Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

root Kit ? adware_memwatcher ? Zombie network!


  • Please log in to reply

#1
Gene Poole47

Gene Poole47

    New Member

  • Member
  • Pip
  • 1 posts
Hey Folks,

I tried going through all six steps and have downloaded all the recommended software. I do not have a log from rooter. Rooter kept hanging on me. (After asking for a disk), I have my installation disc but was wary of inserting it.

I upgraded to Avg Internet security from Avg anti-virus the other day (was having conflicts with spybotsearch and destroy. Because I now had a suite started using the avg firewall and found all kinds of bad networks etc.
the OTListit log file is already huge. i ran mbam and its report said I had no infections. Just give me a step(s) and I will report back.

Not sure what the protocol is for my wait on an answer. I have to run some errands shortly and may not be able to reply to you "immediately". Just leave a note and i will do what is recommended, then post the results. Thank you in advance !

One question ---- Should I run the otlistit2 scan log again and "scan all users" , (I only logged in as admin) was not sure what to do the first time. ( I think there is an unauthorized user compromising my network). and there is a guest account etc.

I went ahead and attached the extras.txt file underneath my OTListIt log file in case you might need it.

Unable to preview my post so, I hope it does not look to bad ,,,,crossing my fingers.

Cheers, Gene
















OS 14:03 03/05/2009OTListIt logfile created on: 03/05/2009 13:22:30 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Administrator\Desktop\downloads
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.30 Mb Total Physical Memory | 131.56 Mb Available Physical Memory | 25.73% Memory free
1.44 Gb Paging File | 1.03 Gb Available in Paging File | 71.41% Paging File free
Paging file location(s): C:\pagefile.sys 1000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 18.70 Gb Free Space | 50.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GENE-FLA2R478BX
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINNT\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINNT\system32\MSTask.exe (Microsoft Corporation)
PRC - C:\WINNT\System32\tcpsvcs.exe (Microsoft Corporation)
PRC - C:\Program Files\SiteAdvisor\6261\SAService.exe ()
PRC - C:\WINNT\System32\snmp.exe (Microsoft Corporation)
PRC - C:\WINNT\system32\stisvc.exe (Microsoft Corporation)
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\WINNT\System32\WBEM\WinMgmt.exe (Microsoft Corporation)
PRC - C:\WINNT\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINNT\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\SiteAdvisor\6261\SiteAdv.exe (McAfee, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINNT\system32\taskmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Administrator\Desktop\downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AcrSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8 [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dmadmin [On_Demand | Stopped]) -- C:\WINNT\System32\dmadmin.exe (VERITAS Software Corp.)
SRV - (Fax [On_Demand | Stopped]) -- C:\WINNT\system32\faxsvc.exe (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (IISADMIN [Auto | Running]) -- C:\WINNT\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (InCDsrv [Auto | Running]) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (InCDsrvR [Auto | Stopped]) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Iprip [Auto | Running]) -- C:\WINNT\System32\iprip.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (McciCMService [Auto | Running]) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
SRV - (MSFTPSVC [Auto | Stopped]) -- C:\WINNT\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (NMIndexingService [Disabled | Stopped]) -- File not found
SRV - (NVSvc [Auto | Running]) -- C:\WINNT\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (RemoteRegistry [Auto | Stopped]) -- C:\WINNT\system32\regsvc.exe (Microsoft Corporation)
SRV - (Schedule [Auto | Running]) -- C:\WINNT\system32\MSTask.exe (Microsoft Corporation)
SRV - (SimpTcp [Auto | Running]) -- C:\WINNT\System32\tcpsvcs.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service [Auto | Running]) -- C:\Program Files\SiteAdvisor\6261\SAService.exe ()
SRV - (SMTPSVC [Auto | Stopped]) -- C:\WINNT\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (SNMP [Auto | Running]) -- C:\WINNT\System32\snmp.exe (Microsoft Corporation)
SRV - (StiSvc [Auto | Running]) -- C:\WINNT\system32\stisvc.exe (Microsoft Corporation)
SRV - (UPHClean [Auto | Running]) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (UtilMan [On_Demand | Stopped]) -- C:\WINNT\System32\UtilMan.exe (Microsoft Corporation)
SRV - (WinMgmt [Auto | Running]) -- C:\WINNT\System32\WBEM\WinMgmt.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aspi32 [Auto | Running]) -- C:\WINNT\System32\drivers\aspi32.sys (Adaptec)
DRV - (Avgfwdx [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINNT\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINNT\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINNT\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Cdr4_2K [System | Running]) -- C:\WINNT\System32\drivers\cdr4_2K.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINNT\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (cmosa [System | Running]) -- C:\WINNT\System32\drivers\cmosa.sys (Dell Computer Corporation.)
DRV - (cwcspud [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\cwcspud.sys (Microsoft Corporation)
DRV - (DCamUSBSTK017 [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\STK017W2.sys (Syntek Ltd.)
DRV - (Diskperf [Boot | Running]) -- C:\WINNT\System32\drivers\diskperf.sys (Microsoft Corporation)
DRV - (dmboot [Disabled | Stopped]) -- C:\WINNT\System32\drivers\dmboot.sys (VERITAS Software Corp.)
DRV - (dmio [Boot | Running]) -- C:\WINNT\System32\drivers\dmio.sys (VERITAS Software Corp.)
DRV - (dmload [Boot | Running]) -- C:\WINNT\System32\drivers\dmload.sys (VERITAS Software Corp.)
DRV - (EFS [Disabled | Running]) -- C:\WINNT\System32\drivers\efs.sys (Microsoft Corporation)
DRV - (EL90BC [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (FVNETusb [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\vnet558x.sys (ATMEL)
DRV - (gameenum [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINNT\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ICAM3NT5 [On_Demand | Stopped]) -- C:\WINNT\System32\Drivers\Icam3.sys (Intel Corporation)
DRV - (InCDFat [On_Demand | Stopped]) -- C:\WINNT\system32\Drivers\InCDFat.sys (Nero AG)
DRV - (InCDfs [Disabled | Running]) -- C:\WINNT\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass [System | Running]) -- C:\WINNT\System32\DRIVERS\InCDPass.sys (Nero AG)
DRV - (incdrm [System | Running]) -- C:\WINNT\System32\drivers\InCDrm.sys (Nero AG)
DRV - (ISODrive [System | Running]) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (ltmodem5 [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\ltmdmnt.sys (LT)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINNT\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (MPE [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (MREMP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (msloop [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\loop.sys (Microsoft Corporation)
DRV - (MSW_USB [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\MSWUSB50.sys (Microsoft® Corporation)
DRV - (NetDetect [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\netdtect.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (openhci [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\openhci.sys (Microsoft Corporation)
DRV - (ousb2hub [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\ousb2hub.sys (OrangeWare Corporation)
DRV - (ousbehci [Auto | Running]) -- C:\WINNT\System32\Drivers\ousbehci.sys (OrangeWare Corporation)
DRV - (Parallel [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\parallel.sys (Microsoft Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINNT\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RCA [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\RCA.sys (Microsoft Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (snapman [Boot | Running]) -- C:\WINNT\system32\DRIVERS\snapman.sys (Acronis)
DRV - (tbcspud [On_Demand | Running]) -- C:\WINNT\system32\drivers\tbcspud.sys (Voyetra Turtle Beach)
DRV - (tbcwdm [On_Demand | Running]) -- C:\WINNT\system32\drivers\tbcwdm.sys (Voyetra Turtle Beach)
DRV - (tifsfilter [Auto | Running]) -- C:\WINNT\system32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINNT\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tmcomm [Auto | Running]) -- C:\WINNT\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (uhcd [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\uhcd.sys (Microsoft Corporation)
DRV - (usb_rndisy [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\usb8023y.sys (Microsoft Corporation)
DRV - (vtdg46xx [On_Demand | Stopped]) -- C:\Program Files\Turtle Beach\Santa Cruz\Control Panel\vtdg46xx.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}:6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/30 20:45:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/15 21:35:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/04/30 20:36:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/03 12:54:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/03 12:54:44 | 00,000,000 | ---D | M]

[2009/05/03 08:34:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2009/05/03 08:34:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007/10/24 16:42:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\0cpdshx9.default\extensions
[2007/10/24 23:58:28 | 00,001,406 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\0cpdshx9.default\searchplugins\siteadvisor.gif
[2007/10/24 23:58:28 | 00,000,276 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\0cpdshx9.default\searchplugins\siteadvisor.src
[2007/10/24 23:58:17 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\0cpdshx9.default\searchplugins\siteadvisor.xml
[2009/05/03 08:44:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/03 12:54:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/07 16:56:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2007/05/30 19:12:37 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2007/04/14 13:37:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/25 06:16:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/18 14:46:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/04/15 21:36:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/05/03 12:54:37 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/03 12:54:37 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/26 08:50:32 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/02/26 08:50:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/26 08:50:32 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/02/26 08:50:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/26 08:50:32 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/02/26 08:50:32 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/26 08:50:32 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/26 08:50:32 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
[2009/04/30 20:49:30 | 00,000,711 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (303078 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 10444 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart (Google)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINNT\System32\rnr20.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} http://www.ca.com/us...an/pestscan.cab (PSFormX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1171065663039 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1193284627094 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...090/mcfscan.cab (McFreeScan Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: McAfee Wi-FiScan http://download.mcaf...ScannerCtrl.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\ActiveSync: DllName - WcesWlgn.dll - C:\WINNT\system32\WcesWlgn.dll (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINNT\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\nwprovau: DllName - nwprovau.dll - C:\WINNT\system32\nwprovau.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\system32\wzcdlg.dll (Microsoft Corporation)
O21 - SSODL: Network.ConnectionTray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\WINNT\system32\NETSHELL.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINNT\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/02/09 01:48:54 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINNT\*.tmp files]
[2009/05/03 12:46:42 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_488.dat
[2009/05/03 12:46:12 | 00,000,000 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2009/05/03 12:28:10 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/03 12:02:15 | 00,008,192 | ---- | C] () -- C:\WINNT\System32\default_user_class.dat
[2009/05/03 09:24:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/05/03 09:24:15 | 00,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/03 09:24:13 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/05/03 09:24:10 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/05/03 09:24:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/03 09:24:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/03 09:19:36 | 00,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2009/05/03 09:11:32 | 00,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/05/03 09:11:32 | 00,000,481 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/05/03 09:11:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/03 08:47:20 | 00,001,590 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HijackThis.lnk
[2009/05/03 08:47:16 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/03 08:25:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2009/05/03 08:24:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR
[2009/05/02 19:48:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/05/02 19:47:59 | 00,001,631 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/05/02 19:47:54 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/05/02 19:42:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/05/02 14:18:47 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\WINNT\System32\drivers\tmcomm.sys
[2009/05/02 13:48:30 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_470.dat
[2009/05/01 11:30:40 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_4b0.dat
[2009/05/01 01:43:04 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_498.dat
[2009/04/30 20:56:43 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_484.dat
[2009/04/30 20:41:08 | 00,001,368 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/04/30 20:36:50 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgfwdx.dll
[2009/04/30 20:36:50 | 00,029,208 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgfwdx.sys
[2009/04/30 18:19:42 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_638.dat
[2009/04/29 12:54:36 | 00,054,156 | -H-- | C] () -- C:\WINNT\QTFont.qfn
[2009/04/29 12:54:36 | 00,001,409 | ---- | C] () -- C:\WINNT\QTFont.for
[2009/04/28 22:30:55 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_574.dat
[2009/04/27 08:58:13 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_400.dat
[2009/04/20 13:30:10 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_47c.dat
[2009/04/19 12:30:19 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_3e4.dat
[2009/04/16 16:20:00 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_430.dat
[2009/04/16 01:17:23 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_68c.dat
[2009/04/16 01:17:00 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_618.dat
[2009/04/04 21:22:11 | 00,001,466 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\H&R Block TaxCut 2008.lnk
[2009/04/04 21:20:10 | 00,000,000 | ---D | C] -- C:\Program Files\TaxCut08
[2009/04/03 14:39:44 | 00,000,000 | ---D | C] -- C:\Program Files\Ares
[2008/08/31 10:22:34 | 00,003,654 | ---- | C] () -- C:\WINNT\System32\drivers\Sonyhcp.dll
[2008/08/18 13:40:32 | 00,001,792 | ---- | C] () -- C:\WINNT\cdplayer.ini
[2008/08/08 16:49:52 | 00,000,377 | ---- | C] () -- C:\WINNT\wTRTv5.ini
[2008/06/25 13:15:49 | 00,176,235 | ---- | C] () -- C:\WINNT\System32\Primomonnt.dll
[2008/06/25 11:23:31 | 00,000,000 | ---- | C] () -- C:\WINNT\vtpwra.INI
[2008/06/24 23:19:29 | 00,000,028 | ---- | C] () -- C:\WINNT\pdf995.ini
[2008/04/28 11:13:33 | 00,000,310 | ---- | C] () -- C:\WINNT\primopdf.ini
[2008/01/09 23:41:13 | 00,001,818 | R--- | C] () -- C:\WINNT\System32\lthomol.ini
[2008/01/06 20:15:06 | 00,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2007/08/11 10:50:06 | 00,000,000 | ---- | C] () -- C:\WINNT\netMedic.INI
[2007/08/10 02:43:24 | 00,024,576 | ---- | C] () -- C:\WINNT\System32\vshook.dll
[2007/06/15 16:05:13 | 00,077,312 | ---- | C] () -- C:\WINNT\ua2.dll
[2007/06/02 19:11:59 | 00,032,140 | ---- | C] () -- C:\WINNT\System32\drivers\STK017W1.sys
[2007/05/30 21:17:03 | 00,001,024 | ---- | C] () -- C:\WINNT\MAXLINK.INI
[2007/05/30 21:17:03 | 00,000,090 | ---- | C] () -- C:\WINNT\calera.ini
[2007/05/30 21:16:58 | 00,269,312 | ---- | C] () -- C:\WINNT\System32\FPXIG.DLL
[2007/05/30 21:16:58 | 00,068,096 | ---- | C] () -- C:\WINNT\System32\IGFPX32P.DLL
[2007/05/30 21:16:58 | 00,065,024 | ---- | C] () -- C:\WINNT\System32\JPEGACC.DLL
[2007/05/30 21:16:41 | 00,101,376 | ---- | C] () -- C:\WINNT\System32\WELSOF32.DLL
[2007/03/07 02:55:58 | 00,007,854 | ---- | C] () -- C:\WINNT\System32\ftpctrs.ini
[2007/03/07 02:55:57 | 00,038,523 | ---- | C] () -- C:\WINNT\System32\w3ctrs.ini
[2007/03/07 02:55:56 | 00,011,355 | ---- | C] () -- C:\WINNT\System32\infoctrs.ini
[2007/03/07 02:52:52 | 00,021,789 | ---- | C] () -- C:\WINNT\System32\smtpctrs.ini
[2007/03/07 02:52:52 | 00,001,037 | ---- | C] () -- C:\WINNT\System32\ntfsdrct.ini
[2007/03/06 19:07:41 | 00,040,960 | ---- | C] () -- C:\WINNT\System32\IsUser11b.dll
[2007/03/06 19:07:32 | 00,000,594 | ---- | C] () -- C:\WINNT\System32\wlan.ini
[2007/02/19 23:07:06 | 00,000,142 | ---- | C] () -- C:\WINNT\wpd99.drv
[2007/02/19 23:06:53 | 00,051,716 | ---- | C] () -- C:\WINNT\System32\pdf995mon.dll
[2007/02/15 04:38:51 | 00,001,425 | ---- | C] () -- C:\WINNT\WinInit.INI
[2007/02/11 12:39:41 | 00,000,272 | ---- | C] () -- C:\WINNT\_delis32.ini
[2007/02/09 23:02:14 | 00,000,238 | ---- | C] () -- C:\WINNT\ODBC.INI
[2007/02/09 20:48:42 | 00,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2007/02/09 19:08:17 | 00,009,584 | ---- | C] () -- C:\WINNT\System32\axperf.ini
[2007/02/09 02:18:31 | 00,000,035 | ---- | C] () -- C:\WINNT\InfModM.ini
[2007/02/09 02:15:45 | 00,000,015 | ---- | C] () -- C:\WINNT\wgedit.ini
[2007/02/09 02:15:41 | 00,057,344 | ---- | C] () -- C:\WINNT\uninstBVRP.dll
[2000/07/26 12:00:00 | 00,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[2000/07/26 12:00:00 | 00,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[2000/07/26 12:00:00 | 00,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[2000/07/26 12:00:00 | 00,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[2000/07/26 12:00:00 | 00,000,399 | ---- | C] () -- C:\WINNT\win.ini
[2000/07/26 12:00:00 | 00,000,266 | ---- | C] () -- C:\WINNT\system.ini
[2000/07/26 12:00:00 | 00,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 05:36:24 | 00,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 05:36:22 | 00,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys

========== Files - Modified Within 30 Days ==========

[3 C:\WINNT\System32\*.tmp files]
[4 C:\WINNT\*.tmp files]
[2009/05/03 12:46:42 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_488.dat
[2009/05/03 12:46:20 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009/05/03 12:46:12 | 00,000,000 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2009/05/03 12:02:31 | 00,008,192 | ---- | M] () -- C:\WINNT\System32\default_user_class.dat
[2009/05/03 09:24:15 | 00,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/03 09:11:32 | 00,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/05/03 09:11:32 | 00,000,481 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/05/03 08:47:20 | 00,001,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HijackThis.lnk
[2009/05/02 19:47:59 | 00,001,631 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/05/02 18:51:45 | 00,410,404 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2009/05/02 18:51:44 | 00,470,590 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2009/05/02 18:51:44 | 00,069,382 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2009/05/02 13:48:30 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_470.dat
[2009/05/02 13:24:08 | 35,653,984 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\incavi.avm
[2009/05/02 13:23:08 | 00,047,729 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\microavi.avg
[2009/05/01 11:30:40 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_4b0.dat
[2009/05/01 01:43:04 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_498.dat
[2009/04/30 20:56:43 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_484.dat
[2009/04/30 20:45:43 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgtdix.sys
[2009/04/30 20:45:42 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgldx86.sys
[2009/04/30 20:45:42 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgmfx86.sys
[2009/04/30 20:41:08 | 00,001,368 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/04/30 20:41:06 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgrsstx.dll
[2009/04/30 20:36:50 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\avgfwdx.dll
[2009/04/30 20:36:50 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\drivers\avgfwdx.sys
[2009/04/30 18:19:42 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_638.dat
[2009/04/29 12:54:36 | 00,054,156 | -H-- | M] () -- C:\WINNT\QTFont.qfn
[2009/04/29 12:54:36 | 00,001,409 | ---- | M] () -- C:\WINNT\QTFont.for
[2009/04/28 22:30:55 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_574.dat
[2009/04/28 18:05:16 | 00,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2009/04/27 13:30:08 | 00,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2009/04/27 08:58:13 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_400.dat
[2009/04/23 09:06:15 | 00,001,537 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/04/22 15:30:42 | 00,001,481 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/20 13:30:10 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_47c.dat
[2009/04/19 12:30:19 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_3e4.dat
[2009/04/18 09:12:58 | 00,434,673 | ---- | M] () -- C:\WINNT\System32\drivers\Avg\miniavi.avg
[2009/04/16 16:20:00 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_430.dat
[2009/04/16 01:17:23 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_68c.dat
[2009/04/16 01:17:00 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_618.dat
[2009/04/06 17:59:47 | 00,001,466 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\H&R Block TaxCut 2008.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
< End of report >

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


EXTRAS FILE


OTListIt Extras logfile created on: 03/05/2009 13:22:30 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Administrator\Desktop\downloads
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.30 Mb Total Physical Memory | 131.56 Mb Available Physical Memory | 25.73% Memory free
1.44 Gb Paging File | 1.03 Gb Available in Paging File | 71.41% Paging File free
Paging file location(s): C:\pagefile.sys 1000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 18.70 Gb Free Space | 50.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GENE-FLA2R478BX
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = ] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] --

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3E713D52-C967-41FB-AA24-3A92CC1025A4}" = Remote Desktop Connection
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.09
"{516150A4-CDD5-4CAC-92EC-D2999C108029}" = TaxCut Tennessee 2007
"{5B239A98-4222-4D8C-AF38-1A8EC07F956B}" =
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5D0930A0-1033-433A-8BB9-602665550DD0}" =
"{663E217E-FC26-4249-9E8E-F190CD63E737}" = TaxCut Premium + State 2007
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6F716D8C-398F-11D3-85E1-005004838609}" = WebFldrs
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F231232-C309-4401-964A-2A002B6E1ED9}" = Microsoft Baseline Security Analyzer 2.0.1
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Seagate DiscWizard
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A1C8D94A-4303-4489-B585-4B6E6CD408CB}" = OpenOffice.org 2.2
"{A4D58580-EA01-11D3-9318-008048B86EFE}" = Santa Cruz
"{ABCE1C63-56ED-41FF-BEAF-57321F70DC49}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CEABB85A-22B9-4DEF-B881-51FEC54FD441}" = SIM Edit Tool
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{EAB938C1-1193-465A-8E19-680654405477}" = STK017_V2.01
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"7-Zip" = 7-Zip 4.44 beta
"AddressBook" =
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ares" = Ares 2.1.1
"AVG8Uninstall" = AVG 8.5
"BellsouthHelpCenter4.0b_is1" = FastAccess® DSL Help Center 4.3
"Branding" =
"CCleaner" = CCleaner (remove only)
"Connection Manager" =
"DirectAnimation" =
"DirectDrawEx" =
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DXM_Runtime" =
"ERUNT_is1" = ERUNT 1.1j
"expinst" =
"Fontcore" =
"Free Registry Defrag_is1" = Free Registry Defrag
"Glary Registry Repair_is1" = Glary Registry Repair 2.9
"HijackThis" = HijackThis 2.0.2
"ICW" =
"IE40" =
"IE4Data" =
"IE5BAKEX" =
"IEData" =
"IEREADME" =
"ImgBurn" = ImgBurn
"InCD!UninstallKey" = InCD
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InterVideo WinDVD" = InterVideo WinDVD
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LTWinModem" = Lucent Win Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee SiteAdvisor" = McAfee SiteAdvisor
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft NetShow Player 2.0" =
"MobileOptionPack" =
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MsJavaVM" =
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NetMeeting" =
"NVIDIA Display Driver" = NVIDIA Display Driver
"OneTouch Version 3.0" = OneTouch Version 3.0
"OutlookExpress" =
"PaperPort 7.02" = PaperPort 7.02
"PrimoPDF4.0.2.5" = PrimoPDF
"Q820608" = Windows 2000 Hotfix (SP5) Q820608
"Q828026" = Windows Media Player Hotfix [See Q828026 for more information]
"SchedulingAgent" =
"Shockwave" =
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype™ for Pocket PC_is1" = Skype™ for Pocket PC 2.2
"TaxCut Premium 2006" = TaxCut Premium 2006
"UltraISO_is1" = UltraISO Premium V8.65
"Update Rollup 1" = Update Rollup 1 for Windows 2000 SP4
"Windows 2000 Service Pack" =
"WMP7" = Windows Media Player system update (9 Series)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/05/2009 13:05:06 | Computer Name = GENE-FLA2R478BX | Source = FTPCtrs | ID = 1000
Description = Unable to collect the FTP performance statistics. The error code returned
by the service is data DWORD 0. For additional information specific to this message
please visit the Microsoft Online Support site located at: http://www.microsoft...entredirect.asp.

Error - 03/05/2009 13:05:06 | Computer Name = GENE-FLA2R478BX | Source = PerfDisk | ID = 1000
Description = Unable to open the Disk performance object. Status code returned is
data
DWORD 0.

Error - 03/05/2009 13:05:06 | Computer Name = GENE-FLA2R478BX | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 03/05/2009 13:05:06 | Computer Name = GENE-FLA2R478BX | Source = PerfNet | ID = 2002
Description = Unable to open the Redirector service. Redirector performance data
will not be returned. Error code returned is in data DWORD 0.

Error - 03/05/2009 13:05:07 | Computer Name = GENE-FLA2R478BX | Source = rasctrs | ID = 2001
Description =

Error - 03/05/2009 13:46:22 | Computer Name = GENE-FLA2R478BX | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 03/05/2009 13:48:35 | Computer Name = GENE-FLA2R478BX | Source = IISInfoCtrs | ID = 1003
Description = Unable to query the IIS Info service performance data. The error code
returned by the service is data DWORD 0. For additional information specific to
this message please visit the Microsoft Online Support site located at: http://www.microsoft...entredirect.asp.

Error - 03/05/2009 13:48:47 | Computer Name = GENE-FLA2R478BX | Source = FTPCtrs | ID = 1000
Description = Unable to collect the FTP performance statistics. The error code returned
by the service is data DWORD 0. For additional information specific to this message
please visit the Microsoft Online Support site located at: http://www.microsoft...entredirect.asp.

Error - 03/05/2009 13:48:48 | Computer Name = GENE-FLA2R478BX | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 03/05/2009 13:48:48 | Computer Name = GENE-FLA2R478BX | Source = PerfNet | ID = 2002
Description = Unable to open the Redirector service. Redirector performance data
will not be returned. Error code returned is in data DWORD 0.

[ System Events ]
Error - 03/05/2009 13:04:46 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7001
Description = The FTP Publishing Service service depends on the IIS Admin Service
service which failed to start because of the following error: %%1068

Error - 03/05/2009 13:04:46 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7001
Description = The Simple Mail Transport Protocol (SMTP) service depends on the IIS
Admin Service service which failed to start because of the following error: %%1068

Error - 03/05/2009 13:04:46 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 AvgTdiX cmosa NetBT RasAcd SASDIFSV SASKUTIL Tcpip

Error - 03/05/2009 13:05:07 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1077

Error - 03/05/2009 13:08:47 | Computer Name = GENE-FLA2R478BX | Source = DCOM | ID = 10010
Description = The server {1BE1F766-5536-11D1-B726-00C04FB926AF} did not register
with DCOM within the required timeout.

Error - 03/05/2009 13:42:23 | Computer Name = GENE-FLA2R478BX | Source = DCOM | ID = 10010
Description = The server {1BE1F766-5536-11D1-B726-00C04FB926AF} did not register
with DCOM within the required timeout.

Error - 03/05/2009 13:45:54 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7022
Description = The DNS Client service hung on starting.

Error - 03/05/2009 13:46:36 | Computer Name = GENE-FLA2R478BX | Source = Print | ID = 23
Description = Printer CAPTURE FAX BVRP failed to initialize because a suitable CAPTURE
FAX BVRP driver could not be found.

Error - 03/05/2009 13:47:06 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7023
Description = The FTP Publishing Service service terminated with the following error:
%%1747

Error - 03/05/2009 13:47:06 | Computer Name = GENE-FLA2R478BX | Source = Service Control Manager | ID = 7023
Description = The Simple Mail Transport Protocol (SMTP) service terminated with
the following error: %%1747


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP