Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

computer turns off and pop ups


  • Please log in to reply

#1
parodoxicalplay

parodoxicalplay

    New Member

  • Member
  • Pip
  • 6 posts
my computer has been turning off a lot and has been doing it more consistantly of late. It mainly does it when i am streaming videos. I also am recieving a lot of pop ups from different sites such as poker.com. Here is my log and i would be very appreciative if you could tell me how to speed up the computer and whats slowing the it down and causing all these problems.

Thanks Conall

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:05:44, on 02/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.h...a...n&pf=laptop
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [WeFi] C:\Program Files\WeFi\WeFi.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: CabBuilder - http://kiw.imgag.com...llerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ent/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zon...ss.cab57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NinjaVideo Helper (NinjaVideo Helper.exe) - NinjaVideo - C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe
O23 - Service: SecureSrv - Unknown owner - C:\Program Files\Hide My IP 2008\SecureSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 15135 bytes
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi I see no apparent malware in your logs.
SInce this does not appear to be malware related I recommend posting a new topic in this forum:
http://www.geekstogo...pherals-f9.html

They should be able to get to the bottom of it there.

Thanks.
  • 0

#3
parodoxicalplay

parodoxicalplay

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
tried running malware bytes but every time that i do it does find infections but then it uses 100% process and the computer turns off also happens when streaming videos i have no idea what to do any help would be appreciated because im so stuck really dont know what i can do.

thanks


OTL logfile created on: 09/06/2009 04:45:22 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\ADMIN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.48 Mb Total Physical Memory | 141.95 Mb Available Physical Memory | 27.81% Memory free
1.97 Gb Paging File | 1.33 Gb Available in Paging File | 67.65% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 19.27 Gb Free Space | 20.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 55.90 Gb Total Space | 4.29 Gb Free Space | 7.68% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CO-F23CF317592F
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\WINDOWS\System32\wudfhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
PRC - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
PRC - C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe (NinjaVideo)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\Hide My IP 2008\SecureSrv.exe ()
PRC - C:\Program Files\HPQ\shared\hpqwmi.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe (Camshare LLC)
PRC - C:\Program Files\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\ADMIN\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (comHost [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqwmi [On_Demand | Running]) -- C:\Program Files\HPQ\shared\hpqwmi.exe (Hewlett-Packard Development Company, L.P.)
SRV - (InCDsrv [Auto | Running]) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (LiveUpdate Notice [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LVCOMSer [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (LVPrcSrv [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVSrvLauncher [Auto | Stopped]) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NinjaVideo Helper.exe [Auto | Running]) -- C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe (NinjaVideo)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (SecureSrv [On_Demand | Running]) -- C:\Program Files\Hide My IP 2008\SecureSrv.exe ()
SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (usnjsvc [On_Demand | Running]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys (Broadcom Corporation)
DRV - (BrScnUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (CAMCAUD [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)
DRV - (CAMCHALA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)
DRV - (COH_Mon [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\COH_Mon.sys (Symantec Corporation)
DRV - (CO_Mon [Auto | Running]) -- C:\WINDOWS\system32\drivers\CO_Mon.sys (Symantec Corporation)
DRV - (eabfiltr [System | Running]) -- C:\WINDOWS\system32\drivers\EABFiltr.sys (Hewlett-Packard Company)
DRV - (eabusb [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\eabusb.sys (Hewlett-Packard Company)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSFHWATI [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (InCDfs [Disabled | Running]) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass [System | Running]) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys (Nero AG)
DRV - (incdrm [System | Running]) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (LVcKap [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LVcKap.sys (Logitech Inc.)
DRV - (LVMVDrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys (Logitech Inc.)
DRV - (LVPr2Mon [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys ()
DRV - (LVUSBSta [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090608.033\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090608.033\NAVEX15.SYS (Symantec Corporation)
DRV - (npf [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (NTPASp50 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\NTPASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NwlnkIpx [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys (Microsoft Corporation)
DRV - (pepifilter [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lv302af.sys (Logitech Inc.)
DRV - (PID_PEPI [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS (Logitech Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SPLITCAM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\splitcam.sys (LoteSoft Co.)
DRV - (SRTSP [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMDNS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMIDSCO [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090528.001\symidsco.sys (Symantec Corporation)
DRV - (SymIM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (SymIMMP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SymIM.sys (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (tifm21 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (VClone [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.6.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.3.20080730
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MOZILLA\FIREFOX EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} [2007/08/18 01:15:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/06/05 18:06:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/08 03:28:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/06/03 02:17:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 12:51:51 | 00,000,000 | ---D | M]

[2008/12/16 13:40:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Extensions
[2008/12/16 13:40:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/08 17:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions
[2009/05/13 20:19:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/20 01:59:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2009/05/19 09:12:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}
[2009/05/19 06:45:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2008/09/11 02:50:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\Access Privileges Test
[2009/05/18 05:46:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\[email protected]
[2009/05/13 20:16:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Application Data\mozilla\Firefox\Profiles\y5hzzx5n.default\extensions\[email protected]
[2009/06/09 04:12:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 06:41:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/11/17 22:50:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008/03/11 19:28:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/12/08 03:29:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2008/11/21 05:45:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/04/28 06:41:10 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 06:41:10 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/06/30 13:44:08 | 00,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/04/23 20:26:37 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 20:26:37 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 20:26:37 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 20:26:37 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 20:26:37 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 20:26:37 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 20:26:37 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Catcher Class) - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll (Moyea Software Co., Ltd.)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SYSTRAN Web Translator 5.0 ) - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll (SYSTRAN)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start (Hewlett-Packard )
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" (Symantec Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (Elaborate Bytes AG)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe (Camshare LLC)
O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m File not found
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - HKCU..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" (Veoh Networks)
O4 - HKCU..\Run: [WeFi] C:\Program Files\WeFi\WeFi.exe (WeFi)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\securenet.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\securenet.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 119 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zon...ss.cab57176.cab (ZoneChess Object)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/01 16:56:19 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/06 21:14:05 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2009/06/09 04:50:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/09 04:46:26 | 03,371,376 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\ADMIN\Desktop\mbam-setup.exe
[2009/06/09 04:44:55 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ADMIN\Desktop\OTL.exe
[2009/06/09 04:40:10 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/09 04:39:59 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\ADMIN\Desktop\Rooter.exe
[2009/06/09 04:23:58 | 00,264,704 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ADMIN\Desktop\TFC.exe
[2009/06/09 04:00:03 | 31,693,599 | ---- | C] (eRightSoft ) -- C:\DOCUME~1\ADMIN\Desktop\SUPERsetup.exe
[2009/06/03 02:08:28 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMIN\Desktop\con donnegan
[2009/06/02 04:49:22 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/31 08:15:52 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMIN\My Documents\Lovemaking
[2009/05/31 06:41:04 | 00,000,000 | ---D | C] -- C:\Downloads
[2009/05/31 05:12:53 | 00,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/05/31 04:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Application Data\CBL-Electronics
[2009/05/31 04:15:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CBL-Electronics
[2009/05/31 04:14:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\cbl electronics shared
[2009/05/31 04:14:29 | 00,000,000 | ---D | C] -- C:\Program Files\cbl electronics inc
[2009/05/31 04:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\DS-MP3 Source
[2009/05/25 03:18:56 | 00,002,074 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2009/05/25 03:18:55 | 00,001,725 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2009/05/22 02:20:31 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/05/22 02:20:31 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/05/19 23:28:55 | 00,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2009/05/19 23:28:55 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2009/05/19 05:50:17 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/05/18 21:01:48 | 00,054,272 | ---- | C] () -- C:\smoking book1.doc
[2009/05/18 04:27:30 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2009/05/18 04:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Nmap
[2009/05/18 00:13:46 | 00,023,552 | ---- | C] () -- C:\DOCUME~1\ADMIN\My Documents\hak.doc
[2009/05/17 16:44:43 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\ADMIN\My Documents\~$eres is an interesting phenomena that I have recently experienced which I would call a type of group theory.doc
[2009/03/15 21:13:10 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/11/21 22:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 22:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/11/21 05:45:26 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\securenet.dll
[2008/06/24 02:22:08 | 00,058,163 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/03/09 21:57:21 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/02/29 05:14:04 | 00,223,744 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll
[2007/12/06 18:51:59 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2007/11/20 04:09:20 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/26 13:24:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007/10/01 19:30:35 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/22 17:47:31 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/09/09 01:09:40 | 00,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/09/09 01:09:40 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007/09/09 01:09:40 | 00,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/08/24 18:46:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/08/22 04:00:13 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/22 04:00:12 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/08/16 18:17:35 | 00,000,080 | RHS- | C] () -- C:\WINDOWS\System32\7E0399548A.dll
[2007/08/02 09:51:55 | 00,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/08/02 09:05:25 | 00,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/08/02 09:00:11 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/08/02 09:00:11 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/08/02 09:00:11 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/08/02 09:00:11 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/08/02 09:00:11 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/08/02 09:00:11 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/07/18 17:42:42 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005/07/01 04:47:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/04 13:00:00 | 00,056,880 | ---- | C] () -- C:\WINDOWS\System32\scvideo.dll
[2004/08/04 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/04 13:00:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/03/04 10:16:34 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/01/22 19:46:56 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 09:00:00 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== Files - Modified Within 30 Days ==========

[2009/06/09 04:50:49 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/09 04:47:08 | 03,371,376 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\ADMIN\Desktop\mbam-setup.exe
[2009/06/09 04:45:00 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ADMIN\Desktop\OTL.exe
[2009/06/09 04:40:00 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\ADMIN\Desktop\Rooter.exe
[2009/06/09 04:38:46 | 31,693,599 | ---- | M] (eRightSoft ) -- C:\DOCUME~1\ADMIN\Desktop\SUPERsetup.exe
[2009/06/09 04:35:45 | 00,000,586 | ---- | M] () -- C:\DOCUME~1\ADMIN\My Documents\My Sharing Folders.lnk
[2009/06/09 04:27:37 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/06/09 04:26:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/09 04:26:42 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\ADMIN\Local Settings\desktop.ini
[2009/06/09 04:26:26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/09 04:26:11 | 53,535,1296 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/09 04:24:05 | 00,264,704 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ADMIN\Desktop\TFC.exe
[2009/06/09 03:39:15 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/07 10:45:40 | 00,001,729 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Adobe Reader 8.lnk
[2009/06/05 20:46:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/02 12:00:00 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/06/02 08:19:11 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/31 05:17:05 | 00,001,356 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/05/29 13:31:23 | 00,002,307 | ---- | M] () -- C:\DOCUME~1\ADMIN\Desktop\Microsoft Word.lnk
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/25 03:19:00 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/25 03:19:00 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/25 03:19:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/22 02:20:31 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/05/19 23:28:55 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/05/19 23:28:55 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/05/19 23:08:49 | 00,054,272 | ---- | M] () -- C:\smoking book1.doc
[2009/05/19 08:29:10 | 00,023,552 | ---- | M] () -- C:\DOCUME~1\ADMIN\My Documents\hak.doc
[2009/05/17 23:23:38 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\ADMIN\Desktop\~$ggested_physiological_essay_structure(2).doc
[2009/05/17 16:44:43 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\ADMIN\My Documents\~$eres is an interesting phenomena that I have recently experienced which I would call a type of group theory.doc
< End of report >


OTL Extras logfile created on: 09/06/2009 04:45:22 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\ADMIN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.48 Mb Total Physical Memory | 141.95 Mb Available Physical Memory | 27.81% Memory free
1.97 Gb Paging File | 1.33 Gb Available in Paging File | 67.65% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 19.27 Gb Free Space | 20.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 55.90 Gb Total Space | 4.29 Gb Free Space | 7.68% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CO-F23CF317592F
Current User Name: ADMIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"17366:TCP" = 17366:TCP:*:Enabled:BitComet 17366 TCP
"17366:UDP" = 17366:UDP:*:Enabled:BitComet 17366 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\BitZip\bitzip.exe:*:Enabled:bitzip ()
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client (Veoh Networks)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client File not found
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)
C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Client Module (Camshare LLC)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Co.)
C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Co.)
C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Co.)
C:\Program Files\Hp\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe (Hewlett-Packard)
C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Disc 2
"{00718491-55BF-46C6-83EF-4B3B95AC807A}" = SplitCam
"{02E22217-0E96-4C3F-B831-83AA942B7715}" = UserGuides
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31C44235-A613-4E95-B297-207BF6C6A8C1}" = Creative ZEN Vision M Series
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3C6848FB-3F23-45F5-BBE1-3DA8A208442D}" = WeFi
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 A3
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6882B3A9-AB98-4ABA-A623-2979FBEA5F9F}_is1" = Moyea FLV Player version 1.3.2.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}" = iTunes
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9785F3-26E3-4731-AD37-65044AE0A129}" = NinjaVideo Helper
"{9DFFF1C0-09DE-4175-87C1-4F436002400F}" = SymNet
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}" = Apple Mobile Device Support
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8D258A4-2BA7-4CB9-8DB3-F424D5A03884}" = e-mix 5.4.0 pro edition
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C4421C89-1F2F-479D-AED1-27ACBF1310E8}" = BTOffer
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B3
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E0B38894-0E4D-4AE1-B17E-CFBC3692E86A}" = SYSTRAN Web Translator 5.0
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{EA426461-31AA-4AB3-B15D-EDD748F08394}_is1" = Moyea FLV Downloader version 1.13.0.10
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Alarm_is1" = Alarm 2.0.4
"All ATI Software" = ATI - Software Uninstall Utility
"AltoMP3 Gold" = AltoMP3 Gold 5.20
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AudibleManager" = AudibleManager
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Burn4Free" = Burn4Free CD and DVD
"Burn4Free Toolbar" = Burn4Free Toolbar
"Camfrog 5.0" = Camfrog Video Chat 5.0 (remove only)
"Chatango" = Chatango Message Catcher
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP
"Compaq Presario r4000 User Guides" = Compaq Presario r4000 User Guides
"Conexant PCI Audio" = Conexant AC-Link Audio
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"DS-MP3 Source" = DS-MP3 Source 1.30
"Easy MP3 Alarm Clock_is1" = Easy MP3 Alarm Clock 1.0
"EVE" = EVE-ONLINE (remove only)
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"ExpressRip" = Express Rip
"Golden" = Golden Records Vinyl to CD Converter
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hide IP Platinum_is1" = Hide IP Platinum 3.5
"Hide My IP 2008_is1" = Hide My IP 2008
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Pavillion zv6000 User Guides" = HP Pavillion zv6000 User Guides
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{C35BF80A-6284-485E-AE18-023AA8C43185}" = VeohTV BETA
"InterActual Player" = InterActual Player
"ISO Commander" = ISO Commander 1.6 (remove only)
"LimeWire" = LimeWire 4.16.6
"Magic ISO Maker v5.5 (build 0272)" = Magic ISO Maker v5.5 (build 0272)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MP3 Player Recovery Tool_is1" = MP3 Player Recovery Tool
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"My Free Web Site Builder_is1" = My Free Web Site Builder
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NetObjects Fusion Essentials" = NetObjects Fusion Essentials
"Nmap" = Nmap 4.85BETA9
"oggcodecs" = oggcodecs 0.71.0946
"PlayMP3" = PlayMP3z
"Prism" = Prism Video Converter
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"QcDrv" = Logitech® Camera Driver
"RealPlayer 6.0" = RealPlayer
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Shop for HP Supplies" = Shop for HP Supplies
"SoundTap" = SoundTap Streaming Audio Recorder
"SpellForce" = SpellForce
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Switch" = Switch Sound File Converter
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"Uninstall Change IP" = Uninstall Change IP
"Veoh Web Player Beta" = Veoh Web Player
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VideoLAN VLC media player 0.8.6e
"WavePad" = WavePad Sound Editor
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winpcap-nmap" = winpcap-nmap 4.02
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YouTube FLV to AVI Suite Enterprise_is1" = YouTube FLV to AVI Suite Enterprise 2.3.4
"YouTube FLV to AVI Suite Pro_is1" = YouTube FLV to AVI Suite Pro 2.3.8
"ZENcast Organizer" = ZENcast Organizer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01/06/2009 23:18:28 | Computer Name = CO-F23CF317592F | Source = Application Hang | ID = 1002
Description = Hanging application WeFi.exe, version 3.3.3.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 02/06/2009 19:58:40 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3399, faulting module
nppl3260.dll, version 6.0.12.46, fault address 0x000054bb.

Error - 02/06/2009 21:18:06 | Computer Name = CO-F23CF317592F | Source = Application Hang | ID = 1002
Description = Hanging application mshta.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 03/06/2009 01:17:02 | Computer Name = CO-F23CF317592F | Source = Application Hang | ID = 1002
Description = Hanging application msnmsgr.exe, version 8.5.1302.1018, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 06/06/2009 14:11:04 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application logitechdesktopmessenger.exe, version 2.52.21.16,
faulting module backweb.dll, version 8.1.1.50, fault address 0x0008b1b1.

Error - 06/06/2009 23:43:01 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3399, faulting module
npdivx32.dll, version 1.4.3.4, fault address 0x0013a14b.

Error - 07/06/2009 05:19:13 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application hpqtra08.exe, version 100.0.170.0, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x00010cce.

Error - 07/06/2009 13:27:04 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module msidcrl40.dll, version 5.0.818.6, fault address 0x000cbe90.

Error - 08/06/2009 22:41:01 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application ctconvu.exe, version 5.51.11.0, faulting module
ctqtsf.ax, version 1.0.4.0, fault address 0x00001f39.

Error - 08/06/2009 22:43:35 | Computer Name = CO-F23CF317592F | Source = Application Error | ID = 1000
Description = Faulting application ctconvu.exe, version 5.51.11.0, faulting module
ctqtsf.ax, version 1.0.4.0, fault address 0x00001f39.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:95385 Mo/Free:3342 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [Fixed] - NTFS - (Total:57239 Mo/Free:300 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

09/06/2009| 4:49

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Ahead\InCD\InCDsrv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\wudfhost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\brsvc01a.exe
---------- C:\WINDOWS\system32\brss01a.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
---------- C:\WINDOWS\system32\CTsvcCDA.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
---------- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
---------- C:\Program Files\QuickTime\QTTask.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
---------- C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
---------- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\Program Files\Ahead\InCD\InCD.exe
---------- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
---------- C:\Program Files\Logitech\QuickCam\Quickcam.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
---------- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
---------- C:\Program Files\Skype\Phone\Skype.exe
---------- C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
---------- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\Program Files\Hide My IP 2008\SecureSrv.exe
---------- C:\Program Files\HPQ\shared\hpqwmi.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
---------- C:\Program Files\Skype\Plugin Manager\skypePM.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
---------- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\Windows Live\Messenger\usnsvc.exe
---------- C:\Program Files\uTorrent\uTorrent.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Documents and Settings\ADMIN\Desktop\OTL.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\ADMIN\Cookies\[email protected][1].txt
C:\DOCUME~1\ADMIN\Cookies\[email protected][1].txt
C:\DOCUME~1\ADMIN\Cookies\[email protected][1].txt
C:\DOCUME~1\ADMIN\Incomplete\T-105165125-Nero 7.0.1.2 Ultra Edition with Keygen - English.zip
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\.datBattlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\Preview-Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\My Documents\Downloads\IMMonitor.MSN.Spy.2.0\crack\immonitor.msn.spy.2.0-NoPE.exe
C:\DOCUME~1\ADMIN\My Documents\dtop\altomp3.gold.5.20.keygen-tsrh.zip
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6_Keygen.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Serial No.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Content\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\EasyWrite Reader\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\InCD\incd1252.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\InCD\InCDL.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\sharedNT\InCD.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\sharedNT\incdsrv.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\w9x\InCD.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\ImageDrive\ImageDrive.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\nero.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\Nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\NeroCmd.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\NRESTORE.EXE
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\BackItUp.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\NBJ.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\NBR.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero soundtrax\SoundTrax.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero StartSmart\NeroStartSmart.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\CDSpeed.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\CDSpeed.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\DriveSpeed.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\DriveSpeed.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\hwinfo.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\InfoTool.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\InfoTool.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Wave Editor\WaveEdit.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Redist\WMFADist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Redist\wmfdist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\System\NeroCheck.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\WMPBurn\WMPBurn.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroBurnRights\NeroBurnRights.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroBurnRights\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\NeroMix.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\API\nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\Services\Compilation.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Redist\WMFADist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Redist\wmfdist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\DirectX\dxsetup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Nero ShowTime\ShowTime.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\NeroFiles\nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\w2k\NeroVision.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\w9x\NeroVision.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Redist\SHFolder.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\Shared\Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Shared\Nero Burning Rom 6.0 Ultra Edition Incl Keygen & Serial.zip


1 - "C:\Rooter$\Rooter_1.txt" - 09/06/2009| 4:41
2 - "C:\Rooter$\Rooter_2.txt" - 09/06/2009| 4:51

----------------------\\ Scan completed at 4:51
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts

C:\DOCUME~1\ADMIN\Incomplete\T-105165125-Nero 7.0.1.2 Ultra Edition with Keygen - English.zip
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\.datBattlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Incomplete\battlefield2\Preview-Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\My Documents\Downloads\IMMonitor.MSN.Spy.2.0\crack\immonitor.msn.spy.2.0-NoPE.exe
C:\DOCUME~1\ADMIN\My Documents\dtop\altomp3.gold.5.20.keygen-tsrh.zip
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6_Keygen.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Serial No.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Content\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\EasyWrite Reader\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\InCD\incd1252.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\InCD\InCDL.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\sharedNT\InCD.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\sharedNT\incdsrv.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\InCD 4\w9x\InCD.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\ImageDrive\ImageDrive.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\nero.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\Nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\NeroCmd.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero\NRESTORE.EXE
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\BackItUp.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\NBJ.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero backitup\NBR.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\nero soundtrax\SoundTrax.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero StartSmart\NeroStartSmart.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\CDSpeed.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\CDSpeed.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\DriveSpeed.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\DriveSpeed.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\hwinfo.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\InfoTool.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Toolkit\InfoTool.exe.manifest
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Nero Wave Editor\WaveEdit.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Redist\WMFADist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\Redist\wmfdist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\System\NeroCheck.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\Nero 6 Ultra Edition\WMPBurn\WMPBurn.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroBurnRights\NeroBurnRights.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroBurnRights\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\NeroMix.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\API\nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\NeroMix\Services\Compilation.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Redist\WMFADist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Redist\wmfdist.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroMIX\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Setup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\CoverDesigner\CoverDes.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\DirectX\dxsetup.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Nero ShowTime\ShowTime.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\NeroFiles\nero.txt
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\w2k\NeroVision.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\NeroVision\w9x\NeroVision.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Redist\SHFolder.exe
C:\DOCUME~1\ADMIN\My Documents\New Folder\Nero.Burning.Rom.6.0.Ultra.Edition.incl.keygen.&.serial\NeroVision Express 2\Setup\EULA_eng.txt
C:\DOCUME~1\ADMIN\Shared\Battlefield_2+Crack+no_CD.rar
C:\DOCUME~1\ADMIN\Shared\Nero Burning Rom 6.0 Ultra Edition Incl Keygen & Serial.zip


These are not good this is a sure way to get infected.
Cracked software is illegal and is almost always bundled with malware.
Please discontinue using these types of software.

Also since mbam finds infected files post the log.
If it shut's off then try a quick scan.

See if you can get that done and post the log.
  • 0

#5
parodoxicalplay

parodoxicalplay

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
yea tried the quick scan yet it still shuts down is there anyway to limit the computers processing power so as to avoid shut down so that it can finish the log or any other way??
yea i downloaded nero for a friend i do have a full registered copy as well.
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Does the system tell you anything before it shuts down?
Example "The system is shutting down" or "the system will restart in less than an minute".
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP