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdPPM.sys (Advanced Micro Devices)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (basic2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\basic2.sys (Conexant Systems)
DRV - (cmdGuard [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmdHlp [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (Cnxtdiag [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\cnxtdiag.sys (Conexant Systems)
DRV - (COMMONFX [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (COMMONFX.SYS [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (ctac32k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctaud2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (CTAUDFX [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (CTAUDFX.SYS [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (ctdvda2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (CTERFXFX [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (CTERFXFX.SYS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (ctprxy2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (CTSBLFX [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (CTSBLFX.SYS [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (dvd43llh [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\dvd43llh.sys (RIF)
DRV - (emupia [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (Fallback [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fallback.sys (Conexant Systems)
DRV - (Fsks [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fsksnt.sys (Conexant Systems)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (ha10kx2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (hap16v2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\hap16v2k.sys (Creative Technology Ltd)
DRV - (hap17v2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\hap17v2k.sys (Creative Technology Ltd)
DRV - (hsf_msft [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys (Conexant)
DRV - (Inspect [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (K56 [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\k56nt.sys (Conexant Systems)
DRV - (MarvinBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (ms_mpu401 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (nv_agp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (Rksample [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rksample.sys (Conexant Systems)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SI3112 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SI3112.sys (Silicon Image, Inc)
DRV - (SiFilter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (SiRemFil [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV - (SoftFax [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\faxnt.sys (Conexant Systems)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (sp_rsdrv2 [System | Running]) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
DRV - (Tones [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\tonesnt.sys (Conexant Systems)
DRV - (V124 [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\v124nt.sys (Conexant Systems)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems)
DRV - (pgfilter [On_Demand | Running]) -- C:\Program Files\PeerGuardian2\pgfilter.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder:
FF - prefs.js..browser.startup.homepage: "http://www.google.no/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.8
FF - prefs.js..extensions.enabledItems: {DB2EA31C-58F5-48b7-8D60-CB0739257904}:0.18.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.1.0.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:0.5.9
FF - prefs.js..extensions.enabledItems: {75623d5d-4683-402a-b610-ac4bab767c86}:2.0.2
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:1.4.9
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20081111
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:2.95
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009.02.19 21:18:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009.03.08 17:31:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009.03.08 17:31:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009.02.22 12:37:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009.03.08 17:17:26 | 00,000,000 | ---D | M]
[2008.11.01 17:59:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Extensions
[2008.11.01 17:59:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.03.15 10:51:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions
[2009.03.15 10:51:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009.02.21 16:46:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009.02.22 08:44:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009.02.22 08:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009.03.12 21:24:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009.03.12 21:24:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2009.02.21 22:08:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.02.22 08:44:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.02.22 08:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}
[2009.02.21 22:01:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\{DB2EA31C-58F5-48b7-8D60-CB0739257904}
[2009.02.21 16:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Galeman\Application Data\mozilla\Firefox\Profiles\rl12900e.default\extensions\[email protected]
[2008.11.01 17:59:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.03.08 17:31:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.03.08 17:31:01 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.03.08 17:31:01 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

O1 HOSTS File: (302562 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 10430 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (Crawler.com)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)
O4 - Startup: C:\Documents and Settings\Galeman\Start Menu\Programs\Startup\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 55 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1235068447500 (WUWebControl Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - Fences - C:\Program Files\Stardock\Fences\DesktopDock.dll (Stardock)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009.03.15 14:08:42 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009.03.15 14:08:33 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Rooter.exe
[2009.03.15 14:03:56 | 00,497,152 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Galeman\Desktop\OTListIt2.exe
[2009.03.15 12:36:48 | 00,882,489 | ---- | C] (Methlabs Productions ) -- C:\Documents and Settings\Galeman\Desktop\pg2-050918-nt(2).exe
[2009.03.15 11:08:57 | 00,882,489 | ---- | C] (Methlabs Productions ) -- C:\Documents and Settings\Galeman\Desktop\pg2-050918-nt.exe
[2009.03.15 10:27:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Malwarebytes
[2009.03.15 10:27:42 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.03.15 10:27:39 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.03.15 10:27:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.03.15 10:27:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.03.15 10:25:12 | 02,876,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Galeman\Desktop\mbam-setup.exe
[2009.03.15 10:00:41 | 00,000,519 | ---- | C] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT
[2009.03.15 10:00:40 | 00,001,738 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\HijackThis.lnk
[2009.03.15 10:00:38 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009.03.15 09:59:42 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Galeman\Desktop\HJTInstall.exe
[2009.03.12 22:59:24 | 01,416,944 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Galeman\Desktop\WM9Codecs.exe
[2009.03.12 22:23:40 | 00,000,700 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Shortcut to moviemk.lnk
[2009.03.12 22:23:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Local Settings\Application Data\WMTools Downloaded Files
[2009.03.12 21:49:59 | 00,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.03.12 21:49:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Spyware Terminator
[2009.03.12 21:49:41 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2009.03.12 21:49:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009.03.12 21:40:45 | 00,646,728 | ---- | C] (Crawler Inc. ) -- C:\Documents and Settings\Galeman\Desktop\SpywareTerminatorSetup.exe
[2009.03.10 18:53:47 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009.03.09 20:23:31 | 00,001,552 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\CCleaner.lnk
[2009.03.09 20:19:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\DeepBurner
[2009.03.09 20:15:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Artweaver
[2009.03.08 18:45:20 | 00,000,000 | ---D | C] -- C:\Program Files\MGTEK
[2009.03.08 18:45:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MGTEK
[2009.03.08 18:44:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MGTEK
[2009.03.08 18:31:33 | 01,499,376 | ---- | C] (MGTEK) -- C:\Documents and Settings\Galeman\Desktop\dopisp.exe
[2009.03.08 17:17:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Foxit
[2009.03.08 17:16:59 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009.03.08 17:15:43 | 03,874,048 | ---- | C] (Foxit Software) -- C:\Documents and Settings\Galeman\Desktop\FoxitReader30_enu_Setup.exe
[2009.03.08 17:13:12 | 01,066,521 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\iPod_nano_Features_Guide.pdf
[2009.03.01 18:42:52 | 00,000,724 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Easy Duplicate Finder.lnk
[2009.03.01 18:42:52 | 00,000,000 | ---D | C] -- C:\Program Files\Easy Duplicate Finder
[2009.03.01 18:42:21 | 00,000,746 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Sweet Home 3D.lnk
[2009.03.01 18:42:11 | 00,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D
[2009.03.01 18:40:58 | 00,001,671 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Customize Fences.lnk
[2009.03.01 18:40:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Stardock
[2009.03.01 18:40:52 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{067CEB81-A49B-4597-9505-A5515881D672}
[2009.03.01 18:40:52 | 00,000,000 | ---D | C] -- C:\Program Files\Stardock
[2009.03.01 18:39:58 | 00,001,606 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\Artweaver 0.5.lnk
[2009.03.01 18:39:55 | 00,000,000 | ---D | C] -- C:\Program Files\Artweaver 0.5
[2009.03.01 18:38:44 | 00,000,935 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009.03.01 18:38:13 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2009.03.01 18:37:25 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\DeepBurner.lnk
[2009.03.01 18:37:25 | 00,000,000 | ---D | C] -- C:\Program Files\Astonsoft
[2009.03.01 18:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009.03.01 18:36:46 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2009.03.01 18:35:59 | 00,018,816 | ---- | C] (RIF) -- C:\WINDOWS\System32\drivers\dvd43llh.sys
[2009.03.01 18:35:58 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\Galeman\Desktop\DVD43.lnk
[2009.03.01 18:35:58 | 00,000,000 | ---D | C] -- C:\Program Files\dvd43
[2009.02.25 19:06:46 | 05,242,934 | -H-- | C] () -- C:\WINDOWS\System32\toyhide.bmp
[2009.02.25 17:57:37 | 00,000,000 | ---D | C] -- C:\Program Files\Winter Fun Pack 2004 for Windows XP
[2009.02.25 17:10:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Echo Software
[2009.02.25 17:09:30 | 00,000,000 | ---D | C] -- C:\Program Files\Programmer's Notepad
[2009.02.23 21:12:40 | 00,000,230 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.02.23 19:30:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\My Documents\Mine Mails
[2009.02.22 16:12:08 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Sunbird
[2009.02.22 15:13:15 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009.02.22 15:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009.02.22 14:57:06 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009.02.22 14:57:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009.02.22 14:57:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009.02.22 14:28:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\My Documents\pro
[2009.02.22 12:38:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Talkback
[2009.02.22 12:37:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Local Settings\Application Data\Thunderbird
[2009.02.22 12:37:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\Thunderbird
[2009.02.22 12:37:34 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2009.02.22 11:39:36 | 00,081,321 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2009.02.21 22:47:46 | 00,000,000 | ---D | C] -- C:\Program Files\Vista Rainbar
[2009.02.21 20:16:03 | 05,885,676 | -H-- | C] () -- C:\Documents and Settings\Galeman\Local Settings\Application Data\IconCache.db
[2009.02.21 20:07:44 | 00,007,680 | -HS- | C] () -- C:\WINDOWS\Thumbs.db
[2009.02.21 20:04:03 | 00,064,114 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009.02.21 20:04:01 | 00,000,832 | ---- | C] () -- C:\Documents and Settings\Galeman\Start Menu\Programs\Startup\TransBar.lnk
[2009.02.21 20:03:48 | 03,888,054 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009.02.21 20:02:31 | 00,006,118 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009.02.21 20:02:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2009.02.21 17:34:14 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup
[2009.02.21 17:25:23 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\uxtheme.dll
[2009.02.21 17:23:53 | 00,005,120 | -HS- | C] () -- C:\WINDOWS\System32\Thumbs.db
[2009.02.21 09:42:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009.02.21 09:31:23 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009.02.20 18:10:20 | 00,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2009.02.20 18:10:20 | 00,110,992 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009.02.20 18:10:20 | 00,080,400 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009.02.20 18:10:20 | 00,024,336 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009.02.19 21:17:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009.02.19 21:17:46 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009.02.19 21:17:40 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009.02.19 21:17:18 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009.02.19 21:17:18 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009.02.19 21:17:18 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009.02.19 21:17:18 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009.02.19 21:17:18 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009.02.19 21:17:18 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009.02.19 21:17:18 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009.02.19 21:17:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009.02.19 19:41:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Galeman\Application Data\vlc
[2009.02.19 19:39:52 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009.02.19 19:35:07 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009.03.15 14:18:24 | 00,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.03.15 14:18:24 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.03.15 14:18:24 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.03.15 14:15:34 | 00,201,151 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.03.15 14:15:26 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.03.15 14:14:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.03.15 14:13:18 | 00,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000008-00001102-00000004-00531102}.rfx
[2009.03.15 14:13:17 | 00,031,656 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000008-00001102-00000004-00531102}.rfx
[2009.03.15 14:13:17 | 00,031,656 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000008-00001102-00000004-00531102}.rfx
[2009.03.15 14:13:17 | 00,028,968 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000008-00001102-00000004-00531102}.rfx
[2009.03.15 14:13:17 | 00,028,968 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000008-00001102-00000004-00531102}.rfx
[2009.03.15 14:10:57 | 00,000,519 | ---- | M] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT
[2009.03.15 14:08:33 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Rooter.exe
[2009.03.15 14:03:59 | 00,497,152 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Galeman\Desktop\OTListIt2.exe
[2009.03.15 12:36:51 | 00,882,489 | ---- | M] (Methlabs Productions ) -- C:\Documents and Settings\Galeman\Desktop\pg2-050918-nt(2).exe
[2009.03.15 11:17:54 | 00,000,258 | ---- | M] () -- C:\WINDOWS\synergy.sgc
[2009.03.15 11:09:39 | 00,882,489 | ---- | M] (Methlabs Productions ) -- C:\Documents and Settings\Galeman\Desktop\pg2-050918-nt.exe
[2009.03.15 10:26:30 | 02,876,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Galeman\Desktop\mbam-setup.exe
[2009.03.15 10:00:40 | 00,001,738 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\HijackThis.lnk
[2009.03.15 10:00:08 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Galeman\Desktop\HJTInstall.exe
[2009.03.12 22:59:33 | 01,416,944 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Galeman\Desktop\WM9Codecs.exe
[2009.03.12 22:23:40 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Shortcut to moviemk.lnk
[2009.03.12 22:17:17 | 00,007,680 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009.03.12 21:49:59 | 00,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.03.12 21:40:52 | 00,646,728 | ---- | M] (Crawler Inc. ) -- C:\Documents and Settings\Galeman\Desktop\SpywareTerminatorSetup.exe
[2009.03.10 19:14:27 | 00,033,792 | ---- | M] () -- C:\Documents and Settings\Galeman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.10 19:00:17 | 00,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.03.10 18:55:42 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009.03.09 20:23:31 | 00,001,552 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\CCleaner.lnk
[2009.03.08 18:31:40 | 01,499,376 | ---- | M] (MGTEK) -- C:\Documents and Settings\Galeman\Desktop\dopisp.exe
[2009.03.08 17:16:19 | 03,874,048 | ---- | M] (Foxit Software) -- C:\Documents and Settings\Galeman\Desktop\FoxitReader30_enu_Setup.exe
[2009.03.08 17:13:22 | 01,066,521 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\iPod_nano_Features_Guide.pdf
[2009.03.08 16:27:32 | 00,302,562 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.03.08 16:21:54 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.03.08 16:21:54 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.03.08 16:21:54 | 00,000,223 | RHS- | M] () -- C:\boot.ini
[2009.03.01 18:42:52 | 00,000,724 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Easy Duplicate Finder.lnk
[2009.03.01 18:42:21 | 00,000,746 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Sweet Home 3D.lnk
[2009.03.01 18:41:03 | 00,052,376 | ---- | M] () -- C:\Documents and Settings\Galeman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009.03.01 18:40:58 | 00,001,671 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Customize Fences.lnk
[2009.03.01 18:39:59 | 00,001,606 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\Artweaver 0.5.lnk
[2009.03.01 18:38:44 | 00,000,935 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009.03.01 18:37:25 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\DeepBurner.lnk
[2009.03.01 18:35:59 | 00,018,816 | ---- | M] (RIF) -- C:\WINDOWS\System32\drivers\dvd43llh.sys
[2009.03.01 18:35:58 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\Galeman\Desktop\DVD43.lnk
[2009.03.01 15:57:25 | 00,155,384 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2009.03.01 15:57:25 | 00,080,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009.03.01 15:57:23 | 00,110,992 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009.02.26 19:19:42 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009.02.25 21:54:59 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009.02.25 19:06:46 | 05,242,934 | -H-- | M] () -- C:\WINDOWS\System32\toyhide.bmp
[2009.02.23 22:55:18 | 05,885,676 | -H-- | M] () -- C:\Documents and Settings\Galeman\Local Settings\Application Data\IconCache.db
[2009.02.23 21:12:56 | 00,000,230 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009.02.23 21:03:19 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009.02.22 15:11:05 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009.02.22 15:11:05 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009.02.22 14:57:06 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009.02.22 11:39:36 | 00,081,321 | ---- | M] () -- C:\WINDOWS\SGTBox.INI
[2009.02.21 20:04:03 | 00,064,114 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009.02.21 20:04:03 | 00,006,118 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009.02.21 20:03:48 | 03,888,054 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009.02.21 20:03:47 | 00,000,832 | ---- | M] () -- C:\Documents and Settings\Galeman\Start Menu\Programs\Startup\TransBar.lnk
[2009.02.21 17:23:54 | 00,005,120 | -HS- | M] () -- C:\WINDOWS\System32\Thumbs.db
[2009.02.20 18:23:04 | 00,297,250 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090308-162732.backup
[2009.02.20 18:10:17 | 00,024,336 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009.02.19 19:33:39 | 00,297,250 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090220-182304.backup
[2009.02.19 16:09:30 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >



OTListIt Extras logfile created on: 15.03.2009 14:38:02 - Run 1
OTListIt2 by OldTimer - Version 2.0.3.8 Folder = C:\Documents and Settings\Galeman\Desktop
Windows XP Professional Edition Service Pack 3, v.5657 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 96,58% Memory free
4,00 Gb Paging File | 3,79 Gb Available in Paging File | 94,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,56 Gb Total Space | 11,85 Gb Free Space | 60,58% Space Free | Partition Type: NTFS
Drive D: | 365,48 Gb Total Space | 23,90 Gb Free Space | 6,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 166,74 Gb Total Space | 138,02 Gb Free Space | 82,78% Space Free | Partition Type: NTFS
Drive G: | 186,30 Gb Total Space | 48,89 Gb Free Space | 26,24% Space Free | Partition Type: NTFS
Drive H: | 186,31 Gb Total Space | 58,48 Gb Free Space | 31,39% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 232,89 Gb Total Space | 33,29 Gb Free Space | 14,29% Space Free | Partition Type: NTFS
Drive Z: | 931,50 Gb Total Space | 821,08 Gb Free Space | 88,15% Space Free | Partition Type: NTFS

Computer Name: DADDA-085F03732
Current User Name: Galeman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager (Pinnacle Systems)
C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio (Pinnacle Systems)
C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi (Pinnacle Systems)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{038A524F-58DB-438A-8391-8F7F0CA14B9E}" = Microsoft® Winter Fun Pack 2004 for Windows® XP
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A1E9CF-BFC1-4309-80CD-C182D80922DB}_is1" = Artweaver 0.5
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1" = Programmer's Notepad 2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C25D1742-3136-4B33-9D32-8F0F5E81F349}" = MGTEK dopisp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{DB3DB067-50F9-453A-9CCF-901EE50D450D}" = OpenOffice.org 3.0
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioConSole" = Creative Audio Console
"avast!" = avast! Antivirus
"Canon ScanGear Toolbox 3.1" = Canon ScanGear Toolbox 3.1
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2043&SUBSYS_1049144F" = Conexant SoftK56 Modem
"COMODO Internet Security" = COMODO Internet Security
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD43_is1" = DVD43 v4.4.0
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.2.1
"Fences" = Fences
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Magic ISO Maker v5.3 (build 0216)" = Magic ISO Maker v5.3 (build 0216)
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"Mozilla Thunderbird (2.0.0.19)" = Mozilla Thunderbird (2.0.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"PeerGuardian_is1" = PeerGuardian 2.0
"Spyware Terminator_is1" = Spyware Terminator
"SpywareBlaster_is1" = SpywareBlaster 4.1
"Sweet Home 3D_is1" = Sweet Home 3D version 1.6
"Synergy" = Synergy
"Vista Rainbar 4.3" = Vista Rainbar 4.3
"VLC media player" = VLC media player 0.9.8a
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfbbtvra.dll failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrbar.inf failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrbar.sys failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrcap.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrcap.sys failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrenc.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrenc.sys failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrtun.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrtun.sys failed, 00000005.


Error - 07.11.2008 05:18:42 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\setup_magicdisc.exe failed, 00000005.

[ Application Events ]
Error - 20.02.2009 11:25:34 | Computer Name = DADDA-085F03732 | Source = Application Error | ID = 1000
Description = Faulting application pg2.exe, version 1.0.6.4, faulting module pg2.exe,
version 1.0.6.4, fault address 0x00034940.

Error - 20.02.2009 11:25:57 | Computer Name = DADDA-085F03732 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.3300, fault address 0x0001295d.

[ System Events ]
Error - 01.03.2009 11:14:01 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 01.03.2009 11:14:01 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 01.03.2009 13:47:33 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 01.03.2009 13:47:33 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 02.03.2009 11:10:52 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 02.03.2009 11:10:52 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 03.03.2009 10:25:22 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 03.03.2009 10:25:22 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 08.03.2009 04:04:25 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 08.03.2009 04:04:25 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058


< End of report >
OTListIt Extras logfile created on: 15.03.2009 14:38:02 - Run 1
OTListIt2 by OldTimer - Version 2.0.3.8 Folder = C:\Documents and Settings\Galeman\Desktop
Windows XP Professional Edition Service Pack 3, v.5657 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 96,58% Memory free
4,00 Gb Paging File | 3,79 Gb Available in Paging File | 94,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,56 Gb Total Space | 11,85 Gb Free Space | 60,58% Space Free | Partition Type: NTFS
Drive D: | 365,48 Gb Total Space | 23,90 Gb Free Space | 6,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 166,74 Gb Total Space | 138,02 Gb Free Space | 82,78% Space Free | Partition Type: NTFS
Drive G: | 186,30 Gb Total Space | 48,89 Gb Free Space | 26,24% Space Free | Partition Type: NTFS
Drive H: | 186,31 Gb Total Space | 58,48 Gb Free Space | 31,39% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 232,89 Gb Total Space | 33,29 Gb Free Space | 14,29% Space Free | Partition Type: NTFS
Drive Z: | 931,50 Gb Total Space | 821,08 Gb Free Space | 88,15% Space Free | Partition Type: NTFS

Computer Name: DADDA-085F03732
Current User Name: Galeman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager (Pinnacle Systems)
C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio (Pinnacle Systems)
C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi (Pinnacle Systems)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{038A524F-58DB-438A-8391-8F7F0CA14B9E}" = Microsoft® Winter Fun Pack 2004 for Windows® XP
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A1E9CF-BFC1-4309-80CD-C182D80922DB}_is1" = Artweaver 0.5
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1" = Programmer's Notepad 2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C25D1742-3136-4B33-9D32-8F0F5E81F349}" = MGTEK dopisp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{DB3DB067-50F9-453A-9CCF-901EE50D450D}" = OpenOffice.org 3.0
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioConSole" = Creative Audio Console
"avast!" = avast! Antivirus
"Canon ScanGear Toolbox 3.1" = Canon ScanGear Toolbox 3.1
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2043&SUBSYS_1049144F" = Conexant SoftK56 Modem
"COMODO Internet Security" = COMODO Internet Security
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD43_is1" = DVD43 v4.4.0
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.2.1
"Fences" = Fences
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Magic ISO Maker v5.3 (build 0216)" = Magic ISO Maker v5.3 (build 0216)
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"Mozilla Thunderbird (2.0.0.19)" = Mozilla Thunderbird (2.0.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"PeerGuardian_is1" = PeerGuardian 2.0
"Spyware Terminator_is1" = Spyware Terminator
"SpywareBlaster_is1" = SpywareBlaster 4.1
"Sweet Home 3D_is1" = Sweet Home 3D version 1.6
"Synergy" = Synergy
"Vista Rainbar 4.3" = Vista Rainbar 4.3
"VLC media player" = VLC media player 0.9.8a
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfbbtvra.dll failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrbar.inf failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrbar.sys failed, 00000005.


Error - 03.11.2008 13:46:23 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrcap.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrcap.sys failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrenc.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrenc.sys failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrtun.inf failed, 00000005.


Error - 03.11.2008 13:46:24 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\winfast drivere\6108( WHQL )\wfpvrtun.sys failed, 00000005.


Error - 07.11.2008 05:18:42 | Computer Name = DADDA-085F03732 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
\\192.168.1.4\div prog\setup_magicdisc.exe failed, 00000005.

[ Application Events ]
Error - 20.02.2009 11:25:34 | Computer Name = DADDA-085F03732 | Source = Application Error | ID = 1000
Description = Faulting application pg2.exe, version 1.0.6.4, faulting module pg2.exe,
version 1.0.6.4, fault address 0x00034940.

Error - 20.02.2009 11:25:57 | Computer Name = DADDA-085F03732 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.3300, fault address 0x0001295d.

[ System Events ]
Error - 01.03.2009 11:14:01 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 01.03.2009 11:14:01 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 01.03.2009 13:47:33 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 01.03.2009 13:47:33 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 02.03.2009 11:10:52 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 02.03.2009 11:10:52 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 03.03.2009 10:25:22 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 03.03.2009 10:25:22 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 08.03.2009 04:04:25 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The netsvc service failed to start due to the following error: %%2

Error - 08.03.2009 04:04:25 | Computer Name = DADDA-085F03732 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP