Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

.dll not valid image


  • Please log in to reply

#1
silverwicce

silverwicce

    New Member

  • Member
  • Pip
  • 1 posts
hi, i really need help. my antivirus(avira) detected several viruses last night so i had to quarantine and delete them. but it uninstalled my ethernet so i had to re-install quite a few times that i ended up repairing my windows copy. but after the repair, i got these numerous .dll messages saying they're not a valid image.i'm not sure if i really have a spyware/malware problem but i followed your guide just in case. here are my mbam, gmer and otl logs. thank you so much.

MBAM LOG
Malwarebytes' Anti-Malware 1.44
Database version: 3831
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

3/8/2010 10:50:53 AM
mbam-log-2010-03-08 (10-50-53).txt

Scan type: Quick Scan
Objects scanned: 105762
Time elapsed: 2 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER LOG
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-08 11:05:28
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\mingming\LOCALS~1\Temp\pxtdypow.sys


---- System - GMER 1.0.15 ----

SSDT BAFF126E ZwCreateKey
SSDT BAFF1264 ZwCreateThread
SSDT BAFF1273 ZwDeleteKey
SSDT BAFF127D ZwDeleteValueKey
SSDT BAFF1282 ZwLoadKey
SSDT BAFF1250 ZwOpenProcess
SSDT BAFF1255 ZwOpenThread
SSDT BAFF128C ZwReplaceKey
SSDT BAFF1287 ZwRestoreKey
SSDT BAFF1278 ZwSetValueKey
SSDT BAFF125F ZwTerminateProcess

---- EOF - GMER 1.0.15 ----

OTL LOG
OTL logfile created on: 3/8/2010 11:16:02 AM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\mingming\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 38.77 Gb Free Space | 66.16% Space Free | Partition Type: NTFS
Drive D: | 90.45 Gb Total Space | 19.07 Gb Free Space | 21.08% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MINA
Current User Name: mingming
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/08 10:32:40 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mingming\My Documents\Downloads\OTL.exe
PRC - [2010/03/08 09:45:47 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/03/03 23:06:34 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/03/03 22:46:09 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Documents and Settings\mingming\Local Settings\Application Data\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/02/05 10:36:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\mingming\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/11/25 15:42:58 | 003,176,408 | ---- | M] (PC Tools) -- C:\Program Files\Registry Mechanic\RegMech.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/03/08 10:32:40 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mingming\My Documents\Downloads\OTL.exe
MOD - [2004/08/04 04:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 04:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/08 09:45:47 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=15161&l=dis
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\mingming\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/03 22:26:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{cfb64bd6-2817-11df-8243-00e04d9e8ee0}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb64bd6-2817-11df-8243-00e04d9e8ee0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cfb64bd6-2817-11df-8243-00e04d9e8ee0}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\Documents and Settings\NetworkService\Local Settings\Application Data\Windows Server\uhzlcz.dll) - C:\Documents and Settings\NetworkService\Local Settings\Application Data\Windows Server\uhzlcz.dll ()

========== Files/Folders - Created Within 14 Days ==========

[2010/03/08 10:55:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/08 10:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Adobe
[2010/03/08 10:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/08 10:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/08 09:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Registry Mechanic
[2010/03/08 09:44:55 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
[2010/03/08 09:44:55 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
[2010/03/08 09:44:55 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
[2010/03/08 09:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/03/08 09:43:49 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2010/03/08 09:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Uniblue
[2010/03/08 09:07:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/08 09:02:10 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/08 09:02:10 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/08 09:02:10 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/03/08 09:01:24 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/08 09:01:24 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/08 09:01:24 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/08 09:01:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/08 02:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Windows Server
[2010/03/08 02:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/03/08 02:18:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/08 02:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\Lan Driver
[2010/03/08 02:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010/03/08 02:17:32 | 000,101,504 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010/03/08 02:17:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010/03/08 02:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/08 02:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/03/08 02:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Windows Server
[2010/03/08 02:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/08 00:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/07 23:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Malwarebytes
[2010/03/07 23:22:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/07 23:22:00 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/07 23:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/07 23:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/07 23:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Windows Server
[2010/03/07 21:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\FTE2
[2010/03/07 21:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\RoadToRiches2
[2010/03/07 19:29:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/07 19:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2010/03/07 19:04:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2010/03/07 16:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\DogTown_at
[2010/03/07 01:47:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/06 18:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\AskToolbar
[2010/03/05 15:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\1morebee
[2010/03/05 08:43:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fiona Finch and the Finest Flowers
[2010/03/05 08:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fiona Finch and the Finest Flowers
[2010/03/05 08:27:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Yahoo
[2010/03/05 08:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/03/05 08:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Yahoo!
[2010/03/05 08:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/03/05 08:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/03/04 21:32:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/03/04 21:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/03/04 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\My Documents\Telltale Games
[2010/03/04 21:27:33 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys
[2010/03/04 21:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2010/03/04 21:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\skypePM
[2010/03/04 21:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Skype
[2010/03/04 21:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/03/04 21:18:24 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/03/04 21:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/03/04 16:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2010/03/04 16:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\Shaman Odyssey Tropic Adventure
[2010/03/03 23:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/03/03 23:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/03/03 23:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\uTorrent
[2010/03/03 23:02:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Macromedia
[2010/03/03 23:02:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Adobe
[2010/03/03 23:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\My Documents\Downloads
[2010/03/03 22:55:57 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/03/03 22:55:57 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/03/03 22:55:57 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/03/03 22:55:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/03/03 22:55:57 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/03/03 22:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/03/03 22:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/03/03 22:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Temp
[2010/03/03 22:46:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Google
[2010/03/03 22:43:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/03/03 22:42:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/03/03 22:41:45 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/03/03 22:41:45 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/03 22:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/03/03 22:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Driver
[2010/03/03 22:37:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/03/03 22:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/03 22:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\InstallShield
[2010/03/03 22:34:29 | 000,013,696 | R--- | C] (BIOSTAR Group) -- C:\WINDOWS\System32\drivers\BIOS.sys
[2010/03/03 22:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Application Data\Identities
[2010/03/03 22:32:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mingming\My Documents\My Music
[2010/03/03 22:32:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/03 22:32:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mingming\My Documents\My Pictures
[2010/03/03 22:32:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\mingming\Application Data\Microsoft
[2010/03/03 22:32:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\mingming\Cookies
[2010/03/03 22:32:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mingming\SendTo
[2010/03/03 22:32:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mingming\Recent
[2010/03/03 22:32:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mingming\Application Data
[2010/03/03 22:32:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mingming\Start Menu
[2010/03/03 22:32:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mingming\My Documents
[2010/03/03 22:32:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mingming\Favorites
[2010/03/03 22:32:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mingming\Templates
[2010/03/03 22:32:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mingming\PrintHood
[2010/03/03 22:32:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mingming\NetHood
[2010/03/03 22:32:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\mingming\Local Settings
[2010/03/03 22:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Local Settings\Application Data\Microsoft
[2010/03/03 22:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mingming\Desktop
[2010/03/03 22:31:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/03 22:31:11 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/03 22:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/03 22:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/03 22:26:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/03 22:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/03 22:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/03 22:26:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/03 22:26:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/03 22:26:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/03 22:25:54 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/03 22:25:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/03 22:25:47 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/03 22:25:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/03 22:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/03 22:25:06 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/03 22:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/03 22:25:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/03 22:25:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/03 22:24:57 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/03 22:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/03 22:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/03 22:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/03 22:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/03 22:24:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/03 22:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/03 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/03/03 22:24:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/03 22:24:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/03 22:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/03 22:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/03 22:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/03 22:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/03 22:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/03 22:23:31 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/03/03 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/03 22:23:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/03 22:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/03 22:23:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/03/03 14:17:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/03 14:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/03 14:17:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/03 14:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/03 14:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/03 14:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/03 14:17:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/03 14:17:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/03 14:17:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/03 14:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/03 14:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/03 14:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/03 14:16:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/03 14:16:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/03 14:16:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/03 14:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/03 14:16:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/03 14:11:27 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/03 14:11:27 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/03 14:11:27 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/03 14:11:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/03 14:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 14 Days ==========

[2010/03/08 11:12:13 | 000,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/08 11:12:13 | 000,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/08 11:12:13 | 000,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/08 11:07:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/08 11:07:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/08 11:07:41 | 2112,438,272 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/03/08 11:05:28 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\mingming\NTUSER.DAT
[2010/03/08 10:51:01 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1770027372-839522115-1003UA.job
[2010/03/08 10:38:07 | 004,800,090 | -H-- | M] () -- C:\Documents and Settings\mingming\Local Settings\Application Data\IconCache.db
[2010/03/08 10:10:52 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\NTREGOPT.lnk
[2010/03/08 10:10:52 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\ERUNT.lnk
[2010/03/08 10:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/08 09:49:50 | 000,892,928 | ---- | M] () -- C:\Documents and Settings\mingming\ntuser.dat.rmbak
[2010/03/08 09:44:57 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2010/03/08 09:14:31 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\Shortcut to Local Area Connection 2.lnk
[2010/03/08 09:07:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/08 09:02:46 | 000,017,982 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/08 09:00:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/08 09:00:38 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/08 09:00:38 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/08 08:34:36 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/08 08:33:56 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/08 08:33:56 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/08 08:33:42 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/08 08:33:08 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/08 07:47:23 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010/03/08 02:49:01 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/08 02:35:23 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/08 02:30:36 | 000,365,787 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2010/03/08 02:17:01 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010/03/08 02:17:01 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2010/03/07 23:22:04 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/07 22:51:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1770027372-839522115-1003Core.job
[2010/03/07 19:29:34 | 000,001,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/03/07 19:06:28 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/03/05 08:44:09 | 000,001,796 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\Fiona Finch and the Finest Flowers.lnk
[2010/03/05 08:23:24 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/04 22:56:44 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/03/04 21:32:00 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CSI - Deadly Intent.lnk
[2010/03/04 21:27:40 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\mingming\Start Menu\Programs\Startup\MagicDisc.lnk
[2010/03/04 21:27:40 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\MagicDisc.lnk
[2010/03/04 21:21:58 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/04 21:18:26 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/04 21:17:59 | 000,021,684 | ---- | M] () -- C:\Documents and Settings\mingming\My Documents\BpsGlam.docx
[2010/03/04 16:31:33 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shaman Odyssey Tropic Adventure.lnk
[2010/03/03 23:06:34 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/03/03 22:56:04 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/03/03 22:47:55 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\mingming\Desktop\Google Chrome.lnk
[2010/03/03 22:44:09 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\mingming\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/03 22:43:39 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/03 22:43:39 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/03 22:41:06 | 000,128,026 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/03 22:37:51 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\mingming\ntuser.ini
[2010/03/03 22:29:12 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/03 22:29:04 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/03 22:26:40 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/03 22:26:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/03 22:26:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/03 22:26:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/03 22:26:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/03 22:26:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/03 22:24:14 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/03 22:24:14 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

========== Files Created - No Company Name ==========

[2010/03/08 10:10:11 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\NTREGOPT.lnk
[2010/03/08 10:10:11 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\ERUNT.lnk
[2010/03/08 09:44:57 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2010/03/08 09:14:31 | 000,000,398 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\Shortcut to Local Area Connection 2.lnk
[2010/03/08 09:02:30 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/08 09:02:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/08 09:02:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/08 09:02:04 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/08 09:01:47 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/08 09:01:46 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/08 09:01:40 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/08 09:01:39 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/08 09:01:38 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/08 09:01:32 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/08 09:01:29 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/08 09:01:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/03/08 09:01:15 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/08 09:01:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/08 09:01:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/08 09:01:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/08 09:01:11 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/08 09:01:11 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/08 09:01:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/08 09:01:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/08 09:01:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/08 09:01:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/08 09:01:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/08 09:01:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/08 09:01:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/08 09:01:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/08 09:01:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/08 09:01:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/08 09:01:08 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/08 09:01:08 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/08 09:01:08 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/08 09:01:08 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/08 09:01:08 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/08 09:01:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/08 09:01:07 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/08 09:01:07 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/08 09:01:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/08 09:01:06 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/08 09:01:06 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/08 09:01:06 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/08 09:01:06 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/08 09:01:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/08 09:01:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/08 09:01:05 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/08 08:33:56 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/08 08:33:52 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/08 02:48:49 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/03/08 02:48:49 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/03/08 02:48:49 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/03/08 02:48:49 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/03/08 02:48:49 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/03/08 02:48:48 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/03/08 02:48:48 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/08 02:48:48 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/08 02:48:48 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/03/08 02:48:48 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/08 02:48:48 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/08 02:48:48 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/03/08 02:48:48 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/03/08 02:48:48 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/08 02:48:48 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/03/08 02:48:48 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/08 02:48:48 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/08 02:48:48 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/03/08 02:25:51 | 000,003,903 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010/03/08 02:17:01 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010/03/08 02:17:01 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2010/03/08 02:12:45 | 000,001,864 | R--- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2010/03/07 23:22:04 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/07 19:29:34 | 000,001,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/03/07 19:06:28 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/03/05 08:44:09 | 000,001,796 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\Fiona Finch and the Finest Flowers.lnk
[2010/03/05 08:23:24 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/03/04 21:32:00 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CSI - Deadly Intent.lnk
[2010/03/04 21:27:40 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\mingming\Start Menu\Programs\Startup\MagicDisc.lnk
[2010/03/04 21:27:40 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\MagicDisc.lnk
[2010/03/04 21:21:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/04 21:18:26 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/04 16:31:33 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shaman Odyssey Tropic Adventure.lnk
[2010/03/03 23:07:23 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/03 23:06:34 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/03/03 22:56:04 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/03/03 22:47:55 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\mingming\Desktop\Google Chrome.lnk
[2010/03/03 22:46:11 | 000,000,990 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1770027372-839522115-1003UA.job
[2010/03/03 22:46:10 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1770027372-839522115-1003Core.job
[2010/03/03 22:43:39 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/03 22:43:39 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/03 22:42:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/03/03 22:37:34 | 000,128,026 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/03 22:37:31 | 000,017,463 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/03/03 22:35:07 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010/03/03 22:32:50 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\mingming\ntuser.ini
[2010/03/03 22:32:49 | 001,048,576 | ---- | C] () -- C:\Documents and Settings\mingming\NTUSER.DAT
[2010/03/03 22:32:49 | 000,892,928 | ---- | C] () -- C:\Documents and Settings\mingming\ntuser.dat.rmbak
[2010/03/03 22:29:12 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/03 22:28:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/03 22:26:40 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/03 22:26:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/03 22:26:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/03 22:26:40 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/03 22:26:40 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/03 22:26:37 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/03 22:26:37 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/03 22:26:36 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/03 22:25:54 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/03 22:25:50 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/03 22:25:38 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/03 22:25:15 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/03 22:25:15 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/03 22:25:10 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/03 22:25:01 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/03/03 22:24:52 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/03/03 22:24:24 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/03 22:23:46 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/03 22:23:46 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/03 22:23:46 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/03 22:23:46 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/03 22:23:46 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/03 22:23:46 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/03 22:23:46 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/03 22:23:46 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/03 22:23:46 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/03 22:23:46 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/03 22:23:46 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/03 22:23:45 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/03 22:23:45 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/03 22:23:45 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/03 22:23:45 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/03 22:23:45 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/03 22:23:45 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/03 22:23:45 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/03 22:23:45 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/03 22:23:43 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/03 22:23:43 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/03 22:23:42 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/03 22:23:38 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/03 14:17:32 | 000,001,891 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/03/03 14:17:27 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/03 14:17:27 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/03 14:17:27 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/03 14:17:26 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/03 14:17:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/03 14:17:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/03 14:17:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/03 14:17:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/03 14:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/03 14:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/03 14:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/03 14:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/03 14:17:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/03 14:17:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/03 14:17:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/03 14:17:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/03 14:17:13 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/03 14:17:05 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/03 14:16:51 | 000,365,787 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2010/03/03 14:16:35 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/03 14:15:39 | 000,000,223 | -HS- | C] () -- C:\boot.ini
[2010/03/03 14:15:36 | 000,017,982 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/03 14:11:27 | 2112,438,272 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2007/07/23 17:44:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/07/23 17:44:00 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/07/23 17:44:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/07/23 17:44:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/07/23 17:44:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/08/04 04:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 04:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010/03/04 16:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2010/03/08 11:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/05 15:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mingming\Application Data\1morebee
[2010/03/08 09:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mingming\Application Data\Registry Mechanic
[2010/03/08 09:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mingming\Application Data\Uniblue
[2010/03/08 11:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mingming\Application Data\uTorrent
[2010/03/08 10:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 04:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 04:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2004/08/04 04:00:00 | 001,392,671 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/07 18:44:04 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/08 02:38:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010/03/07 18:44:04 | 010,747,904 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/07 18:44:06 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21B987C4
< End of report >

OTL EXTRAS LOG
OTL Extras logfile created on: 3/8/2010 11:12:26 AM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\mingming\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 38.78 Gb Free Space | 66.18% Space Free | Partition Type: NTFS
Drive D: | 90.45 Gb Total Space | 19.07 Gb Free Space | 21.08% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MINA
Current User Name: mingming
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7646-A70000000000}" = Adobe Reader 7.0
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"CSI - Deadly Intent" = CSI - Deadly Intent
"ERUNT_is1" = ERUNT 1.1j
"Fiona Finch and the Finest Flowers1.0" = Fiona Finch and the Finest Flowers
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIA Drivers" = NVIDIA Drivers
"Registry Mechanic_is1" = Registry Mechanic 9.0
"Shaman Odyssey Tropic Adventure" = Shaman Odyssey Tropic Adventure
"uTorrent" = µTorrent
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/5/2010 1:26:12 AM | Computer Name = MINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/5/2010 11:11:49 AM | Computer Name = MINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/5/2010 4:02:15 PM | Computer Name = MINA | Source = Application Hang | ID = 1002
Description = Hanging application CSI5.exe, version 2009.9.8.33343, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/6/2010 12:06:49 PM | Computer Name = MINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/6/2010 10:14:53 PM | Computer Name = MINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/7/2010 12:28:20 PM | Computer Name = MINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 3/8/2010 3:51:05 AM | Computer Name = MINA | Source = Google Update | ID = 20
Description =

Error - 3/8/2010 4:51:05 AM | Computer Name = MINA | Source = Google Update | ID = 20
Description =

Error - 3/8/2010 5:51:05 AM | Computer Name = MINA | Source = Google Update | ID = 20
Description =

Error - 3/8/2010 1:49:15 PM | Computer Name = MINA | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.44.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 3/8/2010 6:25:36 AM | Computer Name = MINA | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness (NLA) service depends on the AFD service
which failed to start because of the following error: %%2

Error - 3/8/2010 12:34:25 PM | Computer Name = MINA | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SENS with arguments
"" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 3/8/2010 12:34:25 PM | Computer Name = MINA | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SENS with arguments
"" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 3/8/2010 1:02:46 PM | Computer Name = MINA | Source = Setup | ID = 60055
Description = Windows Setup encountered non-fatal errors during installation. Please
check the setuperr.log found in your Windows directory for more informatio

Error - 3/8/2010 2:00:15 PM | Computer Name = MINA | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/8/2010 2:00:15 PM | Computer Name = MINA | Source = Service Control Manager | ID = 7034
Description = The PC Tools Startup and Shutdown Monitor service service terminated
unexpectedly. It has done this 1 time(s).

Error - 3/8/2010 2:00:15 PM | Computer Name = MINA | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).

Error - 3/8/2010 2:02:42 PM | Computer Name = MINA | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by -57591 seconds. The time service will not change the system time by more than
-54000 seconds. Verify that your time and time zone are correct, and that the time
source time.windows.com (ntp.m|0x1|192.168.1.2:123->207.46.232.182:123) is working
properly.

Error - 3/8/2010 3:04:16 PM | Computer Name = MINA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 3/8/2010 3:09:29 PM | Computer Name = MINA | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 89bb49d0, parameter3
89bb4b44, parameter4 805d1142.


< End of report >



silverwicce
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP