I try to keep my machine clean... not sure if it's working
Note * While scanning with Avast and browsing the internet/viewing files etc... my CPU-2.40C2QX6600 shows 55-56 degC
Below are my Rooter and OTList docs...
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:476937 Mo/Free:307 Mo)
D:\ [Fixed] - NTFS - (Total:476945 Mo/Free:2078 Mo)
E:\ [CD-Rom] (Total:4292 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:4216 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
Z:\ [Network] (Total:1870000 Mo/Free:577 Mo)
Sat 04/04/2009|12:03
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Avast4\aswUpdSv.exe
---------- C:\Program Files\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\CTsvcCDA.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\IoctlSvc.exe
---------- C:\WINDOWS\system32\PnkBstrA.exe
---------- C:\WINDOWS\system32\PnkBstrB.exe
---------- C:\Program Files\CyberLink\Shared files\RichVideo.exe
---------- C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\Avast4\ashMaiSv.exe
---------- C:\Program Files\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
---------- C:\WINDOWS\system32\nvraidservice.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Microsoft IntelliType Pro\itype.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
---------- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
---------- C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
---------- C:\WINDOWS\system32\Rundll32.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\PROGRA~1\Avast4\ashDisp.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
---------- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Proxy Switcher Lite\ProxySwitcher.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
---------- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---------- C:\Program Files\Internet Explorer\IEXPLORE.EXE
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Sat 04/04/2009|12:03
----------------------\\ Scan completed at 12:03
***** OTListIt ******
OTListIt logfile created on: 4/4/2009 12:04:55 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Downloads\Applications
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: d/M/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 4221 5024;D:\pagefile.sys 16024 20024;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 344.30 Gb Free Space | 73.92% Space Free | Partition Type: NTFS
Drive D: | 465.77 Gb Total Space | 450.03 Gb Free Space | 96.62% Space Free | Partition Type: NTFS
Drive E: | 4.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 4.12 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 1826.17 Gb Total Space | 1728.56 Gb Free Space | 94.65% Space Free | Partition Type: NTFS
Computer Name: FRIESENALX
Current User Name: Henry
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\WINDOWS\system32\PnkBstrB.exe ()
PRC - C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
PRC - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe (Sage Software)
PRC - C:\Program Files\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe (Sage Software)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Proxy Switcher Lite\ProxySwitcher.exe (Proxy Switcher)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Downloads\Applications\OTListIt2.exe (OldTimer Tools)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (AdobeActiveFileMonitor4.0 [Auto | Running]) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MemeoBackgroundService [Auto | Running]) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe (Memeo)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (OKI OPHC DCS Loader [On_Demand | Stopped]) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE (Oki Data Corporation)
SRV - (PLFlash DeviceIoControl Service [Auto | Running]) -- C:\WINDOWS\system32\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrB.exe ()
SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
SRV - (Simply Accounting Database Connection Manager [Auto | Running]) -- C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe (Sage Software)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (Ambfilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (BIOS [System | Running]) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys (Creative Technology Ltd)
DRV - (HDAudBus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (MotDev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motodrv.sys (Motorola Inc)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvatabus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (nvraid [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctoss2k.sys (Creative Technology Ltd.)
DRV - (P17 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (PnkBstrK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (vncdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\vncdrv.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.7.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.20090117
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/02/09 16:14:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/10 13:34:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/03 14:53:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/03 14:53:31 | 00,000,000 | ---D | M]
[2008/10/28 13:06:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Extensions
[2008/10/28 13:06:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/12 17:47:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Firefox\Profiles\kzwc7vi2.default\extensions
[2009/03/09 17:53:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Firefox\Profiles\kzwc7vi2.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2007/10/29 12:21:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Firefox\Profiles\kzwc7vi2.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2009/02/09 13:41:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Henry\Application Data\mozilla\Firefox\Profiles\kzwc7vi2.default\extensions\[email protected]
[2009/04/01 13:46:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/03 14:53:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/06/19 14:57:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/08/06 11:26:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/06 14:44:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/06 13:34:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/08/21 14:30:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/01 13:35:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/03/10 13:34:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/01 13:46:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/03 14:53:22 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/03 14:53:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/03 14:53:25 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/03 14:53:25 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/03 14:53:25 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/03 14:53:25 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/03 14:53:26 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/03 14:53:26 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/03 14:53:26 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {348FE907-249E-4C65-A838-F34A193FE1D1} - Reg Error: Key error. File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG7\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe (Sage Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r (Creative Technology Ltd)
O4 - HKLM..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [P17Helper] Rundll32 P17.dll,P17Helper ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent (Memeo Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (IGN Entertainment)
O4 - HKCU..\Run: [PSwitch] C:\Program Files\Proxy Switcher Lite\ProxySwitcher.exe (Proxy Switcher)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Henry\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Henry\Start Menu\Programs\Startup\WD Anywhere Backup.lnk = C:\Documents and Settings\Henry\Application Data\Microsoft\Installer\{B9A81070-616D-4E93-BE02-CEE651343204}\NewShortcut6_3A95A0BFA90C41A28DFACEDE7630C4FB.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: mybookworld ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([file] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.6.108.cab (CDownloadCtrl Object)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1181877780921 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1181881950046 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} http://www.hp.com/cp...ddObjSigned.cab (HPSDDX Class)
O16 - DPF: {A7B6FBFE-C894-4954-8377-D1CF19B4E07F} http://demo.caribous...ets/OcxLink.cab (Wapplink Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...rk.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/...ol.cab56649.cab (CBankshotZoneCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://freetrial.we...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} http://livewc01.cust...l/java/RntX.cab (Live Collaboration)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15107/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/04/04 12:03:29 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/04 12:01:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/03 12:46:53 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Henry\Desktop\ERUNT.lnk
[2009/04/03 12:46:53 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/03 12:45:51 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/04/03 12:45:51 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/04/03 12:45:51 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/04/03 12:45:51 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/04/03 12:45:51 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/04/03 12:45:51 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/04/03 12:45:51 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/04/03 12:45:51 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/04/03 12:45:51 | 00,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast!.lnk
[2009/04/03 12:45:43 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/04/03 12:45:43 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/04/03 12:45:41 | 00,000,000 | ---D | C] -- C:\Program Files\Avast4
[2009/04/03 12:18:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Henry\Application Data\Smart Recorder
[2009/04/03 12:14:57 | 00,000,070 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2009/04/01 13:49:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2009/03/30 14:57:41 | 00,000,584 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/03/30 14:57:41 | 00,000,584 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2009/03/30 14:57:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Henry\Application Data\Creative
[2009/03/30 14:57:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/03/30 14:53:50 | 00,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2009/03/30 14:52:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2009/03/30 14:52:28 | 00,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2009/03/30 14:50:55 | 00,133,632 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\CtDvInst.dll
[2009/03/30 14:50:49 | 00,011,264 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2009/03/30 14:50:49 | 00,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2009/03/30 14:50:49 | 00,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/03/30 14:50:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Data
[2009/03/30 14:50:42 | 07,572,224 | ---- | C] () -- C:\WINDOWS\System32\CT8MGM.SF2
[2009/03/30 14:50:41 | 04,174,814 | ---- | C] () -- C:\WINDOWS\System32\CT4MGM.SF2
[2009/03/30 14:50:40 | 02,167,684 | ---- | C] () -- C:\WINDOWS\System32\ct2mgm.sf2
[2009/03/30 14:49:49 | 00,000,000 | ---D | C] -- C:\Program Files\Creative
[2009/03/25 12:22:07 | 00,521,272 | ---- | C] () -- C:\DOCUME~1\Henry\My Documents\Binder1.pdf
[2009/03/23 15:00:34 | 00,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/03/23 15:00:34 | 00,104,992 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2009/03/23 15:00:31 | 01,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2009/03/23 15:00:12 | 00,024,064 | ---- | C] () -- C:\Air Drill Tank.doc
[2009/03/23 12:05:54 | 00,000,616 | ---- | C] () -- C:\Documents and Settings\Henry\Desktop\EVEREST Home Edition.lnk
[2009/03/23 12:05:53 | 00,000,000 | ---D | C] -- C:\Program Files\EVEREST
[2009/03/21 13:37:16 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2009/03/21 13:37:14 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/21 13:36:50 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/03/21 13:12:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/03/21 11:15:56 | 00,521,272 | ---- | C] () -- C:\Documents and Settings\Henry\Desktop\Binder1.pdf
[2009/03/18 11:44:32 | 00,480,366 | ---- | C] () -- C:\Documents and Settings\Henry\Desktop\Untitled-1.jpg
[2009/03/06 21:44:36 | 00,189,072 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/03/06 18:54:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Henry\Local Settings\Application Data\PunkBuster
[2009/03/06 18:46:53 | 00,001,225 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COD4 Single.lnk
[2009/03/06 18:46:53 | 00,001,225 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COD4 Multi.lnk
[2009/03/06 17:56:23 | 27,329,811 | ---- | C] () -- C:\DOCUME~1\Henry\My Documents\Longer_Flash_Porn_Videos_FREE_xvideos.com_9e8e507427d673be5baf43de4980d231.flv
[2008/02/04 15:11:57 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/02/04 15:11:57 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/11/10 15:29:46 | 00,000,275 | ---- | C] () -- C:\WINDOWS\game.ini
[2007/10/31 12:13:24 | 00,000,026 | ---- | C] () -- C:\WINDOWS\ExplorerXP.INI
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/14 14:41:04 | 00,000,274 | ---- | C] () -- C:\WINDOWS\TheMatrix.ini
[2007/07/31 16:41:03 | 00,000,184 | ---- | C] () -- C:\WINDOWS\WinHelp.ini
[2007/07/23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/06/20 17:22:50 | 00,000,096 | ---- | C] () -- C:\WINDOWS\OPHC.ini
[2007/06/19 09:43:29 | 00,138,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/06/15 11:38:07 | 00,022,016 | ---- | C] () -- C:\WINDOWS\exeshl.dll
[2007/06/15 11:38:07 | 00,000,253 | ---- | C] () -- C:\WINDOWS\netctrl.ini
[2007/06/15 10:03:30 | 00,000,800 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007/06/14 21:39:13 | 00,006,845 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/07 20:58:26 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/26 11:41:50 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/11/02 16:15:53 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/11/02 16:15:53 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/11/02 16:15:53 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/11/02 16:15:52 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/11/02 16:15:52 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/11/02 16:15:52 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/11/01 23:37:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2006/11/01 23:35:19 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2006/11/01 23:35:19 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2006/11/01 23:34:13 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2006/11/01 23:34:13 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2006/11/01 23:33:43 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2006/11/01 23:33:41 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2006/11/01 15:29:25 | 00,550,988 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2006/11/01 15:29:24 | 00,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/05/20 13:44:46 | 00,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/08/31 09:58:52 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2005/08/31 09:58:52 | 00,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/31 09:58:48 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2005/08/31 09:58:46 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2005/08/31 09:58:45 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/31 09:58:35 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2005/08/31 09:58:34 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2005/08/31 09:58:34 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2005/08/31 09:58:32 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2005/08/31 09:58:32 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2005/08/31 09:58:32 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2005/08/31 09:58:32 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2005/08/31 09:58:32 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2005/08/31 09:58:32 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2005/08/31 09:58:32 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2005/08/31 09:58:31 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2005/08/31 09:58:29 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2005/08/31 09:58:28 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2005/08/31 09:58:28 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2005/08/31 09:58:28 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2005/08/31 09:58:22 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2005/08/31 09:58:22 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2005/08/31 09:58:22 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2005/08/31 09:58:22 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2005/08/31 09:58:22 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2005/08/31 09:58:22 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2005/08/31 09:58:22 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2005/08/31 09:58:22 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2005/08/31 09:58:22 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2005/08/31 09:58:22 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2005/08/31 09:58:20 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2005/08/31 09:58:11 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2005/08/31 09:58:11 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2005/08/31 09:58:10 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2005/08/31 09:58:10 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2005/08/31 09:58:08 | 00,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2005/08/31 09:58:03 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2005/08/31 09:57:37 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2005/08/31 09:57:37 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2005/08/31 09:57:34 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2005/08/31 09:57:30 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2005/08/31 09:57:25 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2005/08/31 09:57:25 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2005/08/31 09:57:24 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2005/08/31 09:57:14 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2005/08/31 09:57:10 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2005/08/31 09:57:04 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2005/08/31 09:57:02 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2005/08/31 09:56:56 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2005/08/31 09:56:56 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2005/08/31 09:56:39 | 00,002,372 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/03 05:38:42 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2004/07/27 22:44:08 | 00,040,960 | ---- | C] () -- C:\WINDOWS\SPARKEY.DLL
[2003/10/02 04:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2002/04/10 19:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2001/08/17 16:36:28 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001/02/03 03:26:50 | 00,270,336 | ---- | C] () -- C:\WINDOWS\System32\p2solap.dll
[2001/02/03 03:26:48 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\p2molap.dll
[2001/02/03 03:22:08 | 00,307,200 | ---- | C] () -- C:\WINDOWS\System32\ExportModeller.dll
[2001/02/03 01:59:28 | 00,049,223 | ---- | C] () -- C:\WINDOWS\System32\crtslv.dll
[2001/01/12 10:08:36 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\p2smcube.dll
[2000/10/25 17:15:00 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[1999/09/22 00:00:00 | 00,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
[1999/03/12 00:00:00 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\Crutl14.dll
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/04/04 12:03:05 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/04 11:54:40 | 00,006,845 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/04/04 11:49:18 | 00,195,689 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/03 16:08:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/03 16:08:45 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/03 14:16:34 | 29,512,58112 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/03 13:45:07 | 00,189,072 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/04/03 12:58:25 | 00,138,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/04/03 12:57:48 | 00,189,072 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/04/03 12:52:22 | 00,002,617 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/03 12:46:53 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\ERUNT.lnk
[2009/04/03 12:45:51 | 00,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast!.lnk
[2009/04/03 12:14:57 | 00,000,070 | ---- | M] () -- C:\WINDOWS\sbwin.ini
[2009/04/03 10:28:37 | 00,009,719 | ---- | M] () -- C:\WINDOWS\HARVBOSS.LIC
[2009/04/02 14:42:45 | 00,009,719 | ---- | M] () -- C:\WINDOWS\HARVESTREPORTER.LIC
[2009/04/01 13:49:42 | 00,000,584 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/04/01 13:49:42 | 00,000,584 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/04/01 13:36:14 | 00,000,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WD Anywhere Backup.lnk
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/25 13:42:49 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/25 12:21:38 | 00,521,272 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\Binder1.pdf
[2009/03/25 12:21:38 | 00,521,272 | ---- | M] () -- C:\DOCUME~1\Henry\My Documents\Binder1.pdf
[2009/03/23 15:06:20 | 00,000,496 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\ISNetworld.url
[2009/03/23 15:00:12 | 00,024,064 | ---- | M] () -- C:\Air Drill Tank.doc
[2009/03/23 12:05:54 | 00,000,616 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\EVEREST Home Edition.lnk
[2009/03/18 11:44:34 | 00,480,366 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\Untitled-1.jpg
[2009/03/12 17:50:32 | 27,329,811 | ---- | M] () -- C:\DOCUME~1\Henry\My Documents\Longer_Flash_Porn_Videos_FREE_xvideos.com_9e8e507427d673be5baf43de4980d231.flv
[2009/03/11 12:06:29 | 00,205,712 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/10 22:18:20 | 01,482,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\LegitCheckControl.dll
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaTray.exe
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WgaTray.exe
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaLogon.dll
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wgaLogon.dll
[2009/03/10 13:59:13 | 00,033,968 | ---- | M] () -- C:\Documents and Settings\Henry\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/09 12:17:00 | 00,550,988 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/09 12:17:00 | 00,462,498 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/09 12:17:00 | 00,078,318 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/06 18:55:26 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/03/06 18:46:53 | 00,001,225 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COD4 Single.lnk
[2009/03/06 18:46:53 | 00,001,225 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COD4 Multi.lnk
[2009/03/06 18:46:29 | 00,022,328 | ---- | M] () -- C:\Documents and Settings\Henry\Application Data\PnkBstrK.sys
[2009/03/06 18:46:08 | 00,000,275 | ---- | M] () -- C:\WINDOWS\game.ini
[2009/03/06 17:25:02 | 09,925,434 | -H-- | M] () -- C:\Documents and Settings\Henry\Local Settings\Application Data\IconCache.db
[2009/03/05 19:49:51 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\Defraggler.lnk
[2009/03/05 19:25:14 | 00,002,135 | ---- | M] () -- C:\Documents and Settings\Henry\Desktop\ERRO.rtf
========== Alternate Data Streams ==========
@Alternate Data Stream - 4150 bytes -> C:\Documents and Settings\Henry\Desktop\ISNetworld.url:favicon
@Alternate Data Stream - 3552 bytes -> C:\WINDOWS\alienware logo_slvr.jpg:Q30lsldxJoudresxAaaqpcawXc
< End of report >
****** Extras ******
OTListIt Extras logfile created on: 4/4/2009 12:04:56 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Downloads\Applications
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: d/M/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 4221 5024;D:\pagefile.sys 16024 20024;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 344.30 Gb Free Space | 73.92% Space Free | Partition Type: NTFS
Drive D: | 465.77 Gb Total Space | 450.03 Gb Free Space | 96.62% Space Free | Partition Type: NTFS
Drive E: | 4.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 4.12 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 1826.17 Gb Total Space | 1728.56 Gb Free Space | 94.65% Space Free | Partition Type: NTFS
Computer Name: FRIESENALX
Current User Name: Henry
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"49223:TCP" = 49223:TCP:*:Enabled:Azureus
"49223:UDP" = 49223:UDP:*:Enabled:Azureus UDP
"1700:TCP" = 1700:TCP:*:Enabled:MioNet Remote Drive Access 0
"1701:TCP" = 1701:TCP:*:Enabled:MioNet Remote Drive Access 1
"1702:TCP" = 1702:TCP:*:Enabled:MioNet Remote Drive Access 2
"1703:TCP" = 1703:TCP:*:Enabled:MioNet Remote Drive Access 3
"1704:TCP" = 1704:TCP:*:Enabled:MioNet Remote Drive Access 4
"1705:TCP" = 1705:TCP:*:Enabled:MioNet Remote Drive Access 5
"1706:TCP" = 1706:TCP:*:Enabled:MioNet Remote Drive Access 6
"1707:TCP" = 1707:TCP:*:Enabled:MioNet Remote Drive Access 7
"1708:TCP" = 1708:TCP:*:Enabled:MioNet Remote Drive Access 8
"1709:TCP" = 1709:TCP:*:Enabled:MioNet Remote Drive Access 9
"1641:TCP" = 1641:TCP:*:Enabled:MioNet Remote Drive Verification
"1647:TCP" = 1647:TCP:*:Enabled:MioNet Storage Device Configuration
"5432:UDP" = 5432:UDP:*:Enabled:MioNet Storage Device Discovery
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup (Nero AG)
C:\Documents and Settings\Henry\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup File not found
C:\Games\Call of Duty 2\CoD2MP_s.exe:*:Enabled:Call of Duty® 2 Multiplayer File not found
C:\Games\CoD2\pb\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\Program Files\winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqld-nt.exe:*:Enabled:mysqld-nt.exe 5.0.38 ()
C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe:*:Enabled:SimplyConnectionManager.exe (Sage Software)
C:\Program Files\EFTSIMPLY\EFTSIM.exe:*:Enabled:EFTSIM.exe (Sage Software, Inc.)
C:\Program Files\MioNet\MioNetManager.exe:*:Enabled:MioNetManager File not found
C:\Program Files\MioNet\jvm\bin\MioNet.exe:*:Enabled:MioNet File not found
C:\Program Files\winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqladmin.exe:*:Enabled:mysqladmin.exe ()
C:\Program Files\Simply Accounting Enterprise 2008\SimplyAccounting.exe:*:Enabled:Simply Accounting Enterprise 2008 (Sage Software, Inc.)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Games\COD4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare ()
C:\Program Files\Proxy Switcher Lite\ProxySwitcher.exe:*:Enabled:Proxy Switcher (Proxy Switcher)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{089759B6-8B18-4AE5-9350-E132E0C22C01}" = Simply Accounting by Sage 2007
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{11C98E1A-EC91-4B38-B44C-C562292D8453}" = Adobe Premiere Elements 2.0
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1D243F00-1389-4C63-A7E9-B17E967D1901}" = WebEx Record and Playback
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237a4b22-78c2-11d6-a394-00104bd190b1}" = QuickBooks Pro Edition 2003
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E7A405E-901E-43FA-894B-8CA982F3C08E}" = Logger's Edge
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{5567F737-98A5-4CF3-8B4A-2F4E515966F7}" = Simply Accounting by Sage 2008
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{61DE738B-CA77-4B59-B9D3-67226BB7DCE3}" = Motorola Software Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68131B0A-D78D-4aed-B74E-33A6C7324E50}" = WD Anywhere Backup
"{68F0FC7C-6B39-4378-8406-BCE1CDF73CD0}" = EFT Direct for Simply Accounting 2008
"{714A8115-89BE-44E9-89A5-768405B0BB97}" = Motorola Phone Tools
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{860B8100-3F1D-11D5-AF7D-000103C547E7}" = Auction Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91120409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-1033-0000-BA7E-000000000002}" = Adobe Acrobat 7.0 Standard
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA83FEB1-B397-461D-B120-7B996E83ADEE}" = Simply Accounting by Sage 2008
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4476AF5-B402-4C62-BE7D-0182F2B15D0A}" = Simply Accounting by Sage 2008
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F82C1FF3-4B7A-49B2-ACF7-5AE402C4C0CB}" = Call of Duty® 4 - Modern Warfare
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}" = Nero 7 Essentials
"{F929096B-54A0-4C5C-B125-1E7EB1917412}" = MySQL Connector/ODBC 3.51
"7-Zip" = 7-Zip 4.42
"ActiveTouchMeetingClient" = WebEx
"Actual Transparent Windows_is1" = Actual Transparent Window 5.1
"Adobe Acrobat 7.0 Standard" = Adobe Acrobat 7.1.0 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AnvSoft Flash to Video Converter Professional_is1" = AnvSoft Flash to Video Converter Professional 1.2.5
"avast!" = avast! Antivirus
"Azureus Vuze" = Azureus Vuze
"Build-a-lot 2: Town of the Year_is1" = Build-a-lot 2: Town of the Year
"CCleaner" = CCleaner (remove only)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler (remove only)
"Download Manager" = Download Manager 2.3.6
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ExplorerXP" = ExplorerXP (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{F82C1FF3-4B7A-49B2-ACF7-5AE402C4C0CB}" = Call of Duty® 4 - Modern Warfare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"PhotoStitch" = Canon Utilities PhotoStitch
"PremElem20" = Adobe Premiere Elements 2.0
"ProxySwitcher Lite_is1" = ProxySwitcher Lite
"VLC media player" = VLC media player 0.9.2
"WaveStudio 7" = Creative WaveStudio 7
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/3/2009 2:42:43 PM | Computer Name = FRIESENALX | Source = Windows Search Service | ID = 3013
Description = The entry <MAPI://{S-1-5-21-1906907563-3048397671-1860449601-1005}/PERSONAL
FOLDERS($8404984F)/X/OUTBOX/????????????????????????> in the hash map cannot be
updated. Context: Application, SystemIndex Catalog Details: A device attached to
the system is not functioning. (0x8007001f)
Error - 5/3/2009 9:27:30 PM | Computer Name = FRIESENALX | Source = Application Hang | ID = 1002
Description = Hanging application EXCEL.EXE, version 10.0.6850.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2009 9:27:33 PM | Computer Name = FRIESENALX | Source = Application Hang | ID = 1001
Description = Fault bucket 1047656720.
Error - 6/3/2009 8:52:13 PM | Computer Name = FRIESENALX | Source = Application Error | ID = 1000
Description = Faulting application winamp.exe, version 5.5.3.1938, faulting module
ntdll.dll, version 5.1.2600.5512, fault address 0x0001b1fa.
Error - 20/3/2009 7:58:28 PM | Computer Name = FRIESENALX | Source = Application Error | ID = 1000
Description = Faulting application iw3mp.exe, version 0.0.0.0, faulting module iw3mp.exe,
version 0.0.0.0, fault address 0x00164e07.
Error - 24/3/2009 5:13:46 PM | Computer Name = FRIESENALX | Source = Application Error | ID = 1000
Description = Faulting application iw3mp.exe, version 0.0.0.0, faulting module iw3mp.exe,
version 0.0.0.0, fault address 0x00164e07.
Error - 2/4/2009 4:28:24 PM | Computer Name = FRIESENALX | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49aef99b, P4
tanagra.dataclad, P5 2.0.0.1, P6 49aef93d, P7 fa, P8 5d4, P9 system.exception,
P10 NIL.
Error - 3/4/2009 10:35:05 AM | Computer Name = FRIESENALX | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49aef99b, P4
tanagra.dataclad, P5 2.0.0.1, P6 49aef93d, P7 fa, P8 5d4, P9 system.exception,
P10 NIL.
Error - 3/4/2009 2:53:14 PM | Computer Name = FRIESENALX | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49aef99b, P4
tanagra.dataclad, P5 2.0.0.1, P6 49aef93d, P7 fa, P8 5d4, P9 system.exception,
P10 NIL.
Error - 4/4/2009 1:51:58 PM | Computer Name = FRIESENALX | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 memeobackup.exe, P2 2.0.0.0, P3 49aef99b, P4
tanagra.dataclad, P5 2.0.0.1, P6 49aef93d, P7 fa, P8 5d4, P9 system.exception,
P10 NIL.
[ System Events ]
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/4/2009 4:23:13 PM | Computer Name = FRIESENALX | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
< End of report >