Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"System.exe" Taking Up Lots of Memory


  • Please log in to reply

#1
Kyo Yamagata

Kyo Yamagata

    New Member

  • Member
  • Pip
  • 2 posts
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-08 13:12:06
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwtdapoc.sys


---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF6DF5900]
pnidata C:\WINDOWS\system32\DRIVERS\secdrv.sys unknown last section [0xEE223F00, 0x24000, 0x48000000]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4177

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

6/8/2010 12:21:46 PM
mbam-log-2010-06-08 (12-21-46).txt

Scan type: Quick scan
Objects scanned: 124893
Time elapsed: 16 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL logfile created on: 6/8/2010 1:22:51 PM - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

759.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.42 Gb Total Space | 5.00 Gb Free Space | 27.15% Space Free | Partition Type: NTFS
Drive D: | 50.11 Gb Total Space | 34.30 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 20.23 Gb Free Space | 27.14% Space Free | Partition Type: NTFS
Drive F: | 16.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 996.19 Mb Total Space | 988.58 Mb Free Space | 99.24% Space Free | Partition Type: NTFS
Drive H: | 5.03 Gb Total Space | 3.05 Gb Free Space | 60.53% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1.91 Gb Total Space | 1.26 Gb Free Space | 66.00% Space Free | Partition Type: FAT32

Computer Name: LEOPOGI
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/05/22 07:08:24 | 000,307,672 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/09 00:04:40 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2010/05/09 00:04:36 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/05/09 00:04:31 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2010/03/06 08:40:53 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2010/03/06 08:40:52 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/06/19 10:29:16 | 000,960,568 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2009/06/19 10:23:52 | 000,377,248 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/06/19 10:23:48 | 000,618,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/06/19 10:04:10 | 004,355,512 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007/10/12 10:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2005/11/26 17:13:40 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\Notepad2.EXE
PRC - [2005/10/15 17:07:16 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/15 01:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/09/24 04:41:54 | 000,860,160 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2002/09/21 06:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2005/10/16 21:55:06 | 001,053,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll
MOD - [2004/08/04 07:31:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/09 00:04:31 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/03/06 08:40:52 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2010/02/19 14:06:00 | 003,438,068 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/06/19 10:23:48 | 000,618,944 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2002/09/21 06:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2010/03/06 09:04:07 | 000,902,592 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm228.sys -- (tdrpman228) Acronis Try&Decide and Restore Points filter (build 228)
DRV - [2010/03/06 09:04:04 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/03/06 09:04:04 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/03/06 09:03:54 | 000,138,208 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/03/06 08:41:03 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/03/06 08:40:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/06 08:40:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/10/08 05:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/01/14 18:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2006/07/04 17:17:52 | 000,053,921 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hid7906.sys -- (hid7906)
DRV - [2005/04/02 00:25:00 | 000,230,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/03/02 04:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/12/31 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/09/15 04:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie_rsearch.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\..\URLSearchHook: *{00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Qbyrd"
FF - prefs.js..browser.search.defaultenginename: "Qbyrd"
FF - prefs.js..browser.search.order.1: "Qbyrd"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Qbyrd"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..keyword.URL: "http://websearch.qby...=YYYYYYQ2PH&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010/05/09 00:06:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVG\AVG8\Toolbar\Firefox\[email protected] [2010/05/21 21:03:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/05/23 07:15:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/05/22 07:08:41 | 000,000,000 | ---D | M]

[2010/05/09 06:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/07 22:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions
[2010/05/22 10:03:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/25 23:26:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/21 12:33:44 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/05/27 13:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\[email protected]
[2010/06/01 13:58:01 | 000,008,819 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\searchplugins\qbyrd.xml

O1 HOSTS File: ([2001/08/24 01:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - Startup: C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1274126443093 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1274126402718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.78.97.41 210.4.2.61
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/06 08:01:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/16 10:41:42 | 000,000,000 | R--D | M] - F:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2006/10/27 14:22:12 | 002,351,104 | R--- | M] () - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/10/27 14:22:12 | 000,000,029 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/03/05 23:44:18 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16620634377289728)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/08 12:53:39 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/08 12:48:36 | 000,000,000 | ---D | C] -- C:\Program Files\6-8-2010
[2010/06/08 12:44:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/08 11:28:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/08 11:28:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/08 11:20:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/06/07 17:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Plans
[2010/06/07 09:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\3D Live Pool PC Game Setup
[2010/06/05 19:57:36 | 003,438,068 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des
[2010/06/05 19:56:17 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2010/06/05 19:56:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/06/02 11:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Simple-Orange
[2010/06/01 13:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/06/01 13:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/06/01 13:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/01 12:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ManyCam
[2010/05/31 09:33:33 | 000,053,921 | ---- | C] (Compuware Corporation) -- C:\WINDOWS\System32\drivers\hid7906.sys
[2010/05/31 09:33:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\USB Vibration
[2010/05/31 09:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\USB Vibration
[2010/05/30 10:13:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/05/30 04:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Output
[2010/05/30 04:11:09 | 000,000,000 | ---D | C] -- C:\ImageOutput
[2010/05/28 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/05/28 18:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2010/05/27 11:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files
[2010/05/27 11:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/05/27 11:13:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/05/25 23:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Yahoo
[2010/05/25 23:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2010/05/25 23:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/05/25 23:23:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/05/25 23:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/05/25 11:35:23 | 000,000,000 | ---D | C] -- C:\Screen Recordings
[2010/05/23 15:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities
[2010/05/23 15:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2010/05/23 12:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\RenPy
[2010/05/23 10:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/05/23 10:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/22 10:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010/05/22 10:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010/05/22 10:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010/05/22 10:12:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\gegl-0.0
[2010/05/19 00:14:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/05/19 00:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/05/19 00:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/05/19 00:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/05/18 04:06:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/05/18 04:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/05/18 03:38:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/05/18 02:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Brother
[2010/05/17 07:13:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2010/05/17 07:12:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010/05/17 07:10:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2010/05/17 07:10:14 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/05/17 07:10:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2010/05/17 07:09:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/05/17 06:45:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/17 06:45:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/05/17 06:43:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/17 06:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/05/17 06:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/05/17 06:06:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/05/17 04:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/05/16 09:46:50 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start
[2010/05/12 06:59:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/10 13:25:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/05/10 13:18:03 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/10 08:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My PaperPort Documents
[2010/05/10 08:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2010/05/09 21:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2010/05/09 06:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
[2010/05/09 03:02:10 | 000,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010/05/08 22:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Scansoft
[2010/05/08 07:57:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/05/08 07:57:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2010/05/08 07:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/05/08 06:09:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2010/05/08 05:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/05/08 05:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/05/08 05:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2010/05/08 05:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010/05/08 05:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/05/08 05:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/05/08 05:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/05/08 05:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/08 05:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/08 13:27:27 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job
[2010/06/08 13:16:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/08 13:16:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/08 12:41:52 | 002,621,440 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/08 12:41:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/08 12:38:17 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk
[2010/06/08 12:38:07 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\NTREGOPT.lnk
[2010/06/08 12:38:07 | 000,000,498 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ERUNT.lnk
[2010/06/08 11:28:31 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/08 11:21:00 | 003,735,868 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/08 11:16:56 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/08 10:55:50 | 000,029,110 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\9606-490q_super.jpg
[2010/06/08 10:38:26 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/08 10:38:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/08 10:38:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/06/08 09:32:37 | 060,811,867 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/08 01:51:24 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Frozen Throne.lnk
[2010/06/07 09:23:08 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\3D Live Pool.lnk
[2010/06/07 04:54:21 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Weapons of War.lnk
[2010/06/07 00:32:53 | 000,155,051 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Hachune.jpg
[2010/06/06 13:00:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/06 04:02:54 | 000,331,657 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/04 10:29:46 | 000,015,752 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\chibi-tomoya.jpg
[2010/06/03 15:58:13 | 000,181,158 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Lasagna.jpg
[2010/06/02 12:50:41 | 000,079,835 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Poster.jpg
[2010/06/02 12:38:48 | 000,003,031 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_site_title_bar_bg.jpg
[2010/06/02 12:19:24 | 000,004,940 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_menu_bar_bg.jpg
[2010/06/01 12:43:23 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ManyCam 2.4.lnk
[2010/06/01 05:58:54 | 000,080,274 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\31379_131605773521196_100000153229642_386103_4431211_n.jpg
[2010/06/01 05:39:29 | 000,511,323 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\toy-con.jpg
[2010/05/30 08:34:49 | 000,129,857 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\2.jpg
[2010/05/30 05:01:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Flash.lnk
[2010/05/30 04:11:10 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Easy Graphic Converter 1.2.lnk
[2010/05/28 19:48:33 | 000,051,664 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi.JPG
[2010/05/28 19:46:46 | 000,064,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa.JPG
[2010/05/28 19:45:17 | 000,048,095 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sunohara.JPG
[2010/05/28 19:43:27 | 000,050,265 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-Date.JPG
[2010/05/28 19:39:14 | 000,041,545 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-Storage.JPG
[2010/05/28 19:34:55 | 000,054,060 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-Kiss.JPG
[2010/05/28 19:29:45 | 000,065,183 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-Kiss.JPG
[2010/05/28 19:25:13 | 000,017,341 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Click-Dango.JPG
[2010/05/28 19:23:02 | 000,025,338 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Day-1.JPG
[2010/05/28 19:22:34 | 000,020,171 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\First-Conv.JPG
[2010/05/28 19:21:56 | 000,039,052 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Char-Screen.JPG
[2010/05/28 19:21:14 | 000,059,667 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Game-Menu.JPG
[2010/05/28 19:18:12 | 000,069,886 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\no-picture yet.JPG
[2010/05/28 19:15:32 | 000,006,592 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\6.jpg
[2010/05/28 19:15:26 | 000,007,530 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\t55.jpg
[2010/05/28 19:11:31 | 000,055,539 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\4th.jpg
[2010/05/28 19:08:16 | 000,048,876 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\3rd.jpg
[2010/05/28 19:08:09 | 000,019,982 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\2nd.jpg
[2010/05/28 19:03:40 | 000,027,065 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\First Photo.jpg
[2010/05/28 05:07:23 | 000,056,254 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\spotlogo.jpg
[2010/05/27 11:11:32 | 000,489,604 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Sim-Date-RPG.png
[2010/05/27 10:36:37 | 043,130,880 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-New-Intro.avi
[2010/05/27 10:19:52 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Free Screen Recorder.lnk
[2010/05/27 06:02:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/25 23:25:14 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/05/23 18:41:15 | 000,114,243 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-2.jpg
[2010/05/23 18:41:11 | 000,103,871 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-1.jpg
[2010/05/23 15:07:12 | 000,122,162 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Dunno-3.jpg
[2010/05/23 15:06:57 | 000,150,119 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-1.jpg
[2010/05/23 15:06:32 | 000,103,416 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\[bleep].jpg
[2010/05/23 15:06:16 | 000,092,222 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sakit-sakitan.jpg
[2010/05/23 15:05:59 | 000,036,278 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Death=.jpg
[2010/05/23 15:05:56 | 000,159,799 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Mei c=3.jpg
[2010/05/23 15:05:50 | 000,120,625 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Misae.jpg
[2010/05/23 15:05:40 | 000,131,326 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nanay c=3.jpg
[2010/05/23 15:05:35 | 000,136,990 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tatay.jpg
[2010/05/23 15:04:49 | 000,092,912 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sunoobhara.jpg
[2010/05/23 15:04:07 | 000,145,152 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-2.jpg
[2010/05/23 15:04:02 | 000,112,718 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-1.jpg
[2010/05/23 15:03:58 | 000,084,504 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi-1.jpg
[2010/05/23 15:03:51 | 000,163,199 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-1.jpg
[2010/05/23 15:03:41 | 000,029,606 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-End.jpg
[2010/05/23 15:00:12 | 000,176,516 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-1.jpg
[2010/05/23 12:00:46 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RE Alistair++.lnk
[2010/05/23 10:52:51 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Malwarebytes' Anti-Malware.lnk
[2010/05/23 10:14:00 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/23 05:50:01 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\PAG.doc
[2010/05/21 23:22:07 | 000,484,336 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/21 23:22:07 | 000,430,176 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/21 23:22:07 | 000,066,246 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/21 14:09:38 | 000,065,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/21 12:51:59 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/19 09:40:31 | 001,039,850 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\K_on2.png
[2010/05/19 09:38:18 | 000,097,281 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1121.jpg
[2010/05/19 00:43:50 | 000,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/18 02:49:38 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\palabok.doc
[2010/05/18 02:03:37 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Pancit Luglog.doc
[2010/05/18 02:00:05 | 000,004,269 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\pansit malabon.rtf
[2010/05/18 01:15:23 | 000,214,671 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Miku_InVitroVoicePV.jpg
[2010/05/17 20:19:44 | 000,056,223 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Imba Farmville.jpg
[2010/05/17 07:05:31 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/17 07:05:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/17 07:00:20 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\bridf08b.dat
[2010/05/17 06:00:17 | 000,009,826 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20100517_0600.reg
[2010/05/17 05:02:41 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Brother DCP-165C Printer.lnk
[2010/05/15 00:22:14 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 3 Twilight- noel.bmp
[2010/05/14 21:11:44 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 2 Twilight - noel.bmp
[2010/05/14 19:32:15 | 000,085,783 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\DOUBLE TROUBLE.JPG
[2010/05/14 19:10:34 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/05/14 19:10:34 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/05/14 19:10:34 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/05/14 02:12:24 | 000,007,855 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\hikariairien.gif
[2010/05/13 22:42:23 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\What the....bmp
[2010/05/13 08:42:52 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 1 Twilight- noel.bmp
[2010/05/12 09:27:27 | 000,000,319 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\My Documents.lnk
[2010/05/12 08:39:07 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\KAIBIGAN.doc
[2010/05/12 08:08:35 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30004.mdi
[2010/05/12 08:06:48 | 000,037,744 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document3000300010001.mdi
[2010/05/12 08:06:32 | 000,035,768 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document300030001.mdi
[2010/05/12 08:06:20 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30003.mdi
[2010/05/12 08:05:05 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30002.mdi
[2010/05/12 07:34:18 | 000,030,662 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30001.mdi
[2010/05/12 07:27:49 | 000,031,168 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document3.mdi
[2010/05/11 00:06:54 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Garena.lnk
[2010/05/10 23:08:31 | 000,280,505 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1280x1024.exe
[2010/05/10 23:08:18 | 000,280,501 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1024x768.exe
[2010/05/10 00:36:54 | 000,001,951 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\14632_1195639572720_1280387839_30706585_2310597_n.jpg
[2010/05/08 07:56:38 | 023,965,696 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Y-tube.avi
[2010/05/08 07:17:56 | 004,700,401 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad After Story Op (Full).mp3
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/08 12:38:17 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk
[2010/06/08 12:38:07 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\NTREGOPT.lnk
[2010/06/08 12:38:07 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ERUNT.lnk
[2010/06/08 11:28:31 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/08 10:55:49 | 000,029,110 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\9606-490q_super.jpg
[2010/06/08 01:51:37 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Frozen Throne.lnk
[2010/06/07 09:23:07 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\3D Live Pool.lnk
[2010/06/07 00:32:46 | 000,155,051 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Hachune.jpg
[2010/06/06 04:02:54 | 000,331,657 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/05 19:56:17 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2010/06/04 10:29:45 | 000,015,752 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\chibi-tomoya.jpg
[2010/06/03 15:53:13 | 000,181,158 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Lasagna.jpg
[2010/06/02 12:50:41 | 000,079,835 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Poster.jpg
[2010/06/02 12:38:47 | 000,003,031 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_site_title_bar_bg.jpg
[2010/06/02 12:19:22 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_menu_bar_bg.jpg
[2010/06/01 12:43:23 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ManyCam 2.4.lnk
[2010/06/01 05:58:53 | 000,080,274 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\31379_131605773521196_100000153229642_386103_4431211_n.jpg
[2010/06/01 05:39:20 | 000,511,323 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\toy-con.jpg
[2010/05/30 08:34:42 | 000,129,857 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\2.jpg
[2010/05/30 05:01:50 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Flash.lnk
[2010/05/30 04:11:10 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Easy Graphic Converter 1.2.lnk
[2010/05/28 19:48:33 | 000,051,664 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi.JPG
[2010/05/28 19:46:46 | 000,064,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa.JPG
[2010/05/28 19:45:17 | 000,048,095 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sunohara.JPG
[2010/05/28 19:43:27 | 000,050,265 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-Date.JPG
[2010/05/28 19:39:14 | 000,041,545 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-Storage.JPG
[2010/05/28 19:34:55 | 000,054,060 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-Kiss.JPG
[2010/05/28 19:29:45 | 000,065,183 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-Kiss.JPG
[2010/05/28 19:25:13 | 000,017,341 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Click-Dango.JPG
[2010/05/28 19:23:02 | 000,025,338 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Day-1.JPG
[2010/05/28 19:22:34 | 000,020,171 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\First-Conv.JPG
[2010/05/28 19:21:56 | 000,039,052 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Char-Screen.JPG
[2010/05/28 19:21:14 | 000,059,667 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Game-Menu.JPG
[2010/05/28 19:17:59 | 000,069,886 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\no-picture yet.JPG
[2010/05/28 19:15:31 | 000,006,592 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\6.jpg
[2010/05/28 19:15:26 | 000,007,530 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\t55.jpg
[2010/05/28 19:11:31 | 000,055,539 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\4th.jpg
[2010/05/28 19:08:16 | 000,048,876 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\3rd.jpg
[2010/05/28 19:08:09 | 000,019,982 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\2nd.jpg
[2010/05/28 19:03:38 | 000,027,065 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\First Photo.jpg
[2010/05/28 05:07:19 | 000,056,254 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\spotlogo.jpg
[2010/05/27 11:11:30 | 000,489,604 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Sim-Date-RPG.png
[2010/05/27 10:36:49 | 043,130,880 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-New-Intro.avi
[2010/05/27 10:19:52 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Free Screen Recorder.lnk
[2010/05/26 08:00:57 | 000,280,501 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1024x768.exe
[2010/05/26 07:53:32 | 000,280,505 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1280x1024.exe
[2010/05/25 23:25:14 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/05/23 18:41:15 | 000,114,243 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-2.jpg
[2010/05/23 18:41:09 | 000,103,871 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-1.jpg
[2010/05/23 15:07:12 | 000,122,162 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Dunno-3.jpg
[2010/05/23 15:06:31 | 000,103,416 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\[bleep].jpg
[2010/05/23 15:06:15 | 000,092,222 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sakit-sakitan.jpg
[2010/05/23 15:05:59 | 000,036,278 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Death=.jpg
[2010/05/23 15:05:55 | 000,159,799 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Mei c=3.jpg
[2010/05/23 15:05:49 | 000,120,625 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Misae.jpg
[2010/05/23 15:05:39 | 000,131,326 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nanay c=3.jpg
[2010/05/23 15:05:34 | 000,136,990 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tatay.jpg
[2010/05/23 15:04:49 | 000,092,912 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sunoobhara.jpg
[2010/05/23 15:04:33 | 000,150,119 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-1.jpg
[2010/05/23 15:04:06 | 000,145,152 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-2.jpg
[2010/05/23 15:04:01 | 000,112,718 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-1.jpg
[2010/05/23 15:03:57 | 000,084,504 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi-1.jpg
[2010/05/23 15:03:51 | 000,163,199 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-1.jpg
[2010/05/23 15:03:41 | 000,029,606 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-End.jpg
[2010/05/23 15:00:11 | 000,176,516 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-1.jpg
[2010/05/23 12:00:46 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RE Alistair++.lnk
[2010/05/23 10:52:51 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Malwarebytes' Anti-Malware.lnk
[2010/05/23 10:14:00 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/23 05:19:49 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\PAG.doc
[2010/05/21 12:51:59 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/19 09:40:31 | 001,039,850 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\K_on2.png
[2010/05/19 09:38:14 | 000,097,281 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1121.jpg
[2010/05/18 02:49:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\palabok.doc
[2010/05/18 02:09:30 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/18 02:09:30 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/18 02:03:36 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Pancit Luglog.doc
[2010/05/18 02:00:05 | 000,004,269 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\pansit malabon.rtf
[2010/05/18 01:15:20 | 000,214,671 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Miku_InVitroVoicePV.jpg
[2010/05/17 20:19:43 | 000,056,223 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Imba Farmville.jpg
[2010/05/17 07:13:03 | 000,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job
[2010/05/17 06:00:12 | 000,009,826 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20100517_0600.reg
[2010/05/17 05:02:41 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Brother DCP-165C Printer.lnk
[2010/05/17 04:47:06 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/05/14 22:15:20 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 3 Twilight- noel.bmp
[2010/05/14 19:32:15 | 000,085,783 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\DOUBLE TROUBLE.JPG
[2010/05/14 02:14:42 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/14 02:12:23 | 000,007,855 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\hikariairien.gif
[2010/05/13 22:42:22 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\What the....bmp
[2010/05/13 10:44:23 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 2 Twilight - noel.bmp
[2010/05/12 09:27:26 | 000,000,319 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\My Documents.lnk
[2010/05/12 08:31:36 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\KAIBIGAN.doc
[2010/05/12 08:08:33 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30004.mdi
[2010/05/12 08:06:47 | 000,037,744 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document3000300010001.mdi
[2010/05/12 08:06:32 | 000,035,768 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document300030001.mdi
[2010/05/12 08:06:20 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30003.mdi
[2010/05/12 08:05:04 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30002.mdi
[2010/05/12 07:34:18 | 000,030,662 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30001.mdi
[2010/05/12 07:27:47 | 000,031,168 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document3.mdi
[2010/05/11 00:06:57 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Garena.lnk
[2010/05/09 21:52:05 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\IntegerManager.dll
[2010/05/09 21:52:00 | 000,446,464 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\TEvE Item Codegen.exe
[2010/05/09 07:34:55 | 000,001,951 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\14632_1195639572720_1280387839_30706585_2310597_n.jpg
[2010/05/08 19:24:01 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 1 Twilight- noel.bmp
[2010/05/08 07:37:36 | 023,965,696 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Y-tube.avi
[2010/05/08 07:14:46 | 004,700,401 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad After Story Op (Full).mp3
[2010/05/08 05:59:42 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2010/05/08 05:58:14 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/03/06 09:30:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/08 05:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/10/08 05:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/10/08 05:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/10/08 05:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/08 05:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/01 21:26:21 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/22 15:49:22 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/24 01:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll

========== LOP Check ==========

[2010/05/17 07:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acronis
[2010/06/06 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
[2010/06/04 11:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010/06/01 12:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ManyCam
[2010/05/23 12:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RenPy
[2010/05/10 08:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2010/03/06 09:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/05/17 07:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/05/08 05:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/06/08 13:27:27 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/03/06 08:01:25 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/08 10:38:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/06 08:01:25 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/06 08:01:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/06 08:01:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:08:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 07:29:34 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/06/08 13:15:45 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/05 23:46:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/05 23:46:22 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/05 23:46:22 | 000,868,352 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2005/10/14 05:36:14 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1800F293BCCC8EDE8A70E12B88D80036 -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2004/08/04 09:26:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll
< End of report >


OTL Extras logfile created on: 6/8/2010 1:22:51 PM - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

759.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.42 Gb Total Space | 5.00 Gb Free Space | 27.15% Space Free | Partition Type: NTFS
Drive D: | 50.11 Gb Total Space | 34.30 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 20.23 Gb Free Space | 27.14% Space Free | Partition Type: NTFS
Drive F: | 16.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 996.19 Mb Total Space | 988.58 Mb Free Space | 99.24% Space Free | Partition Type: NTFS
Drive H: | 5.03 Gb Total Space | 3.05 Gb Free Space | 60.53% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1.91 Gb Total Space | 1.26 Gb Free Space | 66.00% Space Free | Partition Type: FAT32

Computer Name: LEOPOGI
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
batfile [open] -- "%1" %*
cmdfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
inffile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
inifile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
jsfile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
jsefile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
vbefile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
vbsfile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
wsffile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{36177F72-8181-45D7-95D1-EA5B008A4DC9}" = Macro Vibration Joystick
"{48530DE6-19F9-489D-809E-AFAA8AACC6DF}" = SplitMediaLabs VH Screen Capture Driver (x86)
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{BBD9FAD7-F782-4548-B00F-E612322950F6}" = GameClub Launcher (Remove only)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis True Image Home
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Attribute Changer" = Attribute Changer 5.23
"AVG8Uninstall" = AVG Free 8.5
"Easy Graphic Converter 1.2_is1" = Easy Graphic Converter 1.2
"Easy Graphic Converter_is1" = Easy Graphic Converter 3.0
"ERUNT_is1" = ERUNT 1.1j
"Free Download Manager_is1" = Free Download Manager 2.1
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.3
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mozilla Thunderbird (1.5)" = Mozilla Thunderbird (1.5)
"NVIDIA Drivers" = NVIDIA Drivers
"RE: Alistair++" = RE: Alistair++ 1
"RealAlt_is1" = Real Alternative 1.45
"RegShot" = RegShot 1.7
"TaskSwitchXP" = TaskSwitchXP
"WIC" = Windows Imaging Component
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR archiver
"WOW" = Weapons of War(Remove only)
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/12/2010 9:36:37 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module shlwapi.dll, version 6.0.2900.2753, fault address 0x00009534.

Error - 5/12/2010 9:39:57 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module shlwapi.dll, version 6.0.2900.2753, fault address 0x00009534.

Error - 5/12/2010 8:40:48 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 5/14/2010 12:19:23 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module wintrust.dll, version 5.131.2600.2180, fault address 0x00003d9f.

Error - 5/14/2010 12:24:16 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application notepad2.exe, version 1.0.12.0, faulting module
notepad2.exe, version 1.0.12.0, fault address 0x00050c4c.

Error - 5/17/2010 12:03:27 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application avgcsrvx.exe, version 8.5.0.401, faulting module
avgcorex.dll, version 8.5.0.437, fault address 0x000371af.

Error - 5/21/2010 2:10:47 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application flash.exe, version 9.0.0.494, faulting module
unknown, version 0.0.0.0, fault address 0x00000001.

[ System Events ]
Error - 6/8/2010 1:30:10 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:12 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:14 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:16 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:37 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:39 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:41 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:43 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:45 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 6/8/2010 1:30:47 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP