Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

High CPU Usage while playing game

Started by thejon , May 05 2009 01:03 AM

  • Please log in to reply

#1
thejon
Posted 05 May 2009 - 01:03 AM

thejon

    New Member

  • Member
  • Pip
  • 4 posts
I was referred to this thread from the XP thread. Basically, my computer can run Guild Wars perfectly and even multi-task with windowed-mode. However, when I moved back home for summer, CPU started shooting to 100% for 3-5 minutes out of every 10-15, slowing everything down to a crawl while playing GW. The culprits of high CPU usage are usually very light applications such as Launchy and Digsby (and the obvious GW). For example, when I close Launchy (20-30%), Digsby will shoot up to 20-30%. When I close Digsby, something else will shoot up (Chrome, explorer, etc) until there is nothing extra running.

Following are my OTlist, Extras, rooter, and temperature reports, in that order:

OTListIt logfile created on: 5/5/2009 11:51:51 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 58.08% Memory free
3.85 Gb Paging File | 3.07 Gb Available in Paging File | 79.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.83 Gb Total Space | 15.72 Gb Free Space | 23.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1.92 Gb Total Space | 0.55 Gb Free Space | 28.66% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: JONDELL
Current User Name: Jon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
PRC - C:\WINDOWS\System32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\System32\bcmwltry.exe (Dell Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\UltraMon\UltraMon.exe (Realtime Soft)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
PRC - C:\WINDOWS\system32\taskswitch.exe ()
PRC - C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
PRC - C:\Program Files\AlphaXP Lite\AlphaXPLite.exe ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\UltraMon\UltraMonTaskbar.exe (Realtime Soft)
PRC - C:\Program Files\Launchy\Launchy.exe ()
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\allSnap\allSnap.exe (Ivan Heckman)
PRC - C:\Program Files\Dropbox\Dropbox.exe ()
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe (GP Software)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Digsby\lib\digsby-app.exe (dotSyntax, LLC)
PRC - C:\Program Files\Digsby\lib\aspell\bin\aspell.exe ()
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\Jon\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LVPrcSrv [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MDM [Disabled | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MSSQL$MICROSOFTSMLBIZ [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SQLAgent$MICROSOFTSMLBIZ [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (StarWindServiceAE [Auto | Stopped]) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (wltrysvc [Auto | Running]) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (APPDRV [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (BCM43XX [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys (Broadcom Corporation)
DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (BTSERIAL [Auto | Running]) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (cmdGuard [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmdHlp [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (FilterService [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys (Logitech Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (Inspect [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (LBeepKE [Auto | Running]) -- C:\WINDOWS\System32\Drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (lvpopflt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys ()
DRV - (LVRS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lvrs.sys (Logitech Inc.)
DRV - (LVUSBSta [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVUVC [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lvuvc.sys (Logitech Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\system32\DRIVERS\omci.sys (Dell Inc)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (rimmptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (UltraMonMirror [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys (Realtime Soft)
DRV - (UltraMonUtility [Auto | Running]) -- C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys (Realtime Soft)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (giveio [Boot | Running]) -- C:\WINDOWS\system32\giveio.sys ()
DRV - (speedfan [Boot | Running]) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070108

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/02/25 15:28:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/16 16:17:45 | 00,000,000 | ---D | M]

[2009/01/17 16:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\mozilla\Extensions
[2009/01/17 16:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/02 16:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\mozilla\Firefox\Profiles\ec828n8q.default\extensions
[2009/02/03 12:43:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\mozilla\Firefox\Profiles\ec828n8q.default\extensions\[email protected]
[2009/04/17 16:25:22 | 00,001,595 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Mozilla\FireFox\Profiles\ec828n8q.default\searchplugins\amazondotcom.xml
[2009/04/17 16:25:23 | 00,001,595 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Mozilla\FireFox\Profiles\ec828n8q.default\searchplugins\ebay.xml
[2009/05/02 16:09:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/02/25 15:28:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/12 21:12:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/02/25 15:27:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/02/25 15:27:56 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/02 04:04:40 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/02 04:04:40 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/02 04:04:40 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/02 04:04:40 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/02 04:04:40 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (305173 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10509 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto (Realtime Soft)
O4 - HKCU..\Run: [AlphaXP Lite] "C:\Program Files\AlphaXP Lite\AlphaXPLite.exe" ()
O4 - HKCU..\Run: [Directory Opus Desktop Dblclk] "C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe" /dblclk (GP Software)
O4 - HKCU..\Run: [DOpus] C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\Jon\Start Menu\Programs\Startup\allSnap.lnk = C:\Program Files\allSnap\allSnap.exe (Ivan Heckman)
O4 - Startup: C:\Documents and Settings\Jon\Start Menu\Programs\Startup\digsby.lnk = C:\Program Files\Digsby\digsby.exe ()
O4 - Startup: C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Dropbox.lnk = C:\Program Files\Dropbox\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\GUARD32.DLL) - C:\WINDOWS\SYSTEM32\GUARD32.DLL ()
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\WINDOWS\system32\AVGRSSTX.DLL (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/08/16 15:51:44 | 00,000,109 | ---- | M] () - H:\Autorun.inf -- [ FAT ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70a789c9-e361-11dd-9a29-0019b951b8bb}\Shell\AutoRun\command - "" = H:\LinksysConnectPC.exe -- [2007/08/12 18:43:10 | 02,248,376 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.)
O33 - MountPoints2\{aecd4708-0524-11de-9a44-0019b951b8bb}\Shell\AutoRun\command - "" = I:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2009/05/05 23:40:59 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Jon\Desktop\OTListIt2.exe
[2009/05/05 23:35:15 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/05 23:35:06 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Jon\Desktop\Rooter.exe
[2009/05/05 23:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Malwarebytes
[2009/05/05 23:29:30 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/05 23:29:28 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/05 23:29:26 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/05 23:29:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/05 21:49:22 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2009/05/05 21:49:20 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2009/05/05 19:27:10 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jon\Desktop\ProcessExplorer
[2009/05/05 00:03:01 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/28 22:01:00 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/04/28 15:52:33 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/04/28 15:52:33 | 00,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2009/04/26 14:39:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Activision
[2009/04/26 14:39:37 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Jon\My Documents\Activision
[2009/04/26 02:52:20 | 00,000,296 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/04/22 14:50:06 | 00,000,878 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\coreavc.ini
[2009/04/22 14:23:53 | 00,000,000 | ---D | C] -- C:\Program Files\CoreCodec
[2009/04/21 17:55:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\fltk.org
[2009/04/17 17:59:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2009/04/16 02:16:46 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 02:16:45 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 02:16:45 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 02:16:45 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 02:16:45 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 02:16:44 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 02:16:44 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 02:16:44 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 02:16:44 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 02:16:43 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 02:15:32 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 02:15:30 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 02:15:30 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/15 19:27:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\vlc
[2009/04/15 17:33:04 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Dropbox.lnk
[2009/04/15 17:22:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Dropbox
[2009/04/15 17:22:29 | 00,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2009/04/11 01:44:53 | 00,000,000 | ---D | C] -- C:\Program Files\GW Team Builder
[2009/03/04 17:53:56 | 00,081,110 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/02/15 22:40:40 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/02/07 19:35:04 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/02/07 19:35:04 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/02/07 19:35:04 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/01/10 13:44:41 | 00,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009/01/10 13:44:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/01/10 13:44:09 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009/01/10 13:44:08 | 00,009,853 | ---- | C] () -- C:\WINDOWS\HL-2140.INI
[2009/01/10 13:44:07 | 00,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/01/10 13:42:45 | 00,000,231 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/01/09 22:38:51 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/01/09 21:36:08 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/09 21:16:02 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2009/01/09 20:06:21 | 00,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2009/01/09 19:24:25 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/01/09 19:22:29 | 00,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.5.57173.439_XP_Vista_x32.INI
[2008/12/16 22:58:54 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/12/16 22:50:56 | 00,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2007/01/08 20:24:47 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/01/08 20:14:06 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/01/08 20:06:41 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/01/08 19:57:20 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/01/08 19:57:19 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/01/08 19:32:38 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/01/08 19:32:12 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/24 20:16:22 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 06:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 06:18:43 | 00,000,491 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/16 06:18:41 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 16:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/02/17 14:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 14:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 15:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/03/14 00:22:21 | 00,000,080 | --S- | C] () -- C:\WINDOWS\System32\argtmp39.dll
[1996/04/03 15:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Files - Modified Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/05 23:41:00 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Jon\Desktop\OTListIt2.exe
[2009/05/05 23:35:07 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Jon\Desktop\Rooter.exe
[2009/05/05 21:49:22 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2009/05/05 20:15:15 | 00,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3252591375-1334384998-271129338-1006.job
[2009/05/05 10:58:22 | 35,736,275 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/05 10:58:22 | 00,047,865 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/04 23:57:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/04 23:56:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jon\Local Settings\desktop.ini
[2009/05/04 23:56:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/04 23:56:40 | 21,458,45248 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/01 00:55:50 | 00,467,972 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/01 00:55:50 | 00,400,090 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/01 00:55:50 | 00,061,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/26 02:52:20 | 00,000,296 | ---- | M] () -- C:\WINDOWS\game.ini
[2009/04/23 20:04:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2009/04/23 20:04:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2009/04/22 14:50:06 | 00,000,878 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\coreavc.ini
[2009/04/18 02:45:39 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/17 17:20:27 | 00,305,173 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/15 17:33:38 | 00,000,736 | ---- | M] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Dropbox.lnk
[2009/04/15 17:23:05 | 00,000,231 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2009/04/14 17:09:45 | 00,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\sdpsenv.dat:naughtypirates
< End of report >



OTListIt Extras logfile created on: 5/5/2009 11:51:51 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 58.08% Memory free
3.85 Gb Paging File | 3.07 Gb Available in Paging File | 79.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.83 Gb Total Space | 15.72 Gb Free Space | 23.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1.92 Gb Total Space | 0.55 Gb Free Space | 28.66% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: JONDELL
Current User Name: Jon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM (AOL LLC)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin (Google)
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin (Google)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\GPSoftware\Directory Opus\dopus.exe:*:Enabled:Directory Opus 9 (GP Software)
C:\Program Files\games\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War™ (Activision Blizzard, Inc.)
C:\Program Files\games\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War™ (Activision Blizzard, Inc.)
C:\Program Files\games\Activision\Call of Duty - World at War\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty®: World at War Campaign/Coop (Activision Blizzard, Inc.)
C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe ()
C:\Program Files\Digsby\lib\digsby-app.exe:*:Enabled:Digsby IM (dotSyntax, LLC)
C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary (Sun Microsystems, Inc.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Computer, Inc.)
C:\Program Files\games\Octgn 1\OCTGN.exe:*:Enabled:OCTGN- Online Card and Tabletop Games Network (ODSoft ©2005)
C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{099135FD-4F30-4FC4-B061-C73122DF4022}" = Brother HL-2140
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{5012BC0C-7E1A-329A-8F02-B6846070C5F8}" = Google Talk Plugin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{556DF27F-5B74-11D5-B876-004005E12EF1}" = GPSoftware Directory Opus
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{932FB3F3-594D-4600-ABFA-F2DE80A14214}" = Marvel™ - Ultimate Alliance
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A02ED372-22FA-448B-AB6A-1B0FC23B7D08}" = ATI Catalyst Control Center
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E67FF1A2-23C1-4102-84E9-42115F77AD32}" = UltraMon
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AIM_6" = AIM 6
"allSnap_is1" = allSnap version 1.33.2
"AlphaXP Lite" = AlphaXP Lite
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"AVG8Uninstall" = AVG Free 8.0
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner (remove only)
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Internet Security" = COMODO Internet Security
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"Diablo II" = Diablo II
"Digsby" = Digsby
"Dropbox" = Dropbox
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow" = ffdshow (remove only)
"foobar2000" = foobar2000 v0.9.6.3
"Guild Wars" = Guild Wars
"Guitar Pro 5_is1" = Guitar Pro 5.2
"GW Team Builder_is1" = GW Team Builder 1.2.1
"HijackThis" = HijackThis 2.0.2
"InstallShield_{932FB3F3-594D-4600-ABFA-F2DE80A14214}" = Marvel™ - Ultimate Alliance
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"Launchy_21344213_is1" = Launchy 2.1.2
"Libra_is1" = Libra 0.9.2
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MultiRes (remove only)" = MultiRes (remove only)
"OCTGN" = OCTGN (remove only)
"PeerGuardian_is1" = PeerGuardian 2.0
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"QuickTime" = QuickTime
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RealPlayer 6.0" = RealPlayer Basic
"Registry Fix_is1" = RegistryFix v7.1
"Revo Uninstaller" = Revo Uninstaller 1.80
"RocketDock_is1" = RocketDock 1.3.5
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Hero Editor V1.03
"Starcraft" = Starcraft
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/27/2009 12:32:52 PM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 4/28/2009 1:10:29 PM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 4/29/2009 10:10:03 AM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 4/29/2009 11:57:12 PM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 4/30/2009 7:05:05 AM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 5/1/2009 12:49:05 AM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 5/1/2009 12:49:26 AM | Computer Name = JONDELL | Source = Google Update | ID = 20
Description =

Error - 5/2/2009 10:15:38 AM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 5/4/2009 6:17:59 PM | Computer Name = JONDELL | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 5/5/2009 1:03:40 AM | Computer Name = JONDELL | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040005.

[ System Events ]
Error - 4/8/2009 8:33:58 PM | Computer Name = JONDELL | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.30.30. The machine with the IP address 192.168.30.32 did
not allow the name to be claimed by this machine.

Error - 4/10/2009 3:31:47 PM | Computer Name = JONDELL | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{3DB18696-A913-412D-92B2-B439BBDA508D}. The
backup browser is stopping.

Error - 4/11/2009 12:29:09 PM | Computer Name = JONDELL | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
JEREMY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3DB18696-A913-412D-92.
The
master browser is stopping or an election is being forced.

Error - 4/12/2009 12:30:19 PM | Computer Name = JONDELL | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
JEREMY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3DB18696-A913-412D-92.
The
master browser is stopping or an election is being forced.

Error - 4/13/2009 3:10:25 PM | Computer Name = JONDELL | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{3DB18696-A913-412D-92B2-B439BBDA508D}. The
backup browser is stopping.

Error - 4/13/2009 5:47:54 PM | Computer Name = JONDELL | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.30.30. The machine with the IP address 192.168.30.32 did
not allow the name to be claimed by this machine.

Error - 4/14/2009 1:08:16 AM | Computer Name = JONDELL | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.30.30 for the Network Card with network
address 0019B951B8BB has been denied by the DHCP server 192.168.30.1 (The DHCP Server
sent a DHCPNACK message).

Error - 4/14/2009 12:24:59 PM | Computer Name = JONDELL | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{3DB18696-A913-412D-92B2-B439BBDA508D}. The
backup browser is stopping.

Error - 4/16/2009 2:37:31 PM | Computer Name = JONDELL | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
HANS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3DB18696-A913-412D-92B2.
The
master browser is stopping or an election is being forced.

Error - 4/16/2009 8:45:17 PM | Computer Name = JONDELL | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.30.33. The machine with the IP address 192.168.30.32 did
not allow the name to be claimed by this machine.


< End of report >


Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:69460 Mo/Free:3818 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:1966 Mo/Free:563 Mo)

Tue 05/05/2009|23:37

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
--Locked-- cmdagent.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\WLTRYSVC.EXE
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\System32\bcmwltry.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\UltraMon\UltraMon.exe
--Locked-- cfp.exe
---------- C:\WINDOWS\system32\taskswitch.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\GPSoftware\Directory Opus\dopus.exe
---------- C:\Program Files\AlphaXP Lite\AlphaXPLite.exe
---------- C:\Program Files\RocketDock\RocketDock.exe
---------- C:\Program Files\UltraMon\UltraMonTaskbar.exe
---------- C:\Program Files\Launchy\Launchy.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\Program Files\allSnap\allSnap.exe
---------- C:\Program Files\Dropbox\Dropbox.exe
---------- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
---------- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
---------- C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\ehome\mcrdsvc.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Digsby\lib\digsby-app.exe
---------- C:\Program Files\Digsby\lib\aspell\bin\aspell.exe
---------- C:\Program Files\Windows Media Player\WMPNetwk.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
---------- C:\Program Files\foobar2000\foobar2000.exe
---------- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Tue 05/05/2009|23:39

----------------------\\ Scan completed at 23:39


Temperatures taken with SpeedFan
Idle temp:
Hd0: 39c (green check mark)
Temp1: 70C (fire icon)
Core 0: ~60C (fire icon)
Core 1: ~60C (fire icon)

During GW:
Hd0: 43C (red arrow pointing up)
Temp1: 70C fire
Core 0: ~78C fire
Core 1: ~78C fire

Thanks so much in advance.
Jon
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP