Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Quick Check Up

Started by VYPEREGT , May 05 2009 12:40 PM

  • Please log in to reply

#1
VYPEREGT
Posted 05 May 2009 - 12:40 PM

VYPEREGT

    Member

  • Member
  • PipPip
  • 23 posts
Rooter:

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:238464 Mo/Free:2394 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [Removable] (Total:116 Mo/Free:45 Mo)

Tue 05/05/2009|14:18

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\StkASv2K.exe
---------- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
---------- c:\WINDOWS\system32\ZuneBusEnum.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgemc.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\igfxtray.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\Zune\ZuneLauncher.exe
---------- C:\Program Files\AVG\AVG8\avgcsrvx.exe
---------- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Tue 05/05/2009|14:00
2 - "C:\Rooter$\Rooter_2.txt" - Tue 05/05/2009|14:18

----------------------\\ Scan completed at 14:18


....................................................................................................
....................................................

OTLIST


OTListIt logfile created on: 5/5/2009 2:05:40 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Name\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.74% Memory free
3.33 Gb Paging File | 3.03 Gb Available in Paging File | 90.87% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 210.34 Gb Free Space | 90.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 116.73 Mb Total Space | 45.60 Mb Free Space | 39.06% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ABYSSGT
Current User Name: Name
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/05/05 12:16:08 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
PRC - [2006/05/23 23:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K.exe
PRC - [2006/09/28 05:20:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2008/12/12 12:41:02 | 00,060,032 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2009/05/05 12:16:20 | 00,486,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/05/05 12:16:11 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/05/05 12:16:13 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/24 00:50:30 | 00,094,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2005/08/24 00:47:18 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2005/08/24 00:51:12 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2005/10/12 13:30:42 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
PRC - [2005/10/14 05:51:40 | 14,864,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/05/05 12:16:15 | 01,947,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008/12/12 12:41:06 | 00,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009/05/05 12:16:19 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2007/01/12 03:09:28 | 00,488,984 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/04/23 04:00:00 | 00,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007/04/11 15:32:22 | 00,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
PRC - [2009/05/05 14:04:54 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Name\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2004/10/22 14:42:44 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Stopped])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/05/05 12:16:11 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/05/05 12:16:08 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe -- (IAANTMon [Auto | Running])
SRV - [2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/05/23 23:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K.exe -- (StkASSrv [Auto | Running])
SRV - [2006/09/28 05:20:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/12/12 12:41:02 | 00,060,032 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum [Auto | Running])
SRV - [2008/12/12 12:41:18 | 05,117,568 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc [On_Demand | Stopped])
SRV - [2008/12/12 12:41:08 | 00,243,840 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2005/03/22 20:17:34 | 00,450,400 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\system32\DRIVERS\A3AB.sys -- (A3AB [On_Demand | Running])
DRV - [2004/07/27 12:20:46 | 00,028,205 | ---- | M] (Alpha Networks Inc.) -- C:\WINDOWS\system32\ANIO.SYS -- (ANIO [Auto | Running])
DRV - [2009/05/05 12:16:19 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/05/05 12:16:19 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/05/05 12:16:11 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/12/18 10:02:32 | 01,051,136 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys -- (CAMTHWDM [Auto | Running])
DRV - [2005/09/21 10:42:30 | 00,162,816 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2005/10/12 03:15:50 | 00,007,552 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ELacpi.sys -- (ELacpi [On_Demand | Running])
DRV - [2005/01/07 18:07:16 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/08/24 01:20:08 | 01,052,732 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2005/10/12 13:07:12 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2005/10/18 01:15:42 | 04,034,048 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007/04/11 15:32:52 | 00,034,832 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
DRV - [2007/04/11 15:32:58 | 00,036,112 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
DRV - [2004/07/29 13:14:22 | 00,091,577 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\P0620Vid.sys -- (PD0620VID [On_Demand | Stopped])
DRV - [2004/08/04 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2006/11/15 17:32:44 | 00,242,139 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkAMini.sys -- (StkAMini [On_Demand | Stopped])
DRV - [2006/06/27 18:27:18 | 00,004,772 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkScan.sys -- (StkScan [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2006/11/02 07:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\WinUSB.sys -- (WinUSB [On_Demand | Stopped])
DRV - [2008/11/10 12:09:32 | 00,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys -- (zumbus [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wapp.verizon....p;bm=ho_central
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://wapp.verizon....&bm=ho_central"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.5.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/05/05 13:26:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/28 11:39:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/04 13:03:27 | 00,000,000 | ---D | M]

[2009/03/18 19:50:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Name\Application Data\mozilla\Extensions
[2009/03/18 19:50:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Name\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/04 14:41:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Name\Application Data\mozilla\Firefox\Profiles\jtzw2he9.default\extensions
[2009/04/10 18:27:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Name\Application Data\mozilla\Firefox\Profiles\jtzw2he9.default\extensions\[email protected]
[2009/03/18 19:50:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 11:39:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/28 11:39:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 11:39:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/26 01:03:55 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/26 01:03:55 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/26 01:03:55 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/26 01:03:55 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/26 01:03:55 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/26 01:03:55 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/26 01:03:55 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" (Logitech Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe" File not found
O4 - HKLM..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Expression\Web 2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1237430017656 (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/18 02:18:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/05 14:04:54 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Name\Desktop\OTListIt2.exe
[2009/05/05 13:59:55 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/05 13:59:34 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\Rooter.exe
[2009/05/04 15:48:50 | 00,000,022 | ---- | C] () -- C:\WINDOWS\msnmsgr.exe.ini
[2009/05/03 14:21:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/03 14:20:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/03 14:20:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/05/03 14:20:46 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/05/03 14:19:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/05/02 23:15:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/04/26 22:28:25 | 00,000,694 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WebcamMax.lnk
[2009/04/26 22:28:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webcammax
[2009/04/26 22:28:06 | 00,000,000 | ---D | C] -- C:\Program Files\WebcamMax
[2009/04/26 16:08:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Name\Application Data\Webcammax
[2009/04/26 16:08:26 | 01,051,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/04/26 16:07:49 | 08,282,481 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\WebcamMax-5.1.1.6.MultiLanguage.Setup.exe
[2009/04/26 14:55:21 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/04/26 13:42:14 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\Desktop
[2009/04/25 17:44:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2009/04/25 17:39:01 | 00,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/04/25 17:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Name\Application Data\InstallShield
[2009/04/25 16:33:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\My Documents\Games
[2009/04/23 21:30:32 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\mega
[2009/04/23 20:14:36 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\omega
[2009/04/23 18:27:49 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\Backup
[2009/04/23 16:56:03 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\tod
[2009/04/23 15:38:53 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\Desktop\ep
[2009/04/20 19:12:08 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009/04/20 16:15:06 | 00,085,580 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\pictures.jpg
[2009/04/16 11:20:26 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 11:20:26 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 11:20:26 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 11:20:26 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 11:20:26 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 11:20:26 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 11:20:25 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 11:20:25 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 11:20:25 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 11:20:12 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 11:20:12 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 11:20:11 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/12 20:40:32 | 00,000,000 | ---D | C] -- C:\Program Files\Project
[2009/04/12 20:31:48 | 00,000,000 | ---D | C] -- C:\Program Files\SplitCam
[2009/04/11 16:39:20 | 00,013,181 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\wii-logo.jpg
[2009/04/11 16:30:23 | 00,033,723 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\rockband2logo490.jpg
[2009/04/11 16:21:16 | 00,024,553 | ---- | C] () -- C:\DOCUME~1\Name\Desktop\rockband.gif
[2009/04/11 15:41:58 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2009/04/10 12:52:22 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Name\My Documents\Ulead VideoStudio SE
[2009/04/10 12:52:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Name\Application Data\Ulead Systems
[2009/04/10 12:49:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windows media
[2009/04/10 12:49:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/04/10 12:49:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/04/10 12:49:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/04/10 12:49:21 | 00,001,855 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Ulead VideoStudio SE DVD.lnk
[2009/04/10 12:49:21 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2009/04/10 12:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Ulead Systems
[2009/04/10 12:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems
[2009/04/10 12:48:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/04/10 12:44:07 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2009/04/10 12:44:07 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2009/04/10 12:42:26 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2009/04/10 12:42:26 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2009/04/10 12:42:17 | 10,479,603 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkAPipe.sys
[2009/04/10 12:42:17 | 00,653,988 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkAPin.sys
[2009/04/10 12:42:17 | 00,243,212 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkACamd.sys
[2009/04/10 12:42:17 | 00,242,139 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkAMini.sys
[2009/04/10 12:42:17 | 00,106,496 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\Stk1150.exe
[2009/04/10 12:42:17 | 00,061,440 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\StkATVAp.exe
[2009/04/10 12:42:17 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAWIA.dll
[2009/04/10 12:42:17 | 00,049,152 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp.ax
[2009/04/10 12:42:17 | 00,045,056 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAVFW.dll
[2009/04/10 12:42:17 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAUSD.dll
[2009/04/10 12:42:17 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K.exe
[2009/04/10 12:42:17 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASSrv.dll
[2009/04/10 12:42:17 | 00,018,754 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkASam.sys
[2009/04/10 12:42:17 | 00,004,772 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\drivers\StkScan.sys
[2009/04/10 12:07:36 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp(6).ax
[2009/04/10 12:07:36 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp(5).ax
[2009/04/10 12:07:36 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp(4).ax
[2009/04/10 12:07:36 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp(3).ax
[2009/04/10 12:07:36 | 00,053,248 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkAProp(2).ax
[2009/04/10 12:07:36 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K(6).exe
[2009/04/10 12:07:36 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K(5).exe
[2009/04/10 12:07:36 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K(4).exe
[2009/04/10 12:07:36 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K(3).exe
[2009/04/10 12:07:36 | 00,024,576 | ---- | C] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K(2).exe
[2009/04/10 12:07:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext(6).ax
[2009/04/10 12:07:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext(5).ax
[2009/04/10 12:07:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext(4).ax
[2009/04/10 12:07:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext(3).ax
[2009/04/10 12:07:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext(2).ax
[2009/04/09 18:46:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/03/21 19:26:54 | 00,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/03/21 19:26:54 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/03/18 11:41:52 | 00,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2004/08/04 08:00:00 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2004/08/04 08:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/05 14:04:54 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Name\Desktop\OTListIt2.exe
[2009/05/05 13:59:34 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\Rooter.exe
[2009/05/05 13:27:13 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/05 13:27:06 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Name\Local Settings\desktop.ini
[2009/05/05 13:26:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/05 13:26:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/05 12:16:34 | 35,810,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/05 12:16:34 | 00,049,033 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/05 12:16:20 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/05/05 12:16:19 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/05/05 12:16:19 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/05/05 12:16:11 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/05/04 15:48:50 | 00,000,022 | ---- | M] () -- C:\WINDOWS\msnmsgr.exe.ini
[2009/05/04 14:48:55 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/04 14:48:55 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/30 00:14:34 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/26 22:28:25 | 00,000,694 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WebcamMax.lnk
[2009/04/26 16:07:56 | 08,282,481 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\WebcamMax-5.1.1.6.MultiLanguage.Setup.exe
[2009/04/26 12:40:19 | 00,434,088 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/26 12:40:19 | 00,068,024 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/25 17:39:01 | 00,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/04/20 19:12:08 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009/04/20 16:15:06 | 00,085,580 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\pictures.jpg
[2009/04/18 22:03:48 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/11 16:39:20 | 00,013,181 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\wii-logo.jpg
[2009/04/11 16:30:24 | 00,033,723 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\rockband2logo490.jpg
[2009/04/11 16:21:17 | 00,024,553 | ---- | M] () -- C:\DOCUME~1\Name\Desktop\rockband.gif
[2009/04/10 12:51:21 | 00,151,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/10 12:49:21 | 00,001,855 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Ulead VideoStudio SE DVD.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >


--------------------------------------------------------------------------------------------------------------------------------------------------
EXTRAS

OTListIt Extras logfile created on: 5/5/2009 2:05:40 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Name\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.74% Memory free
3.33 Gb Paging File | 3.03 Gb Available in Paging File | 90.87% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 210.34 Gb Free Space | 90.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 116.73 Mb Total Space | 45.60 Mb Free Space | 39.06% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ABYSSGT
Current User Name: Name
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2009/05/05 12:16:11 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2009/05/05 12:15:48 | 01,085,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2009/05/05 12:16:13 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2009/02/06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_XWeb_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_XWeb_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_XWeb_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2
"{90120000-0045-0409-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (English)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_XWeb_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_XWeb_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG8Uninstall" = AVG 8.5
"Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HyperCam 2" = HyperCam 2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebcamMax" = WebcamMax
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XWeb" = Microsoft Expression Web 2
"Zune" = Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/23/2009 5:04:47 PM | Computer Name = ABYSSGT | Source = Application Error | ID = 1000
Description = Faulting application ep.exe, version 0.0.0.0, faulting module msvcrt.dll,
version 7.0.2600.5512, fault address 0x00037c7e.

Error - 4/24/2009 1:25:59 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4000, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/24/2009 1:25:59 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 4/24/2009 1:26:02 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4000, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/25/2009 7:12:18 PM | Computer Name = ABYSSGT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3372, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/25/2009 10:01:00 PM | Computer Name = ABYSSGT | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3372, faulting module
npjustintvpublish.dll, version 3.1.5.5, fault address 0x0011d703.

Error - 4/26/2009 12:40:16 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4000, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/26/2009 12:40:16 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 4/26/2009 12:40:19 PM | Computer Name = ABYSSGT | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4000, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/26/2009 11:59:31 PM | Computer Name = ABYSSGT | Source = Application Error | ID = 1000
Description = Faulting application webcammax.exe, version 5.1.1.6, faulting module
unknown, version 0.0.0.0, fault address 0x010d3968.


< End of report >




Well thats all the txt i got from scans. Also heres the first topic i posted. http://www.geekstogo...Up-t237951.html

Thank You.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP