Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean

Started by Quantem , Jun 28 2009 01:19 AM

  • Please log in to reply

#1
Quantem
Posted 28 June 2009 - 01:19 AM

Quantem

    New Member

  • Member
  • Pip
  • 2 posts
Yo

I'l thank the one who can help a million times.
I've gotten rid of the Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean once, but it managed to jack my internet and make my pc stutter it was barely able to boot. And now its back don't know how. I booted in safemode to scan, but this time nothing superantispyware, mbam and eset smart security didn't find it. So this is kinda my last resort of getting rid of its really getting on my nerve. The virus has deleted my boot.ini infected my main security as in E.S.S and so I had no clue that I had a virus. Untill everything started functioning faulty. Now to the logs.


Rooter log:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 107 Stepping 1, AuthenticAMD
.
[wscsvc] STOPPED (state:1) : Security Center -> Disabled !
[SharedAccess] STOPPED (state:1) : Windows Firewall -> Disabled !
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.11 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:9 Go - Free:2 Go )
D:\ [Fixed-NTFS] .. ( Total:139 Go - Free:25 Go )
E:\ [CD_Rom]
F:\ [CD_Rom]
.
Scan : 10:08.21
Path : C:\Documents and Settings\Shrek\Desktop\Rooter.exe
User : Shrek ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (1180)
______ \??\C:\WINDOWS\system32\csrss.exe (1228)
______ \??\C:\WINDOWS\system32\winlogon.exe (1252)
______ C:\WINDOWS\system32\services.exe (1300)
______ C:\WINDOWS\system32\lsass.exe (1312)
______ C:\WINDOWS\system32\nvsvc32.exe (1496)
______ C:\WINDOWS\system32\svchost.exe (1544)
______ C:\WINDOWS\system32\svchost.exe (1612)
______ C:\WINDOWS\System32\svchost.exe (2008)
______ C:\WINDOWS\system32\svchost.exe (132)
______ C:\WINDOWS\system32\svchost.exe (268)
______ C:\WINDOWS\System32\wudfhost.exe (728)
______ C:\WINDOWS\system32\spoolsv.exe (820)
______ C:\WINDOWS\Explorer.EXE (1012)
______ C:\WINDOWS\RTHDCPL.EXE (1392)
______ C:\Program Files\Java\jre6\bin\jusched.exe (144)
______ C:\WINDOWS\system32\RUNDLL32.EXE (1696)
______ D:\Prograd\Eset\egui.exe (1748)
______ C:\Program Files\ProcessGuard\pgaccount.exe (1768)
______ C:\WINDOWS\system32\ctfmon.exe (1776)
______ C:\Program Files\Windows Live\Messenger\msnmsgr.exe (1788)
______ C:\Program Files\DAEMON Tools Lite\daemon.exe (1800)
______ C:\Program Files\ProcessGuard\procguard.exe (1816)
______ C:\WINDOWS\system32\svchost.exe (588)
______ C:\Program Files\ProcessGuard\dcsuserprot.exe (656)
______ D:\Prograd\Eset\ekrn.exe (756)
______ C:\Program Files\Java\jre6\bin\jqs.exe (920)
______ C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (976)
______ C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (1648)
______ C:\WINDOWS\system32\PnkBstrA.exe (1204)
______ C:\WINDOWS\system32\PnkBstrB.exe (1524)
______ C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (1868)
______ C:\WINDOWS\System32\PAStiSvc.exe (1904)
______ C:\WINDOWS\system32\svchost.exe (1808)
______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (1980)
______ C:\Program Files\Skype\Phone\Skype.exe (2760)
______ C:\Program Files\Mozilla Firefox\firefox.exe (2100)
______ C:\Program Files\Skype\Plugin Manager\skypePM.exe (3304)
______ C:\Documents and Settings\Shrek\Desktop\Rooter.exe (2148)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition0 (Start_Offset:7741440 | Length:10729635840)
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:10737377280 | Length:149301411840)
\Device\Harddisk0\Partition2 (Start_Offset:7773696 | Length:10729603584)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\Tasks\Uniblue SpyEraser.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\DOCUME~1\Shrek\Application Data\uTorrent\The Chronicles of Riddick - Assault on Dark Athena crack.rar.torrent
==> Cracks & Keygens <==
.
----------------------\\ Scan completed at 10:08.29
.
C:\Rooter$\Rooter_2.txt - (28/06/2009 | 10:08.29).c





OTG txt :

OTL logfile created on: 28.06.2009 10:09:53 - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\Shrek\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000425 | Country: Estonia | Language: ETI | Date Format: d.MM.yyyy

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,78% Memory free
3,85 Gb Paging File | 3,35 Gb Available in Paging File | 87,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,99 Gb Total Space | 2,14 Gb Free Space | 21,43% Space Free | Partition Type: NTFS
Drive D: | 139,05 Gb Total Space | 25,91 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WHOPA
Current User Name: Shrek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\wudfhost.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - D:\Prograd\Eset\egui.exe (ESET)
PRC - C:\Program Files\ProcessGuard\pgaccount.exe (DiamondCS)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\ProcessGuard\procguard.exe (DiamondCS)
PRC - C:\Program Files\ProcessGuard\dcsuserprot.exe (DiamondCS)
PRC - D:\Prograd\Eset\ekrn.exe (ESET)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\WINDOWS\System32\PnkBstrA.exe ()
PRC - C:\WINDOWS\System32\PnkBstrB.exe ()
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\WINDOWS\System32\PAStiSvc.exe ()
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - C:\Documents and Settings\Shrek\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DCSPGSRV [Auto | Running]) -- C:\Program Files\ProcessGuard\dcsuserprot.exe (DiamondCS)
SRV - (EhttpSrv [On_Demand | Stopped]) -- D:\Prograd\Eset\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- D:\Prograd\Eset\ekrn.exe (ESET)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Nero BackItUp Scheduler 4.0 [Auto | Running]) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (npggsvc [On_Demand | Stopped]) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (nTuneService [Auto | Running]) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\System32\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\WINDOWS\System32\PnkBstrB.exe ()
SRV - (PSI_SVC_2 [Auto | Running]) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (STI Simulator [Auto | Running]) -- C:\WINDOWS\System32\PAStiSvc.exe ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (yahooauservice [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (AmdLLD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\AmdLLD.sys (AMD, Inc.)
DRV - (atksgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\atksgt.sys ()
DRV - (bootscreen [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\vidstub.sys ()
DRV - (CAMTHWDM [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\CAMTHWDM.sys ()
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\eamon.sys (ESET)
DRV - (ehdrv [System | Running]) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys (ESET)
DRV - (ENTECH [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (epfw [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\epfw.sys (ESET)
DRV - (epfwndis [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys (ESET)
DRV - (epfwtdi [System | Running]) -- C:\WINDOWS\System32\DRIVERS\epfwtdi.sys (ESET)
DRV - (gdrv [On_Demand | Stopped]) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (hamachi [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (lirsgt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys ()
DRV - (npkcrypt [On_Demand | Stopped]) -- D:\Mängud\Lineage II\system\npkcrypt.sys (INCA Internet Co., Ltd.)
DRV - (npkcusb [On_Demand | Stopped]) -- D:\Mängud\Lineage II\system\npkcusb.sys (INCA Internet Co., Ltd.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvgts [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVR0Dev [On_Demand | Running]) -- C:\WINDOWS\nvoclock.sys (NVidia Corp.)
DRV - (PAC7311 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\PA707UCM.SYS (PixArt Imaging Inc.)
DRV - (PnkBstrK [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\PnkBstrK.sys ()
DRV - (PQNTDrv [System | Running]) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (procguard [Auto | Running]) -- C:\WINDOWS\System32\drivers\procguard.sys (DiamondCS)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (sasdifsv [System | Running]) -- D:\Prograd\Superantispyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (sasenum [On_Demand | Stopped]) -- D:\Prograd\Superantispyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssm_bus [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ssm_bus.sys (MCCI Corporation)
DRV - (ssm_mdfl [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ssm_mdfl.sys (MCCI Corporation)
DRV - (ssm_mdm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ssm_mdm.sys (MCCI Corporation)
DRV - (StarOpen [System | Running]) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (tapvpn [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\tapvpn.sys (The OpenVPN Project)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = et
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 57 03 74 9A F2 C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.c...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.17.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.5.5
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {5601B994-0E9B-4ce2-8AB9-AD1155F2ABBD}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..keyword.URL: "http://search.live.c...?FORM=IEFM1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.03.20 18:02:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.04.18 15:27:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.06.21 20:44:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.06.16 11:26:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\thunderbird\extensions\\[email protected]: D:\Prograd\Eset\Mozilla Thunderbird

[2009.05.27 18:30:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Extensions
[2009.05.27 18:30:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.06.27 17:38:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions
[2009.05.27 18:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\{5601B994-0E9B-4ce2-8AB9-AD1155F2ABBD}
[2009.05.27 18:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009.06.27 20:58:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.05.27 18:30:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.06.14 17:57:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\[email protected]
[2009.05.27 18:30:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shrek\Application Data\mozilla\Firefox\Profiles\xpm5oqr5.default\extensions\[email protected]
[2009.06.14 13:45:59 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\Shrek\Application Data\Mozilla\FireFox\Profiles\xpm5oqr5.default\searchplugins\live-search.xml
[2009.06.27 20:41:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.06.12 14:52:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.04.09 22:34:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008.12.14 17:36:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.04.18 15:27:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.06.12 14:52:16 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.06.12 14:52:17 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.05.02 00:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2008.08.06 16:22:02 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008.07.09 00:07:06 | 00,040,960 | ---- | M] (BYOND) -- C:\Program Files\mozilla firefox\plugins\npbyond.dll
[2009.04.18 15:27:18 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009.05.12 21:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009.05.19 01:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2008.12.11 04:21:54 | 00,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2008.09.10 10:39:42 | 00,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2008.06.27 16:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009.06.12 14:52:18 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.04.03 19:28:10 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009.05.02 00:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009.03.11 18:20:24 | 00,208,384 | ---- | M] (<YNK Intractive>) -- C:\Program Files\mozilla firefox\plugins\uc_rohan_launching.dll
[2008.09.25 04:21:16 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008.09.25 04:21:16 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008.09.25 04:21:16 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008.11.15 12:08:38 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008.09.25 04:21:16 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008.09.25 04:21:16 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008.09.25 04:21:16 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [!1_pgaccount] C:\Program Files\ProcessGuard\pgaccount.exe (DiamondCS)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BootSkin Startup Jobs] File not found
O4 - HKLM..\Run: [egui] D:\Prograd\Eset\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysMetrix] D:\Prograd\SysMetrix\SysMetrix.exe File not found
O4 - HKCU..\Run: [!1_ProcessGuard_Startup] C:\Program Files\ProcessGuard\procguard.exe (DiamondCS)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\prograd\excel\Office12\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\Manson\liser.dll) - c:\progra~1\Manson\liser.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Prograd\Superantispyware\SASWINLO.dll - D:\Prograd\Superantispyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\wgalogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Prograd\Superantispyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 15:45:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{cc0d374f-8fcd-11dd-a76e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{cc0d374f-8fcd-11dd-a76e-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc0d374f-8fcd-11dd-a76e-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.06.28 09:58:45 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shrek\Desktop\OTL.exe
[2009.06.28 09:58:27 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Shrek\Desktop\erunt_setup.exe
[2009.06.28 09:56:51 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Shrek\Desktop\SysRestorePoint.exe
[2009.06.27 21:10:55 | 00,059,004 | ---- | C] () -- C:\WINDOWS\System32\pguard.dat
[2009.06.27 21:10:55 | 00,002,292 | ---- | C] () -- C:\WINDOWS\System32\pghash.dat
[2009.06.27 21:08:18 | 00,044,544 | ---- | C] (DiamondCS) -- C:\WINDOWS\System32\procguard.dll
[2009.06.27 21:08:18 | 00,026,688 | ---- | C] (DiamondCS) -- C:\WINDOWS\System32\drivers\procguard.sys
[2009.06.27 21:08:17 | 00,000,000 | ---D | C] -- C:\Program Files\ProcessGuard
[2009.06.27 20:41:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Application Data\ESET
[2009.06.27 20:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.06.27 17:54:38 | 00,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Gears of War.lnk
[2009.06.27 17:22:00 | 00,044,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FirewallInstallHelper.dll
[2009.06.27 16:20:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009.06.27 13:23:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Application Data\Microsoft Games
[2009.06.27 13:03:01 | 00,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2009.06.26 23:44:39 | 00,000,210 | RHS- | C] () -- C:\boot.ini
[2009.06.26 23:07:32 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009.06.26 23:07:15 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Shrek\Desktop\Rooter.exe
[2009.06.26 22:59:16 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shrek\Desktop\TFC.exe
[2009.06.26 22:39:27 | 00,025,600 | R--- | C] (Gibson Research Corp.) -- C:\Documents and Settings\Shrek\Desktop\leaktest.exe
[2009.06.26 18:16:31 | 00,000,437 | ---- | C] () -- C:\Documents and Settings\Shrek\Desktop\CabalCode6.lnk
[2009.06.23 07:08:46 | 00,000,000 | ---D | C] -- C:\Program Files\Creative Labs
[2009.06.22 00:50:56 | 00,033,096 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys
[2009.06.21 23:39:08 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009.06.21 20:50:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009.06.21 20:49:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009.06.21 20:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009.06.21 20:09:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Application Data\MSNInstaller
[2009.06.21 19:34:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009.06.21 19:34:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009.06.21 19:03:06 | 00,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009.06.21 17:07:51 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009.06.17 09:54:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Application Data\Malwarebytes
[2009.06.17 09:54:00 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.06.17 09:53:59 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.06.17 09:53:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.06.17 08:42:16 | 00,000,002 | ---- | C] () -- C:\616768929
[2009.06.16 21:45:46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
[2009.06.16 21:39:09 | 00,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009.06.16 20:50:21 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EmoDio.lnk
[2009.06.16 14:10:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock
[2009.06.16 14:10:56 | 00,163,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.06.16 13:40:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009.06.16 13:37:46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2009.06.16 11:26:36 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009.06.16 11:26:21 | 00,000,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009.06.16 11:26:01 | 00,000,657 | ---- | C] () -- C:\Documents and Settings\Shrek\Desktop\DivX Movies.lnk
[2009.06.16 11:26:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009.06.16 11:04:18 | 00,000,357 | ---- | C] () -- C:\Documents and Settings\Shrek\Desktop\Steam.lnk
[2009.06.15 21:24:50 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2009.06.15 21:23:27 | 00,000,000 | ---D | C] -- C:\DVDVideoSoft
[2009.06.15 07:36:17 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009.06.14 18:07:49 | 00,189,288 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009.06.14 17:31:30 | 00,000,308 | ---- | C] () -- C:\Documents and Settings\Shrek\Desktop\AA3Deploy.appref-ms
[2009.06.14 15:21:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\America's Army Deploy Client
[2009.06.14 13:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009.06.14 12:33:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\San Andreas Mod Installer
[2009.06.12 14:54:21 | 00,000,000 | -H-- | C] () -- C:\Documents and Settings\Shrek\My Documents\Default.rdp
[2009.06.10 08:29:34 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.06.10 08:29:34 | 01,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009.06.10 08:29:34 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.06.10 08:29:34 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.06.10 08:29:34 | 00,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009.06.10 08:29:34 | 00,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009.06.10 08:29:32 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.06.10 08:29:32 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2009.06.10 08:28:50 | 00,064,777 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2009.06.05 19:55:48 | 00,000,000 | ---D | C] -- C:\.jagex_cache_32
[2009.06.04 15:39:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\.jagex_cache_32
[2009.06.01 23:18:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Local Settings\Application Data\Yahoo
[2009.06.01 23:17:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shrek\Application Data\Yahoo!
[2009.06.01 23:16:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009.06.01 23:16:35 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009.05.31 16:04:04 | 00,030,577 | ---- | C] () -- C:\Documents and Settings\Shrek\Desktop\Referaat.rtf
[2009.04.22 00:19:06 | 00,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.04.20 21:42:09 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2009.04.18 19:51:35 | 00,000,523 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2009.04.17 10:03:09 | 00,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.04.17 10:03:09 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.04.02 15:26:58 | 01,302,528 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009.04.02 02:03:31 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.02 02:03:19 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.02 02:03:19 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.02.23 13:47:43 | 02,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll
[2009.02.23 13:47:42 | 00,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll
[2009.02.23 13:47:41 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll
[2009.02.23 13:47:41 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll
[2009.02.23 13:47:30 | 00,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2009.02.23 13:30:18 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\wfwindowp32.dll
[2009.02.08 22:49:15 | 00,137,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.01.24 22:10:59 | 00,000,315 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2009.01.11 15:16:57 | 00,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2008.12.23 11:43:30 | 00,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2008.12.08 14:29:30 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.06 15:11:48 | 00,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.11.18 18:50:31 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.10.09 15:08:06 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008.10.07 10:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.10.02 01:24:57 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.10.02 00:51:09 | 00,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2008.09.18 03:40:06 | 00,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2008.09.17 12:36:22 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008.09.17 12:36:20 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008.09.17 12:36:20 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008.09.17 12:36:20 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2008.06.05 09:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.02.09 07:58:22 | 00,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2007.03.12 13:01:30 | 00,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2007.03.03 06:38:04 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\gc.dll
[2004.08.04 13:00:00 | 00,000,558 | ---- | C] () -- C:\WINDOWS\win.ini
[2004.08.04 13:00:00 | 00,000,256 | ---- | C] () -- C:\WINDOWS\system.ini
[2004.08.04 13:00:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\mssfc.dll

========== Files - Modified Within 30 Days ==========

[2009.06.28 09:58:52 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shrek\Desktop\OTL.exe
[2009.06.28 09:58:35 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Shrek\Desktop\erunt_setup.exe
[2009.06.28 09:56:52 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Shrek\Desktop\SysRestorePoint.exe
[2009.06.28 09:43:01 | 00,208,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.06.28 09:42:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.06.28 09:42:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.06.27 22:37:38 | 00,059,004 | ---- | M] () -- C:\WINDOWS\System32\pguard.dat
[2009.06.27 22:29:25 | 00,002,292 | ---- | M] () -- C:\WINDOWS\System32\pghash.dat
[2009.06.27 21:19:21 | 00,000,558 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.06.27 21:19:21 | 00,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.06.27 21:19:21 | 00,000,210 | RHS- | M] () -- C:\boot.ini
[2009.06.27 18:11:43 | 00,137,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.27 18:11:34 | 00,189,288 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009.06.27 18:11:34 | 00,189,288 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.06.27 17:54:38 | 00,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Gears of War.lnk
[2009.06.27 13:03:02 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2009.06.27 11:15:29 | 00,000,437 | ---- | M] () -- C:\Documents and Settings\Shrek\Desktop\CabalCode6.lnk
[2009.06.26 23:07:16 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Shrek\Desktop\Rooter.exe
[2009.06.26 22:59:17 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shrek\Desktop\TFC.exe
[2009.06.26 22:39:27 | 00,025,600 | R--- | M] (Gibson Research Corp.) -- C:\Documents and Settings\Shrek\Desktop\leaktest.exe
[2009.06.26 15:08:01 | 00,143,360 | ---- | M] () -- C:\Documents and Settings\Shrek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.24 09:12:02 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.06.23 07:39:50 | 03,172,172 | -H-- | M] () -- C:\Documents and Settings\Shrek\Local Settings\Application Data\IconCache.db
[2009.06.21 23:47:23 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.06.21 23:18:13 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2009.06.21 23:18:13 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.06.21 19:03:06 | 00,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009.06.17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.06.17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.06.17 08:51:40 | 00,000,002 | ---- | M] () -- C:\616768929
[2009.06.16 23:37:37 | 00,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.06.16 21:39:09 | 00,000,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009.06.16 20:50:24 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EmoDio.lnk
[2009.06.16 14:11:24 | 00,163,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.06.16 13:53:38 | 00,067,600 | ---- | M] () -- C:\Documents and Settings\Shrek\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009.06.16 11:26:36 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009.06.16 11:26:21 | 00,000,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009.06.16 11:26:01 | 00,000,657 | ---- | M] () -- C:\Documents and Settings\Shrek\Desktop\DivX Movies.lnk
[2009.06.16 11:04:18 | 00,000,357 | ---- | M] () -- C:\Documents and Settings\Shrek\Desktop\Steam.lnk
[2009.06.15 08:09:28 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009.06.14 18:02:29 | 00,139,152 | ---- | M] () -- C:\Documents and Settings\Shrek\Application Data\PnkBstrK.sys
[2009.06.14 18:02:10 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.06.14 18:02:09 | 00,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009.06.14 17:31:30 | 00,000,308 | ---- | M] () -- C:\Documents and Settings\Shrek\Desktop\AA3Deploy.appref-ms
[2009.06.14 13:06:03 | 00,000,899 | ---- | M] () -- C:\Documents and Settings\Shrek\My Documents\My Sharing Folders.lnk
[2009.06.12 14:54:21 | 00,000,000 | -H-- | M] () -- C:\Documents and Settings\Shrek\My Documents\Default.rdp
[2009.06.12 12:10:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009.06.10 08:29:34 | 01,724,416 | ---- | M] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.06.10 08:29:34 | 01,657,376 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009.06.10 08:29:34 | 01,101,824 | ---- | M] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.06.10 08:29:34 | 00,466,944 | ---- | M] () -- C:\WINDOWS\System32\nvshell.dll
[2009.06.10 08:29:34 | 00,449,056 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009.06.10 08:29:34 | 00,436,768 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009.06.10 08:29:32 | 01,507,328 | ---- | M] () -- C:\WINDOWS\System32\nview.dll
[2009.06.10 08:29:32 | 00,073,728 | ---- | M] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2009.06.10 08:28:50 | 00,064,777 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2009.06.10 06:03:00 | 01,580,550 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2009.06.10 06:03:00 | 00,019,495 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009.06.01 23:17:14 | 00,030,577 | ---- | M] () -- C:\Documents and Settings\Shrek\Desktop\Referaat.rtf
[2009.06.01 19:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >




OTG Extras txt :

OTL Extras logfile created on: 28.06.2009 10:09:53 - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\Shrek\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000425 | Country: Estonia | Language: ETI | Date Format: d.MM.yyyy

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,78% Memory free
3,85 Gb Paging File | 3,35 Gb Available in Paging File | 87,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,99 Gb Total Space | 2,14 Gb Free Space | 21,43% Space Free | Partition Type: NTFS
Drive D: | 139,05 Gb Total Space | 25,91 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WHOPA
Current User Name: Shrek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6112:UDP" = 6112:UDP:*:Enabled:Warcraft

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
D:\Mängud\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe (Nexon)
D:\Mängud\Combat Arms EU\Engine.exe:*Enabled:Engine.exe (Nexon)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
D:\prograd\Curse\CurseClient.exe:*:Enabled:Curse Client File not found
D:\Mängud\ProjectTorque\ProjectTorque.bin:*:Enabled:Project Torque (Invictus Games Ltd.)
D:\Mängud\Warcraft III\Frozen Throne.exe:*:Enabled:Frozen Throne (Blizzard Entertainment)
D:\Rockstar Gamez\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV File not found
D:\Rockstar Gamez\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV File not found
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice (Microsoft Corporation)
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
D:\prograd\Steam\steamapps\common\left 4 dead demo\left4dead.exe:*:Enabled:Left 4 Dead Demo File not found
C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video Cleaner File not found
D:\Mängud\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III (Blizzard Entertainment)
D:\prograd\Steam\steamapps\qu4ntem\counter-strike source\hl2.exe:*:Enabled:hl2 ()
D:\Mängud\U3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 ()
D:\Mängud\Rohan\rohanclient.exe:*:Enabled:Rohan Online Game File not found
D:\prograd\btond\bin\byond.exe:*:Enabled:byond File not found
D:\prograd\byond\bin\byond.exe:*:Enabled:byond File not found
D:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV (Sony DADC Austria AG)
D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club (Take-Two Interactive Software, Inc.)
D:\Mängud\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe (Nexon)
D:\Mängud\Combat Arms EU\Engine.exe:*Enabled:Engine.exe (Nexon)
D:\Mängud\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core (Nexon Corp.)
D:\Mängud\Wheelman\Binaries\WheelmanGame-Final.exe:*:Enabled:Wheelman File not found
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\WINDOWS\explorer.exe:*:Enabled:ENABLE (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0aaa9c97-74d4-47ce-b089-0b147ef3553c}" = Windows Live Messenger
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{10209B87-55D6-493E-A30A-12A265AA324E}" = TQ Defiler
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AED4ABF-0852-4B3F-9F87-00CF88F25CE0}" = IconHandler 32 bit
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22b775e7-6c42-4fc5-8e10-9a5e3257bd94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{23c3f5c0-566b-478b-aab6-197adad0c945}" = Uniblue SpeedUpMyPC 2009
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{28F8F8F0-C278-454A-9507-46B344AAD188}" = Corel Painter 11
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{36C9E08A-BE2B-40A0-83C5-576748F7B777}" = TestDrive Client
"{3b4e636e-9d65-4d67-ba61-189800823f52}" = Windows Live Communications Platform
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{54326DF1-1A48-4CA7-9845-B4178EBE93B5}" = Quake Live Mozilla Plugin
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{584267B8-0BB0-4D18-9FFA-726576619E9A}" = Doom 3
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11 - ICA
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{71CBF9BB-7E07-4A9D-BF30-84C11810B242}" = ESET Smart Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7EC69F77-5494-4E1F-8BC6-956DAA5A91F2}" = Corel Painter 11 - IPM
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express
"{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}" = AMD Fusion for Gaming
"{840BF2FE-033D-437C-89D1-AAA206BA13B6}" = Langauge
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8ffc5648-faf8-43a3-bc8f-42ba1e275c4e}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{983CE4AE-052A-4AD6-92ED-177DFC85DAE5}" = Warcraft III 1.22 Patch
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{a1f66fc9-11ee-4f2f-98c9-16f8d1e69fb7}" = Segoe UI
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5553D3F-4E44-4386-9752-1FD555CF4560}" = Metal Slug Anthology
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B369483E-0728-405C-8F8C-3427B263B01F}" = Content
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5B4799D-4E8D-4DC6-9C50-060EE5F8AA9C}" = PristonTale
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{c427e746-4ec9-4e3c-aacb-c6bb1f714d7f}" = Uniblue DriverScanner 2009
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{c6ca8874-5f22-4af0-9be3-016bf299c536}" = Windows Live Essentials
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{cddcbbf1-2703-46bc-938b-bcc81a1eeaaa}" = SUPERAntiSpyware Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D6A4078D-CCAD-4257-B65D-8BE9BF7AAAD2}_is1" = 3GP Player 2008
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}" = Vegas Movie Studio Platinum 9.0
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bd194c-4190-4d73-b1b1-c48c99921bfe}" = Windows Live Call
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FC3042C9-0A41-41CA-AE04-141579D3935B}_is1" = Killing Floor
"Abdio WMV Video Converter v6.2 (Try)" = Abdio WMV Video Converter v6.2 (Try)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ask Toolbar_is1" = Ask Toolbar
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"bootskin" = BootSkin
"Build Your Own Net Dream" = Build Your Own Net Dream (remove only)
"CABAL Online_is1" = CABAL Online
"Combat Arms EU" = Combat Arms EU
"Coop Warfare0.6" = Coop Warfare 0.6
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DiamondCS ProcessGuard_is1" = DiamondCS ProcessGuard v3.500
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity" = Drift City
"EAX™ Unified (SHELL)" = EAX™ Unified (SHELL)
"EVEREST Ultimate + Corporate Edition_is1" = EVEREST Ultimate v4.20.1257 + Corporate Edition Beta Registered
"ExpressBurn" = Express Burn
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 4.1
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Garena" = Garena
"Hamachi" = Hamachi 1.0.3.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"installshield_{c20ce592-b0f8-4d20-bf31-0151ca6331a6}" = EmoDio
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC16 (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas
"malwarebytes' anti-malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.11
"Megavideo Video Downloader_is1" = Megavideo Video Downloader 3.14
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MP4 Player" = MP4 Player
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyFreeCodec" = MyFreeCodec
"Neffy" = Neffy 1,2,0,22
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NewBlue 3D Transformations for Vegas" = NewBlue 3D Transformations for Vegas
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PluginPac" = DebugMode PluginPac (remove only)
"PristonTale2" = PristonTale2
"PunkBusterSvc" = PunkBuster Services
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SpiceMASTER 2.5 PRO for Vegas" = SpiceMASTER 2.5 PRO for Vegas
"SprayR" = SprayR 1.0 RC7b
"Steam App 17505" = Zombie Panic! Source Dedicated Server
"steam app 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"SystemRequirementsLab" = System Requirements Lab
"uniblue driverscanner 2009" = Uniblue DriverScanner 2009
"uniblue speedupmypc 2009" = Uniblue SpeedUpMyPC 2009
"UnityWebPlayer" = Unity Web Player
"WebcamMax" = WebcamMax
"Video Cleaner Pro" = River Past Video Cleaner Pro
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winlivesuite_wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"yahoo! messenger" = Yahoo! Messenger
"yahoo! software update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2a4f70b48f669acd" = AA3Deploy
"ijji FireFox Launcher" = ijji FireFox Launcher 1.0
"ijji.com" = ijji
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"Lineage II Nemesis Patcher" = Lineage II Nemesis Patcher
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.05.2009 8:48:24 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description = The COM+ Event System detected an unexpected error from a Win32 API
call at line 901 of d:\comxp_sp3\com\com1x\src\events\tier2\notify.cpp. A call
to PostThreadMessage failed with error code : "The operation completed successfully.
" Please contact Microsoft Product Support Services to report this erro

Error - 18.05.2009 8:20:03 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description = The COM+ Event System detected an unexpected error from a Win32 API
call at line 901 of d:\comxp_sp3\com\com1x\src\events\tier2\notify.cpp. A call
to PostThreadMessage failed with error code : "The operation completed successfully.
" Please contact Microsoft Product Support Services to report this erro

Error - 18.05.2009 9:38:15 | Computer Name = WHOPA | Source = MSSHA | ID = 1008
Description = The Windows Security Health Agent failed to complete an offline scan.
Failure
Code: 8024001e.

Error - 19.05.2009 14:19:28 | Computer Name = WHOPA | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

[ driverscanne Events ]
Error - 17.05.2009 8:48:24 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description =

Error - 18.05.2009 8:20:03 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description =

Error - 18.05.2009 9:38:15 | Computer Name = WHOPA | Source = MSSHA | ID = 1008
Description =

Error - 19.05.2009 14:19:28 | Computer Name = WHOPA | Source = Application Error | ID = 1000
Description =

[ driverscanne Events ]
Error - 17.05.2009 8:48:24 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description =

Error - 18.05.2009 8:20:03 | Computer Name = WHOPA | Source = EventSystem | ID = 4613
Description =

Error - 18.05.2009 9:38:15 | Computer Name = WHOPA | Source = MSSHA | ID = 1008
Description =

Error - 19.05.2009 14:19:28 | Computer Name = WHOPA | Source = Application Error | ID = 1000
Description =

[ System Events ]
Error - 27.06.2009 9:31:34 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7000
Description = The bootscreen service failed to start due to the following error:
%%2001

Error - 27.06.2009 9:31:34 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 27.06.2009 9:31:34 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 27.06.2009 11:30:33 | Computer Name = WHOPA | Source = DCOM | ID = 10010
Description = The server {BA126AD1-2166-11D1-B1D0-00805FC1270E} did not register
with DCOM within the required timeout.

Error - 27.06.2009 11:47:11 | Computer Name = WHOPA | Source = nvgts | ID = 262153
Description = The device, \Device\Scsi\nvgts1, did not respond within the timeout
period.

Error - 27.06.2009 11:49:45 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7000
Description = The bootscreen service failed to start due to the following error:
%%2001

Error - 27.06.2009 11:49:45 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 27.06.2009 11:50:26 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7022
Description = The System Event Notification service hung on starting.

Error - 27.06.2009 11:50:29 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 27.06.2009 11:50:29 | Computer Name = WHOPA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL


< End of report >

MBAM log :

Malwarebytes' Anti-Malware 1.38
Database version: 2318
Windows 5.1.2600 Service Pack 3

28.06.2009 10:15:31
mbam-log-2009-06-28 (10-15-31).txt

Scan type: Quick Scan
Objects scanned: 82309
Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


another_problem.JPG
  • 0

Advertisements

#2
Quantem
Posted 29 June 2009 - 12:11 AM

Quantem

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Any1 ? It's gettin' worse eset smart security firewall is malfunctioning in a few days i wount have my net to even check the forum. NVM I solved it.

Edited by Quantem, 29 June 2009 - 02:04 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP