Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr Watson postmortem debugger has encountered a problem and needs to c

Started by Snayr , Jun 03 2009 11:47 PM

  • Please log in to reply

#1
Snayr
Posted 03 June 2009 - 11:47 PM

Snayr

    New Member

  • Member
  • Pip
  • 1 posts
Hey,

So I have recently had a problem with my desktop freezing up on me while trying to open folders, etc. And I have received the whole "dr watson postmortem debugger has encountered a problem and needs to close" deal after it freezes up. Sometimes I'm able to reboot, and it'll work fine, or sometimes I'll reboot and I'll encounter the problem again straight away and it'll freeze on boot up. Anyways, I'm growing tired of it, and so I would love to get any help possible to resolve this annoying situation. Thanks.

Rooter Log:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:305234 Mo/Free:1683 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [Fixed] - NTFS - (Total:190779 Mo/Free:1288 Mo)
F:\ [CD-Rom] (Total:7202 Mo/Free:0 Mo)

Thu 06/04/2009| 1:59

----------------------\\  Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\PnkBstrA.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\WINDOWS\SOUNDMAN.EXE
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\WINDOWS\V0230Mon.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\Program Files\Winamp\winampa.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
---------- C:\program files\steam\steam.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Internet Download Manager\IDMan.exe
---------- C:\Program Files\MagicDisc\MagicDisc.exe
---------- C:\Program Files\Internet Download Manager\IEMonitor.exe
---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\  Search..

----------------------\\  ROOTKIT !!


----------------------\\  Cracks & Keygens..

C:\DOCUME~1\Ryan\Desktop\Downloads\The Sims 3\The.Sims.3-RELOADED\Crack\rld-sim3.exe
C:\DOCUME~1\Ryan\Desktop\Downloads\The Sims 3\The.Sims.3-RELOADED\Crack\TS3.exe
C:\DOCUME~1\Ryan\Desktop\Website Folder\Applications Folder\Applications to Upload\Photoshop CS2\Adobe Photoshop CS 2\CS2 Keygen\install.txt
C:\DOCUME~1\Ryan\Desktop\Website Folder\Applications Folder\Applications to Upload\Photoshop CS2\Adobe Photoshop CS 2\CS2 Keygen\photoshop_cs2_keygen.exe
C:\DOCUME~1\Ryan\Desktop\Website Folder\Applications Folder\Applications uploaded\Snagit 9.1.0 Build 206.ZWT\Techsmith Snagit 9.1.0 Build 206.ZWT\Keygen.rar


1 - "C:\Rooter$\Rooter_1.txt" - Thu 06/04/2009| 1:31
2 - "C:\Rooter$\Rooter_2.txt" - Thu 06/04/2009| 1:59

----------------------\\  Scan completed at  1:59

MBAM Log:
Malwarebytes' Anti-Malware 1.37
Database version: 2223
Windows 5.1.2600 Service Pack 3

6/3/2009 12:01:04 PM
mbam-log-2009-06-03 (12-01-04).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|)
Objects scanned: 151629
Time elapsed: 28 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL Log:
OTL logfile created on: 6/4/2009 2:02:54 AM - Run 4
OTL by OldTimer - Version 2.1.1.0	 Folder = C:\Documents and Settings\Ryan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 72.88% Memory free
3.85 Gb Paging File | 3.29 Gb Available in Paging File | 85.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 121.64 Gb Free Space | 40.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 186.31 Gb Total Space | 113.26 Gb Free Space | 60.79% Space Free | Partition Type: NTFS
Drive F: | 7.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RYANPC
Current User Name: Ryan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\V0230Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\program files\steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Ryan\Desktop\OTL.exe (OldTimer Tools)
 
[color=orange]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (MBAMService [Auto | Running]) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (rpcapd [On_Demand | Stopped]) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (TeamViewer4 [Auto | Stopped]) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
 
[color=orange]========== Driver Services (SafeList) ==========[/color]
 
DRV - (A3AB [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\A3AB.sys (D-Link Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (MBAMProtector [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (NPF [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (V0230Vfx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (V0230VID [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\V0230VID.sys (Creative Technology Ltd.)
 
[color=orange]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=orange]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://igoogle.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=orange]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.igoogle.com"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: [email protected]:6.4
FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/16 04:54:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/07 19:47:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/20 12:01:23 | 00,000,000 | ---D | M]
 
[2009/03/16 02:46:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\mozilla\Extensions
[2009/03/16 02:46:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/03 01:36:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\mozilla\Firefox\Profiles\xmefwkpm.default\extensions
[2009/05/22 21:37:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\mozilla\Firefox\Profiles\xmefwkpm.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2009/04/19 13:31:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\mozilla\Firefox\Profiles\xmefwkpm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/06/04 02:02:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/30 08:38:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/16 05:18:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/30 08:38:23 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/30 08:38:23 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/19 15:33:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/02/19 15:33:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/19 15:33:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/19 15:33:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/02/19 15:33:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/19 15:33:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/19 15:33:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
 
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1	   localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (Tonec Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized ()
O4 - HKCU..\Run: [Steam] "c:\program files\steam\steam.exe" -silent (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ryan\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/16 01:45:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/15 05:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 13:03:48 | 00,000,054 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2008/11/15 05:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/04 02:02:41 | 00,000,000 | ---D | M]
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2009/06/04 02:02:26 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Ryan\Desktop\OTL.exe
[2009/06/04 01:31:34 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/04 01:31:18 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Rooter.exe
[2009/06/04 01:15:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/04 01:14:33 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/06/03 02:13:21 | 00,000,169 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Admin email pw.doc
[2009/06/01 01:20:21 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Hand of Blood (2005)
[2009/06/01 01:07:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\The Poison (2006)
[2009/06/01 00:53:52 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Scream Aim Fire (2008)
[2009/05/31 01:30:28 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\The Truth about six pack abs
[2009/05/29 23:19:48 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\UU9 Bot
[2009/05/29 22:21:27 | 00,000,488 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Ryan.job
[2009/05/29 22:21:21 | 00,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Ryan.job
[2009/05/29 02:09:15 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\My Documents\My Library
[2009/05/29 02:08:49 | 00,057,436 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\DASShp.dll
[2009/05/29 02:08:49 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Reader
[2009/05/26 16:01:34 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\A_Cross __ the_EARTH_ Tear Down The Wall
[2009/05/26 02:52:16 | 00,014,255 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Montreal_Canadiens.jpg
[2009/05/25 22:59:57 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\three_wed_vid
[2009/05/25 18:30:10 | 00,418,480 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/05/25 18:30:10 | 00,115,432 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009/05/25 18:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009/05/24 22:59:27 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Innocence & Instinct [2009]
[2009/05/24 20:07:26 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
[2009/05/24 20:07:25 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2009/05/24 20:05:24 | 01,419,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01005.dll
[2009/05/24 20:05:24 | 00,021,504 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2009/05/24 20:05:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/05/24 20:05:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2009/05/24 19:51:59 | 00,001,677 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Motorola Phone Tools.lnk
[2009/05/24 19:48:42 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys
[2009/05/24 19:48:42 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2009/05/24 19:48:26 | 00,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools
[2009/05/24 19:48:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/05/24 19:40:29 | 00,213,620 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Bedtime_Stories_ringtone2.mp3
[2009/05/24 18:04:36 | 00,189,496 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/05/24 17:35:35 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\P.O.D. Discography
[2009/05/23 01:00:11 | 00,139,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/05/23 01:00:11 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Ryan\Application Data\PnkBstrK.sys
[2009/05/23 00:59:52 | 00,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/05/23 00:59:52 | 00,189,496 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/05/23 00:59:52 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/05/22 21:37:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\Megaupload
[2009/05/22 20:00:48 | 00,001,668 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mega Manager.lnk
[2009/05/22 19:59:09 | 00,000,000 | ---D | C] -- C:\Program Files\Megaupload
[2009/05/22 19:58:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\InstallShield
[2009/05/22 04:22:42 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Dane Cook - ISolated INcident
[2009/05/21 19:02:24 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\My Documents\Electronic Arts
[2009/05/21 18:58:22 | 00,447,752 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2009/05/21 18:58:22 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2009/05/21 18:58:06 | 00,001,723 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\The Sims™ 3.lnk
[2009/05/21 18:53:30 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2009/05/21 15:14:14 | 00,000,652 | ---- | C] () -- C:\Documents and Settings\Ryan\Start Menu\Programs\Startup\MagicDisc.lnk
[2009/05/21 15:14:11 | 00,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys
[2009/05/21 15:14:11 | 00,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2009/05/21 15:12:12 | 00,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2009/05/21 02:16:55 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Downloads
[2009/05/20 22:26:08 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Website Folder
[2009/05/20 15:01:34 | 00,000,367 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Jord Steam account.doc
[2009/05/18 23:15:41 | 73,381,6832 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Fast.and.Furious.DVDRiP.XViD-DEiTY.avi
[2009/05/15 23:28:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\IDM
[2009/05/15 23:28:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\DMCache
[2009/05/15 23:28:39 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\My Documents\Downloads
[2009/05/15 23:28:36 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2009/05/15 22:09:13 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\Desktop\Ebooks
[2009/05/15 16:12:16 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/05/15 16:12:16 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/05/15 16:12:15 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/05/15 16:12:15 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/05/15 16:12:15 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/05/15 16:12:15 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/05/15 16:12:15 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/05/15 16:12:15 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/05/15 16:12:15 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/05/15 16:12:14 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/05/15 16:12:14 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/05/15 16:12:14 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/05/15 16:12:14 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/05/15 16:12:14 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/05/15 16:12:14 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/05/15 16:12:14 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/05/15 16:12:13 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/05/15 16:12:13 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/05/15 16:12:13 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/05/15 16:12:13 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/05/15 16:12:13 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/05/15 16:12:13 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/05/15 16:12:13 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/05/15 16:12:13 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/05/15 16:12:12 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/05/15 16:12:12 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/05/15 16:12:12 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/05/15 16:12:12 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/05/15 16:12:12 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/05/15 16:12:12 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/05/15 16:12:11 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/05/15 16:12:11 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/05/15 16:12:11 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/05/15 16:12:11 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/05/15 16:12:11 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/05/15 16:12:11 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/05/15 16:12:10 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/05/15 16:12:10 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/05/15 16:12:10 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/05/15 16:12:10 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/05/15 16:12:10 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/05/15 16:12:10 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/05/15 16:12:10 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/05/15 16:12:10 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/05/15 16:12:09 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/05/15 16:12:09 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/05/15 16:12:09 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/05/15 16:12:08 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/05/15 16:12:08 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/05/15 16:12:08 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/05/15 16:12:07 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/05/15 16:12:07 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/05/15 16:12:06 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/05/15 16:12:06 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/05/15 16:12:06 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/05/15 16:12:06 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/05/15 16:12:06 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/05/15 16:12:05 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/05/15 16:12:05 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/05/15 16:12:05 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/05/15 16:12:05 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/05/15 16:12:04 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/05/15 16:12:03 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/05/15 16:12:02 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/05/15 16:12:02 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/05/15 16:12:02 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/05/15 16:12:02 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/05/15 16:12:02 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/05/15 16:12:01 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/05/15 16:12:01 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/05/15 16:12:01 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/05/15 16:12:00 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/05/15 16:09:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/05/15 14:29:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\TeamViewer
[2009/05/15 14:29:05 | 00,000,879 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TeamViewer 4.lnk
[2009/05/15 14:29:02 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2009/05/14 01:35:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/14 01:34:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/14 01:34:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/05/14 01:34:33 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/05/14 01:30:46 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/05/14 01:30:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/05/14 00:13:18 | 73,718,421 | ---- | C] () -- C:\DOCUME~1\Ryan\Desktop\Create_A_Quick_Website___Get_Instant_Traffic_vietproblog.com.rar
[2009/05/11 12:28:26 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\My Documents\Snagit
[2009/05/11 12:27:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/05/11 12:27:55 | 00,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2009/05/08 16:22:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\vlc
[2009/05/08 15:03:12 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Ryan\My Documents\Graboid
[2009/05/08 14:56:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\Graboid Inc
[2009/05/08 14:56:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\MozillaControl
[2009/05/08 14:53:18 | 00,000,000 | ---D | C] -- C:\Program Files\Graboid
[2009/05/07 19:22:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Application Data\Malwarebytes
[2009/05/07 19:22:21 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/07 19:22:21 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/07 19:22:18 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/07 19:22:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/07 19:22:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/07 03:42:04 | 00,210,352 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\idmmbc.dll
[2009/05/06 17:37:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/05/06 17:37:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/05/06 17:37:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/05/06 17:37:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/05/06 17:37:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/05/06 17:37:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/05/06 17:37:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/05/06 17:37:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/05/06 17:37:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/05/06 17:37:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/05/06 17:37:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/05/06 17:37:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/03/28 17:59:09 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/03/28 01:41:40 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/28 01:41:39 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/28 01:41:39 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/28 01:41:39 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/28 01:41:39 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/03/28 01:41:38 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/16 02:20:55 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009/03/16 02:05:46 | 00,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/03/16 02:05:41 | 00,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2009/02/18 15:44:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/02/18 15:44:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/02/18 15:44:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/02/18 15:44:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/11/06 16:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/08/04 08:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 08:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[2009/06/04 02:02:28 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Ryan\Desktop\OTL.exe
[2009/06/04 01:50:31 | 00,212,641 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/06/04 01:50:26 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Ryan\Local Settings\desktop.ini
[2009/06/04 01:50:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/04 01:50:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/04 01:31:20 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Rooter.exe
[2009/06/04 01:01:04 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/06/04 00:30:52 | 00,189,496 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/06/04 00:30:52 | 00,189,496 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/06/03 23:51:54 | 00,139,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/06/03 06:05:06 | 00,000,488 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Ryan.job
[2009/06/03 05:01:25 | 00,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Ryan.job
[2009/06/03 02:13:37 | 00,000,169 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Admin email pw.doc
[2009/06/02 23:27:33 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/29 13:01:50 | 00,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/26 02:52:16 | 00,014,255 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Montreal_Canadiens.jpg
[2009/05/25 18:30:10 | 00,418,480 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/05/25 18:30:10 | 00,115,432 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009/05/24 20:07:26 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01005.Wdf
[2009/05/24 20:07:25 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2009/05/24 19:51:59 | 00,001,677 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Motorola Phone Tools.lnk
[2009/05/24 19:41:03 | 00,213,620 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Bedtime_Stories_ringtone2.mp3
[2009/05/24 17:56:20 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/05/23 16:27:11 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2009/05/23 01:00:11 | 00,022,328 | ---- | M] () -- C:\Documents and Settings\Ryan\Application Data\PnkBstrK.sys
[2009/05/23 00:59:52 | 00,682,280 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/05/22 20:00:48 | 00,001,668 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mega Manager.lnk
[2009/05/21 18:58:06 | 00,001,723 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\The Sims™ 3.lnk
[2009/05/21 15:14:14 | 00,000,652 | ---- | M] () -- C:\Documents and Settings\Ryan\Start Menu\Programs\Startup\MagicDisc.lnk
[2009/05/20 18:26:27 | 00,000,367 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Jord Steam account.doc
[2009/05/15 14:29:05 | 00,000,879 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TeamViewer 4.lnk
[2009/05/14 00:25:43 | 73,718,421 | ---- | M] () -- C:\DOCUME~1\Ryan\Desktop\Create_A_Quick_Website___Get_Instant_Traffic_vietproblog.com.rar
[2009/05/11 13:30:22 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/09 01:26:56 | 00,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2009/05/08 14:58:49 | 00,000,719 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\VLC media player.lnk
[2009/05/07 19:22:21 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/07 03:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >

Those are all the logs I have, I never seemed to have gotten that Extra.txt log from OTL... atleast nowhere I could find. Thanks in advance!

Edited by Snayr, 04 June 2009 - 12:06 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP