First of all, I'm sorry for not reading and following the proper procedure, a friend told me to post a HiJackThis log here and I'd get help. It's been a long time since I needed help with fixing my PC problems, and last time I did HJT was the standard. I didn't realize they'd been sold and all that.
Here are the requested logs.
Malwarebytes' Anti-Malware 1.34
Database version: 1897
Windows 5.1.2600 Service Pack 2
3/25/2009 2:06:27 PM
mbam-log-2009-03-25 (14-06-27).txt
Scan type: Quick Scan
Objects scanned: 67052
Time elapsed: 4 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 11
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 (Hijack.Sound) -> Bad: (C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 (Hijack.Sound) -> Bad: (C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux1 (Hijack.Sound) -> Bad: (C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave2 (Hijack.Sound) -> Bad: (C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux2 (Hijack.Sound) -> Bad: (C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\9f54e0141.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Microsoft Windows XP Professional (5.1.2600) Service Pack 2
A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:38138 Mo/Free:462 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Wed 03/25/2009|16:56
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\PnkBstrA.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\wbem\unsecapp.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\WINDOWS\System32\wbem\wmiprvse.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\Program Files\Analog Devices\Core\smax4pnp.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
----------------------\\ Cracks & Keygens..
C:\DOCUME~1\ADMINI~1\Start Menu\Programs\Startup\RAR Password Cracker.lnk
1 - "C:\Rooter$\Rooter_1.txt" - Wed 03/25/2009|16:53
2 - "C:\Rooter$\Rooter_2.txt" - Wed 03/25/2009|16:56
----------------------\\ Scan completed at 16:56
OTListIt logfile created on: 3/25/2009 4:39:47 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.22% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 8.45 Gb Free Space | 22.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DESKTOP
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudioService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (AsIO [System | Running]) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (FETNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. )
DRV - (FsVga [System | Running]) -- C:\WINDOWS\system32\DRIVERS\fsvga.sys (Microsoft Corporation)
DRV - (HdAudAddService [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\HdAudio.sys (Windows ® Server 2003 DDK provider)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (MBAMSwissArmy [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RT73 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt73.sys (Ralink Technology, Corp.)
DRV - (S3GIGP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys (S3 Graphics Co., Ltd.)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Europe Ltd)
DRV - (SenFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Senfilt.sys (Sensaura)
DRV - (sfdrv01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (STEC3 [Auto | Running]) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (vulfnths [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.)
DRV - (vulfntrs [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...p...&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...p...ER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://music.yahoo.c...cast/member.aspIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wowhead"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.io.com/~d.../vs/search.php"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {EDA7B1D7-F793-4e03-B074-E6F303317FB0}:1.2.6
FF - prefs.js..extensions.enabledItems: {dd6bfa32-1198-4217-a0e9-1acab501a6e9}:0.1
FF - prefs.js..extensions.enabledItems:
[email protected]:1.3.1.5
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.28
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.7pre.080830
FF - prefs.js..extensions.enabledItems:
[email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/12 14:26:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/04 21:21:00 | 00,000,000 | ---D | M]
[2008/06/18 15:48:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2008/06/18 15:48:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/25 01:36:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions
[2008/03/12 11:52:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2008/12/17 05:11:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2008/11/27 04:57:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/01/11 16:29:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/08/30 02:25:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2007/12/01 03:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{dd6bfa32-1198-4217-a0e9-1acab501a6e9}
[2009/02/20 14:12:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/05/13 21:39:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}
[2007/12/01 03:17:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\{FF9FCD5D-1CD6-43e5-BCF3-FB52F3B5F742}
[2009/01/20 13:15:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\
[email protected][2008/08/31 16:06:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\
[email protected][2008/05/10 07:59:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\4kbrpizr.default\extensions\
[email protected][2009/03/23 11:18:31 | 00,002,125 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\flickr-tags.xml
[2008/06/24 13:33:25 | 00,000,908 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\imdb.xml
[2008/09/02 16:30:35 | 00,002,058 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\thottbot.xml
[2008/06/18 20:12:49 | 00,001,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\wikipedia-en.xml
[2008/09/02 16:30:14 | 00,001,546 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\wowhead.xml
[2008/09/05 17:57:06 | 00,001,826 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\wowwiki-english.xml
[2008/01/05 04:48:12 | 00,002,109 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4kbrpizr.default\searchplugins\youtube-video-search.xml
[2009/03/25 01:36:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/02/04 21:11:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/11/23 15:18:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/11/27 00:31:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/03/04 21:20:54 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/04 21:20:54 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/24 18:26:37 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/09/24 18:26:37 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/09/24 18:26:37 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/15 21:56:45 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/09/24 18:26:37 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/09/24 18:26:37 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/09/24 18:26:37 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (303097 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10444 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {31942114-3D70-45A0-BAE8-267DC4AFC09B} - C:\WINDOWS\system32\yaywTMEX.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - Reg Error: Key error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {EB3F90CA-6958-47A2-93B1-C70A96FDDC08} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM (Stardock and Luca Saggese)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\RAR Password Cracker.lnk = C:\Documents and Settings\Administrator\Desktop\Atomic\AtomicRarPasswordRecovery.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\VirtuaGirl2.lnk = C:\Program Files\Vg\VirtuaGirl2.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85}
http://go.microsoft....k/?LinkId=82580 (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71}
http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71}
http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.mi...b?1195528424964 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (czallt.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\nnnKcdDu: DllName - nnnKcdDu.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O29 - HKLM SecurityProviders - ( digeste.dll) - File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\yaywTMEX) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ========== [4 C:\WINDOWS\*.tmp files]
[2009/03/25 16:39:42 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/03/25 16:35:34 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/25 16:31:41 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/25 14:42:57 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/03/25 14:42:55 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/03/25 14:42:55 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/03/25 14:42:50 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/03/25 14:42:50 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/03/25 14:42:50 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/03/25 14:42:49 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/03/25 14:42:49 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/03/25 14:42:34 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/03/25 14:42:34 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/03/25 14:42:32 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/03/25 13:56:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/25 13:56:25 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/25 01:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/25 01:17:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Screen Shots
[2009/03/24 04:34:05 | 00,335,411 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\My Comic Art Wallpaper List.bb
[2009/03/24 00:14:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Compile
[2009/03/22 01:16:23 | 00,029,272 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\YOU KILLED JFK!.HTM
[2009/03/21 17:41:58 | 00,000,000 | ---D | C] -- C:\Program Files\JFK Reloaded
[2009/03/16 12:44:27 | 00,046,791 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MickeyMantle[2].pdf
[2009/03/16 01:05:27 | 00,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2009/03/12 19:57:04 | 00,000,000 | ---D | C] -- C:\Program Files\VASSAL
[2009/03/12 16:00:08 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/12 15:02:55 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/12 15:02:54 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/12 14:58:24 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/09 04:00:02 | 00,000,000 | ---D | C] -- C:\Digital GamePad USB - Driver Upgrade
[2009/03/07 03:44:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/03/07 03:31:47 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/03/07 03:26:00 | 00,091,136 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msls2.dll
[2009/03/03 18:45:00 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/03/03 18:40:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/03/03 17:53:42 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/03 17:53:39 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/03 17:53:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/03 17:53:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/28 17:40:48 | 00,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71d.dll
[2009/02/28 17:40:48 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2009/02/28 17:40:38 | 00,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2009/02/28 17:40:38 | 00,314,368 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2009/02/28 17:40:36 | 00,000,000 | ---D | C] -- C:\Program Files\Magic Video Converter
========== Files - Modified Within 30 Days ========== [3 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/03/25 16:39:42 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/03/25 16:35:35 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/25 16:20:17 | 00,192,016 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/25 16:20:17 | 00,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2009/03/25 16:17:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/25 16:17:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/25 14:42:50 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/25 01:12:05 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/24 20:51:29 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/24 04:56:43 | 00,335,411 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\My Comic Art Wallpaper List.bb
[2009/03/24 04:29:31 | 00,043,671 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\My Wallpaper List.bb
[2009/03/23 15:02:21 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/23 01:11:43 | 00,303,097 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/22 01:16:27 | 00,029,272 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\YOU KILLED JFK!.HTM
[2009/03/21 00:20:40 | 00,001,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Trillian.lnk
[2009/03/18 05:15:35 | 00,168,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/16 12:44:28 | 00,046,791 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MickeyMantle[2].pdf
[2009/03/16 12:32:29 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2009/03/12 15:02:44 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/12 15:02:35 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/03 19:34:45 | 00,000,615 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/03 19:34:45 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/03 19:34:45 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/03/02 13:21:30 | 00,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090323-011143.backup
[2009/02/23 17:25:02 | 01,037,127 | ---- | M] () -- C:\WINDOWS\System32\Hot Babe 1.sff
< End of report >
OTListIt Extras logfile created on: 3/25/2009 4:41:07 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.22% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 8.45 Gb Free Space | 22.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DESKTOP
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Computer, Inc.)
C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe File not found
C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe File not found
C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe File not found
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent ()
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server (Yahoo! Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe ()
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2C0CD17D-0B06-4700-83FA-7344B868B0A2}" = Opera 9.63
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5741ABFB-8949-47E2-B5EA-46CA52219C23}" = SubViewer
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7516254D-7F98-49DD-8209-5D2208BD1033}" = Nero 7 Ultra Edition
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A31289C6-04EF-4437-A35B-7CC96167145C}" = Leisure Suit Larry - Magna Cum Laude
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAE4D301-FE3F-4B41-813C-81165BD1FB30}" = VirtualFem
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"·¬¯½Ù̀§ƯÀ¼̃±¹–‚‘åí" = ·¬¯½Ù̀§ƯÀ¼̃±¹–‚‘åí
"7-Zip" = 7-Zip 4.64
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AOL Instant Messenger" = AOL Instant Messenger
"Audacity_is1" = Audacity 1.2.6
"Audio Converter All-in-one" = Audio Converter All-in-one
"avast!" = avast! Antivirus
"Azureus Vuze" = Azureus Vuze
"Background Boss" = Background Boss
"Blow Up" = Alien Skin Blow Up
"CCleaner" = CCleaner (remove only)
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"DIY DataRecovery CHK-Mate" = DIY DataRecovery CHK-Mate 1.0
"ERUNT_is1" = ERUNT 1.1j
"Exposure" = Alien Skin Exposure
"EyeCandy5Impact" = Alien Skin Eye Candy 5 Impact
"EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures
"FLV Player" = FLV Player 2.0 (build 25)
"Hero Designer v2 " = Hero Designer v2
"Heroes II - The Price of Loyalty" = Heroes II - The Price of Loyalty Bundle
"HijackThis" = HijackThis 2.0.2
"Hot Babe 1" = Hot Babe 1 Screensaver
"Indeo® Software" = Indeo® Software
"InstallShield_{A31289C6-04EF-4437-A35B-7CC96167145C}" = Leisure Suit Larry - Magna Cum Laude
"JFK Reloaded" = JFK Reloaded 1.1
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"Kwyshell MidpX Emulator Package" = Kwyshell MidpX Emulator Package 1.3.1
"LHTTSENG" = L&H TTS3000 British English
"limeshop.xml" = LimeShop
"LimeWire" = LimeWire 4.14.10
"LogonStudio" = LogonStudio
"Lovely Asian Breasts" = Lovely Asian Breasts Screensaver
"Lovely Niya " = Lovely Niya Screensaver
"Magic Set Editor 2_is1" = Magic Set Editor 2 - 0.3.7 beta
"Magic Video Converter_is1" = Magic Video Converter Trial Version (English) 8.0.2.18
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"mIRC" = mIRC
"MMC" = ママクラブ
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"MSDict" = Microsoft Dictation
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"Niya Yu 2" = Niya Yu 2 Screensaver
"NVIDIA Drivers" = NVIDIA Drivers
"OCTGN" = OCTGN (remove only)
"Ogg Codecs" = Ogg Codecs 0.80.15039
"PowerISO" = PowerISO
"RadLight Ogg Media DirectShow filter" = RadLight Ogg Media DirectShow filter (remove only)
"RAR Key 5.5 Demo" = RAR Key Demo
"RealAlt_is1" = Real Alternative 1.9.0
"Sexual Fantasy Kingdom Vol.1_is1" = Sexual Fantasy Kingdom Vol.1
"SopCast" = SopCast 3.0.1
"Soulseek" = SoulSeek Client 156c
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"ST5UNST #1" = Indian
"Steam App 12900" = Audiosurf
"Tokimeki Check in!" = Tokimeki Check in!
"Trillian" = Trillian
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"TVUPlayer" = TVUPlayer 2.4.1.0
"UltraISO_is1" = UltraISO Premium V9.2
"v_223_ss1" = v_223_ss1 ?????????
"v_223_ss2" = v_223_ss2 ?????????
"VASSAL (3.1.0)" = VASSAL (3.1.0)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6e
"VSed_is1" = VSed 4.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinFF_is1" = WinFF 0.32
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"WPB709_‚Ù‚µ‚̀‚ ‚«1" = WPB709_‚Ù‚µ‚̀‚ ‚«1 ?????????
"WPB709_‚Ù‚µ‚̀‚ ‚«2" = WPB709_‚Ù‚µ‚̀‚ ‚«2 ?????????
"WPB709_‚Ù‚µ‚̀‚ ‚«3" = WPB709_‚Ù‚µ‚̀‚ ‚«3 ?????????
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Widget Engine" = Yahoo! Widgets
"Yin-Yang - X-Change Alternateive" = Yin-Yang - X-Change Alternateive
"ZMC" = ‘±Eƒ}ƒ}ƒNƒ‰ƒu
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"727d1ea1876aa06e" = WowAceUpdater
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/1/2009 3:16:00 AM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application tvuplayer.exe, version 2.4.1.0, faulting module
, version 2.4.1.0, fault address 0x00081a03.
Error - 2/1/2009 7:43:15 AM | Computer Name = DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/1/2009 7:43:23 AM | Computer Name = DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/1/2009 7:43:41 AM | Computer Name = DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/3/2009 5:43:44 AM | Computer Name = DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.4.2165, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2/5/2009 4:59:05 PM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application nerovision.exe, version 4.9.7.6, faulting module
mfc71.dll, version 7.10.3077.0, fault address 0x00028f1d.
Error - 2/5/2009 7:08:00 PM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application nerovision.exe, version 4.9.7.6, faulting module
mfc71.dll, version 7.10.3077.0, fault address 0x00028f1d.
Error - 2/5/2009 11:44:14 PM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application nerovision.exe, version 4.9.7.6, faulting module
mfc71.dll, version 7.10.3077.0, fault address 0x00028f1d.
Error - 2/14/2009 10:06:44 PM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.1.0.137, faulting module
AcroRd32.dll, version 8.1.1.20, fault address 0x002c01a2.
Error - 2/15/2009 9:54:53 AM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application mplayerc.exe, version 6.4.9.0, faulting module
, version 0.0.0.0, fault address 0x00000000.
[ System Events ]
Error - 3/25/2009 6:15:30 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:15:38 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:15:45 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:15:52 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:16 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:24 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:31 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:39 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:46 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
Error - 3/25/2009 6:16:52 PM | Computer Name = DESKTOP | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom1, has a bad block.
< End of report >
Edited by RanmaSolo, 25 March 2009 - 06:04 PM.