Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Getting lag on explorer [Solved]

Started by Lucky Dearly , Apr 12 2009 07:19 PM

  • This topic is locked This topic is locked

#1
Lucky Dearly
Posted 12 April 2009 - 07:19 PM

Lucky Dearly

    Member

  • Member
  • PipPipPip
  • 349 posts
I've been getting lag problems as of late on my pc, I've also been experiencing freezing of my explorer plus dr.Watson post Mortem Debbugger showing up twice in my process list on Task Manager, also just now my ipod isn't being detected by my pc when it's plugged into the usb port

here's my Hi-jack this Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:18:29 PM, on 4/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\PROGRA~1\aim\AIMWDI~1.EXE
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
G:\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\AOL\1235513358\ee\AOLSoftware.exe
G:\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\aim\aim.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wwe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\aim\AIMWDI~1.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] G:\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1235513358\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
O4 - HKCU\..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2....re/HPDEXAXO.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\nWo4life\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15308 bytes
  • 0

Advertisements

#2
Essexboy
Posted 18 April 2009 - 07:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay I will need a fresh look at your system

Download Rooter.exe to your desktop
  • Doubleclick it to start the tool.
  • A Notepad file containing the report will open, also found at %systemdrive%(usually C:)\Rooter.txt. Copy and paste it with your OTLI log.

THEN

  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#3
Lucky Dearly
Posted 18 April 2009 - 01:42 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:76316 Mo/Free:2982 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:590 Mo/Free:0 Mo)
G:\ [Fixed] - NTFS - (Total:190771 Mo/Free:1131 Mo)

Sat 04/18/2009|12:40

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
---------- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Norton AntiVirus\navapsvc.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\Program Files\Norton AntiVirus\SAVScan.exe
---------- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
---------- C:\WINDOWS\system32\slserv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\wanmpsvc.exe
---------- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
---------- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
---------- C:\Program Files\D-Tools\daemon.exe
---------- C:\Program Files\QuickTime\QTTask.exe
---------- C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
---------- C:\Program Files\Winamp\winampa.exe
---------- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
---------- C:\PROGRA~1\aim\AIMWDI~1.EXE
---------- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
---------- C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
---------- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
---------- G:\HP Share-to-Web\hpgs2wnd.exe
---------- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
---------- C:\Program Files\Common Files\AOL\1235513358\ee\AOLSoftware.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- G:\HP Share-to-Web\hpgs2wnf.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
---------- C:\Program Files\Pando Networks\Pando\pando.exe
---------- C:\Program Files\aim\aim.exe
---------- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
---------- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\WiFiConnector\NintendoWFCReg.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\explorer.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\nWo4life\Desktop\Emulators\game.maker.7.with.crack.rar_[myBittorrent.com].torrent
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker-110.zip
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\keygen.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\setup.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\Torrent downloaded from Demonoid.com.txt


1 - "C:\Rooter$\Rooter_1.txt" - Sat 04/18/2009|12:41

----------------------\\ Scan completed at 12:41
  • 0

#4
Lucky Dearly
Posted 18 April 2009 - 01:51 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
OTListIt Extras logfile created on: 4/18/2009 12:46:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\nWo4life\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 462.90 Mb Available Physical Memory | 45.23% Memory free
2.41 Gb Paging File | 1.76 Gb Available in Paging File | 72.99% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 38.91 Gb Free Space | 52.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 590.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 186.30 Gb Total Space | 73.10 Gb Free Space | 39.24% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-PL0BMT21N9
Current User Name: nWo4life
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"56325:TCP" = 56325:TCP:*:Enabled:Pando P2P TCP Listening Port
"56325:UDP" = 56325:UDP:*:Enabled:Pando P2P UDP Listening Port
"10360:TCP" = 10360:TCP:*:Enabled:BitComet 10360 TCP
"10360:UDP" = 10360:UDP:*:Enabled:BitComet 10360 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 (America Online, Inc.)
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL 9.5 (AOL, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice ()
C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application (Pando Networks)
C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client (www.BitComet.com)
C:\Program Files\aim\aim.exe:*:Enabled:AOL Instant Messenger (SM) (America Online, Inc.)
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 (America Online, Inc.)
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare (Eastman Kodak Company)
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer (AOL LLC)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service (AOL LLC)
C:\Program Files\Common Files\AOL\1235513358\ee\aolsoftware.exe:*:Enabled:AOL Shared Components (AOL LLC)
C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed (AOL LLC)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information (AOL LLC)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
G:\Left4Dead (PC) (ENG)(NON-STEAM) (ALREADY CRACKED) (DIRECT PLAY) [blaze69]\Left4Dead\hl2.exe:*:Enabled:hl2 File not found
C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL 9.5 (AOL, LLC.)
C:\Program Files\WiFiConnector\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector ()
G:\sysreset\mirc.exe:*:Enabled:mIRC (mIRC Co. Ltd.)
C:\Documents and Settings\nWo4life\Desktop\Emulators\Super Nintendo Emulator\Snes9K.exe:*:Enabled:Snes9K ()
C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client (LogMeIn Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6CC93102-135E-49E2-99A4-C431E671C12A}" = HP Photo and Imaging 2.0 - Scanners
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7169B8E4-2632-46B1-AA5F-167CB5FE5029}" = Symantec Network Drivers Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91A5B6C0-EF4E-4830-AC7D-6761C0A9B292}" = hp deskjet 3600
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F05B89E-2873-11D5-9E9D-0050DA1EA555}" = Myst III: Exile
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2E3A2C8-283C-4871-A499-B2711F48D64B}" = Yugioh Virtual Dueling
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2004
"{C7EEC93A-2A61-4B1E-B696-A264680A889D}" = MobileMe Control Panel
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CF2606C7-63AF-40F4-8919-F2EC654ACC91}" = Napster for Windows Media Player
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer
"{D6414CC7-F215-467F-88B1-546ED863F35B}" = CC_ccStart
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}" = SymNet
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC37ABD0-2108-4beb-B010-1254E0662B5A}" = MSRedist
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"Audacity_is1" = Audacity 1.2.6
"AudibleDownloadManager" = Audible Download Manager
"Audio Editor Gold 2006_is1" = Audio Editor Gold 2006 7.6.1
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BigFix" = BigFix
"BitComet" = BitComet 1.09
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CloneCD" = CloneCD
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"CompuServe us" = CompuServe
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 5.0.1.20
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DOOM Collector's Edition" = DOOM Collector's Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8 Release Candidate 1
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"JRE 1.3.1" = Java 2 Runtime Environment Standard Edition v1.3.1
"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"mIRC" = mIRC
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Netscape 6 (6.2.1)" = Netscape 6 (6.2.1)
"NVIDIA Drivers" = NVIDIA Drivers
"PandoBar Uninstall" = Pando Toolbar
"RealPlayer 6.0" = RealPlayer Basic
"Rhapsody" = Rhapsody
"SecondLife" = SecondLife (remove only)
"SLAMRNTV" = 56Kbps Internal Modem
"Smart-Shopper" = SmartShopper
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2004 (Symantec Corporation)
"SystemRequirementsLab" = System Requirements Lab
"ViewpointMediaPlayer" = Viewpoint Media Player
"VirtuallTek Fighter Factory_is1" = Fighter Factory 1.0.9.2005 + Update Pack 1
"Wdf01001" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebcamMax" = WebcamMax
"Wheel of Fortune Deluxe" = Wheel of Fortune Deluxe (remove only)
"WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wrestling MPire 2008 (Career Edition) Trial" = Wrestling MPire 2008 (Career Edition) Trial
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/19/2009 11:58:49 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module npdivx32.dll, version 1.4.3.4, fault address 0x00103f2d.

Error - 3/19/2009 12:17:16 PM | Computer Name = YOUR-PL0BMT21N9 | Source = SBService | ID = 0
Description =

Error - 3/20/2009 5:20:11 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application kkk.exe, version 0.0.0.0, faulting module ntdll.dll,
version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 5:35:03 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application kkk.exe, version 0.0.0.0, faulting module ntdll.dll,
version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 7:34:05 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application winmugen.exe, version 0.0.0.0, faulting module
winmugen.exe, version 0.0.0.0, fault address 0x0004ee7d.

Error - 3/20/2009 5:37:27 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application winmugen.exe, version 0.0.0.0, faulting module
ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 7:43:36 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module srchbxex.dll, version 1.2.123.0, fault address 0x0000ed38.

Error - 3/21/2009 1:30:11 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Hang | ID = 1002
Description = Hanging application nvcplui.exe, version 1.5.2400.14, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/21/2009 2:41:31 AM | Computer Name = YOUR-PL0BMT21N9 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/21/2009 2:45:00 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 7.5.0.647, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x0000100b.

[ Application Events ]
Error - 3/19/2009 11:58:49 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module npdivx32.dll, version 1.4.3.4, fault address 0x00103f2d.

Error - 3/19/2009 12:17:16 PM | Computer Name = YOUR-PL0BMT21N9 | Source = SBService | ID = 0
Description =

Error - 3/20/2009 5:20:11 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application kkk.exe, version 0.0.0.0, faulting module ntdll.dll,
version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 5:35:03 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application kkk.exe, version 0.0.0.0, faulting module ntdll.dll,
version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 7:34:05 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application winmugen.exe, version 0.0.0.0, faulting module
winmugen.exe, version 0.0.0.0, fault address 0x0004ee7d.

Error - 3/20/2009 5:37:27 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application winmugen.exe, version 0.0.0.0, faulting module
ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Error - 3/20/2009 7:43:36 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module srchbxex.dll, version 1.2.123.0, fault address 0x0000ed38.

Error - 3/21/2009 1:30:11 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Hang | ID = 1002
Description = Hanging application nvcplui.exe, version 1.5.2400.14, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/21/2009 2:41:31 AM | Computer Name = YOUR-PL0BMT21N9 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/21/2009 2:45:00 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 7.5.0.647, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x0000100b.

[ System Events ]
Error - 4/18/2009 10:27:07 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053

Error - 4/18/2009 11:41:06 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AOL Connectivity Service
service to connect.

Error - 4/18/2009 11:41:06 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053

Error - 4/18/2009 11:41:06 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The hpdj service failed to start due to the following error: %%2

Error - 4/18/2009 11:41:06 AM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 4/18/2009 12:45:10 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AOL Connectivity Service
service to connect.

Error - 4/18/2009 12:45:10 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053

Error - 4/18/2009 12:45:10 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The hpdj service failed to start due to the following error: %%2

Error - 4/18/2009 12:45:10 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 4/18/2009 12:45:20 PM | Computer Name = YOUR-PL0BMT21N9 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.


< End of report >
  • 0

#5
Lucky Dearly
Posted 18 April 2009 - 01:51 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
OTListIt logfile created on: 4/18/2009 12:46:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\nWo4life\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 462.90 Mb Available Physical Memory | 45.23% Memory free
2.41 Gb Paging File | 1.76 Gb Available in Paging File | 72.99% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 38.91 Gb Free Space | 52.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 590.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 186.30 Gb Total Space | 73.10 Gb Free Space | 39.24% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-PL0BMT21N9
Current User Name: nWo4life
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Norton AntiVirus\navapsvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Norton AntiVirus\SAVScan.exe (Symantec Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\WINDOWS\system32\slserv.exe ( )
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
PRC - C:\Program Files\aim\AIMWDInstall.exe (Wild Tangent)
PRC - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
PRC - G:\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\AOL\1235513358\ee\AOLSoftware.exe (AOL LLC)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - G:\HP Share-to-Web\hpgs2wnf.exe ()
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\Program Files\Pando Networks\Pando\pando.exe (Pando Networks)
PRC - C:\Program Files\aim\aim.exe (America Online, Inc.)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\taskmgr.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\nWo4life\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ACDaemon [Auto | Running]) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AOL ACS [Auto | Stopped]) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe (AOL LLC)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpdj [Auto | Stopped]) -- File not found
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (navapsvc [Auto | Running]) -- C:\Program Files\Norton AntiVirus\navapsvc.exe (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (SAVScan [Auto | Running]) -- C:\Program Files\Norton AntiVirus\SAVScan.exe (Symantec Corporation)
SRV - (SBService [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe (Symantec Corporation)
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (SLService [Auto | Running]) -- C:\WINDOWS\system32\slserv.exe ( )
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SymWSC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (WANMiniportService [Auto | Running]) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ALCXSENS [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (CAMTHWDM [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys ()
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (ElbyCDFL [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (FETNDISB [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\fetnd5b.sys (VIA Technologies, Inc. )
DRV - (fssfltr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hamachi [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Mtlmnt5 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys ( )
DRV - (Mtlstrm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys ( )
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090325.002\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090325.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NtMtlFax [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys ( )
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RecAgent [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RecAgent.sys (Smart Link)
DRV - (RT25USBAP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt25usbap.sys (Ralink Technology Inc.)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SAVRT [System | Running]) -- C:\Program Files\Norton AntiVirus\SAVRT.SYS (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Slntamr [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\slntamr.sys ( )
DRV - (SlNtHal [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\Slnthal.sys ( )
DRV - (SlWdmSup [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys (Vireo Software)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (USBIO [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbio.sys (Thesycon GmbH, Germany)
DRV - (viaagp1 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (xusb21 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\xusb21.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wwe.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.wwe.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\:
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\PROGRAM FILES\COMMON FILES\CSSHARE\PLUGINS0942 [2009/04/09 01:59:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\PROGRAM FILES\COMMON FILES\CSSHARE\PLUGINS0942 [2009/04/09 01:59:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/02/22 17:40:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/09 01:57:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/09 01:56:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Components: C:\PROGRAM FILES\NETSCAPE\NETSCAPE 6\COMPONENTS [2009/02/19 01:09:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Plugins: C:\PROGRAM FILES\NETSCAPE\NETSCAPE 6\PLUGINS [2009/04/09 01:59:45 | 00,000,000 | ---D | M]

[2009/04/09 01:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\mozilla\Extensions
[2009/04/09 01:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/09 01:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\mozilla\Firefox\Profiles\3bmppkng.default\extensions
[2009/04/09 01:56:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/09 01:56:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 12:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 12:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 11:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 11:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 11:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 11:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 11:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 11:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 11:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Pando Search Assistant BHO) - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (CInterceptor Object) - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll (BitComet)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Pando Toolbar BHO) - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Pando Toolbar) - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O4 - HKLM..\Run: [AIMWDInstallFilename] C:\PROGRA~1\aim\AIMWDI~1.EXE (Wild Tangent)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s (SlySoft, Inc.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 (DAEMON'S HOME)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1235513358\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] G:\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" ()
O4 - HKLM..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun (Microsoft Corporation)
O4 - HKLM..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe" (Yahoo! Inc.)
O4 - HKCU..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized (Pando Networks)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk = C:\Program Files\BigFix\BigFix.exe (BigFix Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm (www.BitComet.com)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe (America Online, Inc.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll (BitComet)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/...all-131-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...-131_02-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - F:\autorun.exe (Dipl.-Ing. Stefan Krueger <[email protected]>) - [ CDFS ]
O32 - Autorun File - F:\autorun.inf () - [ CDFS ]
O32 - Autorun File - F:\autorun.ini () - [ CDFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\*.tmp files]
[2009/04/18 12:40:37 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/18 12:40:18 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\nWo4life\Desktop\OTListIt2.exe
[2009/04/18 12:40:12 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\nWo4life\Desktop\Rooter.exe
[2009/04/18 03:06:30 | 00,000,000 | ---D | C] -- C:\DOCUME~1\nWo4life\Desktop\pSX_1_13
[2009/04/18 00:46:28 | 00,007,636 | ---- | C] () -- C:\DOCUME~1\nWo4life\Desktop\pokemon modifier.xml
[2009/04/17 19:40:36 | 00,002,137 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/17 19:40:02 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/17 19:39:57 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/17 19:39:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/17 19:36:48 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/04/17 03:52:02 | 00,000,000 | ---D | C] -- C:\Program Files\RivaTuner v2.24
[2009/04/16 19:07:47 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 19:07:46 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 19:07:46 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 19:07:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 19:07:45 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 19:07:45 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 19:07:44 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 19:07:43 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 19:07:43 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 19:07:42 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 19:07:00 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 19:06:58 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 19:06:58 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 04:38:10 | 00,021,828 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/15 21:27:40 | 00,014,435 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/04/15 21:27:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/15 21:20:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\My Documents\filelib
[2009/04/15 18:52:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\My Documents\download
[2009/04/13 20:45:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009/04/13 20:45:29 | 00,000,670 | ---- | C] () -- C:\DOCUME~1\nWo4life\Desktop\DVD Shrink 3.2.lnk
[2009/04/13 20:45:26 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2009/04/11 02:57:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Application Data\Hamachi
[2009/04/11 02:56:34 | 00,025,280 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2009/04/11 02:56:34 | 00,000,632 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\hamachi.lnk
[2009/04/11 02:56:32 | 00,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2009/04/11 02:55:11 | 01,011,784 | ---- | C] (LogMeIn Inc.) -- C:\Documents and Settings\nWo4life\My Documents\HamachiSetup-1.0.3.0-en.exe
[2009/04/11 02:54:04 | 00,630,119 | ---- | C] () -- C:\Documents and Settings\nWo4life\My Documents\snes9k009z.zip
[2009/04/09 02:24:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Application Data\DivX
[2009/04/09 01:56:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Local Settings\Application Data\Mozilla
[2009/04/09 01:56:51 | 00,001,602 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/09 01:56:48 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/08 20:03:42 | 00,034,416 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/04/07 00:58:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009/04/07 00:56:02 | 00,000,694 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WebcamMax.lnk
[2009/04/07 00:56:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Application Data\Webcammax
[2009/04/07 00:55:31 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/04/07 00:55:31 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/04/07 00:55:11 | 00,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/04/07 00:54:56 | 00,000,000 | ---D | C] -- C:\Program Files\WebcamMax
[2009/04/06 18:17:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Local Settings\Application Data\Yahoo
[2009/04/06 18:17:16 | 00,000,812 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Yahoo! Messenger.lnk
[2009/04/03 22:15:41 | 00,000,594 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Wheel of Fortune Deluxe.lnk
[2009/04/01 18:27:16 | 00,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2009/04/01 18:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\WiFiConnector
[2009/04/01 18:25:21 | 00,162,816 | ---- | C] (Ralink Technology Inc.) -- C:\WINDOWS\System32\drivers\rt25usbap.sys
[2009/04/01 18:25:21 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT25USBAP.CAT
[2009/03/31 12:37:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Application Data\SlySoft
[2009/03/28 23:00:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2009/03/28 23:00:11 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/03/26 02:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\nWo4life\Application Data\gtk-2.0
[2009/03/21 07:06:58 | 00,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/20 22:18:40 | 00,000,024 | ---- | C] () -- C:\url_history.xml
[2009/03/13 14:24:02 | 00,000,022 | ---- | C] () -- C:\WINDOWS\pspvc_path.ini
[2009/02/19 01:12:31 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/02/19 00:44:58 | 00,010,463 | ---- | C] () -- C:\WINDOWS\hpdj3600.ini
[2009/02/18 15:09:46 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/02/13 13:19:21 | 00,000,882 | ---- | C] () -- C:\WINDOWS\DC.ini
[2009/02/13 02:43:06 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/02/12 14:36:00 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/02/12 14:36:00 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2009/02/12 14:35:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2009/02/12 04:22:39 | 00,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/02/12 04:22:39 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\F2CF57C6B7.sys
[2009/02/11 22:35:42 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009/02/11 22:35:42 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2005/02/24 08:32:00 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004/08/22 18:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2003/11/21 12:31:22 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/21 12:19:26 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/11/21 12:09:59 | 00,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/11/21 12:09:29 | 00,000,310 | ---- | C] () -- C:\WINDOWS\net2fone.ini
[2003/11/21 11:51:27 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2003/11/21 10:36:52 | 00,516,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2003/11/21 10:36:52 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2003/11/21 10:36:52 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2003/11/21 10:36:52 | 00,085,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2003/11/21 10:36:51 | 01,293,192 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2003/11/21 10:36:51 | 00,210,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2003/11/21 10:36:51 | 00,162,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2003/11/21 10:36:51 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2003/11/21 10:36:45 | 00,001,094 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/11/21 10:36:45 | 00,000,467 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2003/11/21 10:36:31 | 00,001,002 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/11/21 10:36:29 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/11/21 03:41:36 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2003/11/21 03:41:36 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2003/11/21 03:41:36 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1999/01/22 03:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/18 12:48:00 | 00,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/04/18 12:40:21 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\nWo4life\Desktop\OTListIt2.exe
[2009/04/18 12:40:13 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\nWo4life\Desktop\Rooter.exe
[2009/04/18 09:45:36 | 00,000,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/04/18 09:45:35 | 00,001,002 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/18 09:45:26 | 00,021,828 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/18 09:44:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/18 09:44:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/18 08:43:18 | 00,002,137 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/18 07:28:24 | 00,065,440 | ---- | M] () -- C:\VETlog.dmp
[2009/04/18 04:02:49 | 03,177,530 | -H-- | M] () -- C:\Documents and Settings\nWo4life\Local Settings\Application Data\IconCache.db
[2009/04/18 01:07:45 | 00,007,636 | ---- | M] () -- C:\DOCUME~1\nWo4life\Desktop\pokemon modifier.xml
[2009/04/17 20:00:49 | 00,000,536 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[2009/04/17 03:46:35 | 00,458,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 03:46:35 | 00,392,628 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 03:46:35 | 00,058,944 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 03:16:10 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/17 02:44:35 | 00,003,350 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/04/13 20:45:29 | 00,000,670 | ---- | M] () -- C:\DOCUME~1\nWo4life\Desktop\DVD Shrink 3.2.lnk
[2009/04/11 02:56:34 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2009/04/11 02:56:34 | 00,000,632 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\hamachi.lnk
[2009/04/11 02:55:24 | 01,011,784 | ---- | M] (LogMeIn Inc.) -- C:\Documents and Settings\nWo4life\My Documents\HamachiSetup-1.0.3.0-en.exe
[2009/04/11 02:54:13 | 00,630,119 | ---- | M] () -- C:\Documents and Settings\nWo4life\My Documents\snes9k009z.zip
[2009/04/10 04:19:23 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\nWo4life\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/09 01:56:51 | 00,001,602 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/08 20:03:42 | 00,034,416 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/04/08 20:02:15 | 00,002,187 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Safari.lnk
[2009/04/07 00:56:03 | 00,000,694 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WebcamMax.lnk
[2009/04/06 18:17:16 | 00,000,812 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Yahoo! Messenger.lnk
[2009/04/06 07:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/03 22:15:41 | 00,000,594 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Wheel of Fortune Deluxe.lnk
[2009/04/01 18:27:16 | 00,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2009/03/31 12:38:17 | 00,000,085 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/31 12:38:00 | 00,000,766 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\CloneCD.lnk
[2009/03/26 23:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/21 07:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2009/03/21 07:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/20 22:20:40 | 00,000,758 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Second Life.lnk
[2009/03/20 22:18:40 | 00,000,024 | ---- | M] () -- C:\url_history.xml

========== LOP Check ==========

[2009/04/17 19:39:57 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/13 22:18:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/17 19:40:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/03 01:37:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/06 23:27:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/03/06 23:19:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2009/02/27 09:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009/02/11 22:53:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/02/11 22:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/02/21 01:14:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/02/22 23:51:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/02/12 04:21:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2003/11/21 12:16:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/04/13 21:55:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009/02/12 04:14:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/02/21 01:14:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2009/03/06 23:27:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2009/03/07 13:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/21 10:33:26 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/02/28 01:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2003/11/21 12:12:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/02/14 04:20:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2003/11/21 12:18:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/03/08 07:45:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/07 00:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009/02/18 23:12:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/06 18:17:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/02/12 02:14:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/04/15 21:13:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\nWo4life\Application Data
[2009/03/03 01:43:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Adobe
[2009/02/12 02:18:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Aim
[2009/03/06 23:27:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\AOL
[2009/03/16 00:23:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Apple Computer
[2009/02/22 01:14:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\ArcSoft
[2009/02/22 23:51:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\AVS4YOU
[2009/04/17 02:44:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Corel
[2009/04/09 02:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\DivX
[2009/02/28 23:37:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\fltk.org
[2009/02/12 04:43:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Google
[2009/03/26 02:43:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\gtk-2.0
[2009/04/11 18:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Hamachi
[2009/02/19 01:10:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Hewlett-Packard
[2003/11/21 11:47:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Identities
[2003/11/21 12:05:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\InterTrust
[2009/02/22 00:08:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\KodakCredentialStore
[2009/03/03 02:41:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Leadertech
[2009/02/12 01:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Macromedia
[2009/03/07 13:35:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Malwarebytes
[2009/04/08 20:03:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\nWo4life\Application Data\Microsoft
[2009/02/12 14:33:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Microsoft Web Folders
[2009/04/09 01:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Mozilla
[2009/03/05 01:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Real
[2009/02/12 02:45:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\SecondLife
[2009/02/19 01:09:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Share-to-Web Upload Folder
[2009/02/21 15:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Skinux
[2009/03/31 12:37:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\SlySoft
[2009/02/14 03:53:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Smart-Shopper
[2009/02/22 17:36:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Sun
[2009/02/14 04:20:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\SUPERAntiSpyware.com
[2003/11/21 12:17:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Symantec
[2009/02/24 15:06:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Viewpoint
[2009/04/07 00:58:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Webcammax
[2009/02/12 02:24:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\WinRAR
[2009/02/12 02:13:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\nWo4life\Application Data\Yahoo!
[2009/02/11 22:53:55 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2003/03/31 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/17 20:00:49 | 00,000,536 | ---- | M] () -- C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job
[2009/04/18 09:44:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/18 12:48:00 | 00,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Program Files\Internet Explorer\iexplore.exe:SummaryInformation
@Alternate Data Stream - 2628 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:35E9845CA84E4680
< End of report >
  • 0

#6
Essexboy
Posted 18 April 2009 - 02:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi again - cracks do not help in keeping your computer clean

Run OTList2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTLI
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)

:Files
C:\DOCUME~1\nWo4life\Desktop\Emulators\game.maker.7.with.crack.rar_[myBittorrent.com].torrent
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker-110.zip
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\keygen.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\setup.exe
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\Torrent downloaded from Demonoid.com.txt

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL2 log ( don't check the boxes beside LOP Check or Purity this time )

THEN

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#7
Lucky Dearly
Posted 18 April 2009 - 02:58 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
========== OTLISTIT ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
c:\program files\google\googletoolbar1.dll unregistered successfully.
File move failed. c:\program files\google\googletoolbar1.dll scheduled to be moved on reboot.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File c:\program files\google\googletoolbar1.dll not found.
========== FILES ==========
C:\DOCUME~1\nWo4life\Desktop\Emulators\game.maker.7.with.crack.rar_[myBittorrent.com].torrent moved successfully.
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker-110.zip moved successfully.
C:\DOCUME~1\nWo4life\Desktop\Emulators\smrpg_sscracker.exe moved successfully.
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\keygen.exe moved successfully.
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\setup.exe moved successfully.
C:\DOCUME~1\nWo4life\Desktop\Emulators\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl\Corel.Paint.Shop.Pro.Photo.XI.v11.0.Incl.Keygen-SSG\Torrent downloaded from Demonoid.com.txt moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\CMLS--2009-04-18--09-45-56.log scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\fla40D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\fla417.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\Perflib_Perfdata_acc.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6DDB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6DE6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E4D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E58.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E91.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E9C.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6FF5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temp\~DFE1B3.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\OE61OM8U\client_ad[1].php scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\O05K8UJF\AIM_UAC[1].adp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\O05K8UJF\size=120x90;noperf=1;alias=93242638;kvmn=93242638;target=_blank;aduho=420;group=82718718;misc=8
2718718[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NRLQQK8I\client_ad[1].php scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\ads[5].txt scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\Getting-lag-explorer-t235405[1].html scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\size=120x90;noperf=1;alias=93242638;kvmn=93242638;target=_blank;aduho=420;group=82758343;misc=8
2758343[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\Takari[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\JMMVPFGA\iframe[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\CMG0A5PL\ads[10].txt scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\61HB97E3\iframe_120_90[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\61HB97E3\Patagatoaimbuddy[1].jpg scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\0F5QSY22\index[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\AntiPhishing\4069DF2E-0DD4-4F34-9DE6-67F136F30810.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_148.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_ff0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.14.0 log created on 04182009_131630

Files moved on Reboot...
File c:\program files\google\googletoolbar1.dll not found!
C:\Documents and Settings\nWo4life\Local Settings\Temp\CMLS--2009-04-18--09-45-56.log moved successfully.
File C:\Documents and Settings\nWo4life\Local Settings\Temp\fla40D.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\fla417.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\Perflib_Perfdata_acc.dat not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6DDB.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6DE6.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E4D.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E58.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E91.tmp not found!
File C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6E9C.tmp not found!
C:\Documents and Settings\nWo4life\Local Settings\Temp\~DF6FF5.tmp moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temp\~DFE1B3.tmp moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\OE61OM8U\client_ad[1].php moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\O05K8UJF\AIM_UAC[1].adp moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\O05K8UJF\size=120x90;noperf=1;alias=93242638;kvmn=93242638;target=_blank;aduho=420;group=82718718;misc=8
2718718[1].htm moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NRLQQK8I\client_ad[1].php moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\ads[5].txt moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\Getting-lag-explorer-t235405[1].html moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\size=120x90;noperf=1;alias=93242638;kvmn=93242638;target=_blank;aduho=420;group=82758343;misc=8
2758343[1].htm moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\NH977L1J\Takari[1].jpg moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\JMMVPFGA\iframe[2].htm moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\CMG0A5PL\ads[10].txt moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\61HB97E3\iframe_120_90[1].htm moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\61HB97E3\Patagatoaimbuddy[1].jpg moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\Content.IE5\0F5QSY22\index[2].htm moved successfully.
C:\Documents and Settings\nWo4life\Local Settings\Temporary Internet Files\AntiPhishing\4069DF2E-0DD4-4F34-9DE6-67F136F30810.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_148.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_ff0.dat moved successfully.

Registry entries deleted on Reboot...
  • 0

#8
Lucky Dearly
Posted 18 April 2009 - 02:59 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
Malwarebytes' Anti-Malware 1.36
Database version: 2002
Windows 5.1.2600 Service Pack 3

4/18/2009 1:58:19 PM
mbam-log-2009-04-18 (13-58-19).txt

Scan type: Quick Scan
Objects scanned: 100398
Time elapsed: 10 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#9
Essexboy
Posted 18 April 2009 - 03:55 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems are you experiencing now ?
  • 0

#10
Lucky Dearly
Posted 18 April 2009 - 07:16 PM

Lucky Dearly

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 349 posts
nothing as of yet

hm checking my processes list and I find no extra explorers or dr.watsons, but I did find my internet explorer duplicated (I only have one window open) and the extra is using alot of memory on my pc (about 50,000)
  • 0

#11
Essexboy
Posted 19 April 2009 - 03:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What I will do now is remove my tools - let you run for 24 hours and see if they re-occur

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..Run OTListit and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 13.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u13-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u13-windows-i586-p.exe and select "Run as an Administrator.")

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE
You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :)
  • 0

#12
Essexboy
Posted 21 April 2009 - 12:32 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP