Rootkit scan 2010-06-08 13:12:06
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwtdapoc.sys
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF6DF5900]
pnidata C:\WINDOWS\system32\DRIVERS\secdrv.sys unknown last section [0xEE223F00, 0x24000, 0x48000000]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat tdrpm228.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4177
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
6/8/2010 12:21:46 PM
mbam-log-2010-06-08 (12-21-46).txt
Scan type: Quick scan
Objects scanned: 124893
Time elapsed: 16 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 6/8/2010 1:22:51 PM - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
759.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.42 Gb Total Space | 5.00 Gb Free Space | 27.15% Space Free | Partition Type: NTFS
Drive D: | 50.11 Gb Total Space | 34.30 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 20.23 Gb Free Space | 27.14% Space Free | Partition Type: NTFS
Drive F: | 16.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 996.19 Mb Total Space | 988.58 Mb Free Space | 99.24% Space Free | Partition Type: NTFS
Drive H: | 5.03 Gb Total Space | 3.05 Gb Free Space | 60.53% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1.91 Gb Total Space | 1.26 Gb Free Space | 66.00% Space Free | Partition Type: FAT32
Computer Name: LEOPOGI
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/05/22 07:08:24 | 000,307,672 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/09 00:04:40 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2010/05/09 00:04:36 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/05/09 00:04:31 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2010/03/06 08:40:53 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2010/03/06 08:40:52 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/06/19 10:29:16 | 000,960,568 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2009/06/19 10:23:52 | 000,377,248 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/06/19 10:23:48 | 000,618,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/06/19 10:04:10 | 004,355,512 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007/10/12 10:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2005/11/26 17:13:40 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\Notepad2.EXE
PRC - [2005/10/15 17:07:16 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/15 01:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/09/24 04:41:54 | 000,860,160 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2002/09/21 06:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (SafeList) ==========
MOD - [2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2005/10/16 21:55:06 | 001,053,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll
MOD - [2004/08/04 07:31:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/05/09 00:04:31 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/03/06 08:40:52 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2010/02/19 14:06:00 | 003,438,068 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/06/19 10:23:48 | 000,618,944 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2002/09/21 06:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - [2010/03/06 09:04:07 | 000,902,592 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm228.sys -- (tdrpman228) Acronis Try&Decide and Restore Points filter (build 228)
DRV - [2010/03/06 09:04:04 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/03/06 09:04:04 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/03/06 09:03:54 | 000,138,208 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/03/06 08:41:03 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/03/06 08:40:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/06 08:40:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/10/08 05:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/01/14 18:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2006/07/04 17:17:52 | 000,053,921 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hid7906.sys -- (hid7906)
DRV - [2005/04/02 00:25:00 | 000,230,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/03/02 04:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/12/31 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/09/15 04:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie_rsearch.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\..\URLSearchHook: *{00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Qbyrd"
FF - prefs.js..browser.search.defaultenginename: "Qbyrd"
FF - prefs.js..browser.search.order.1: "Qbyrd"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Qbyrd"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..keyword.URL: "http://websearch.qby...=YYYYYYQ2PH&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010/05/09 00:06:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010/05/21 21:03:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/05/23 07:15:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/05/22 07:08:41 | 000,000,000 | ---D | M]
[2010/05/09 06:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/07 22:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions
[2010/05/22 10:03:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/25 23:26:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/21 12:33:44 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/05/27 13:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\extensions\[email protected]
[2010/06/01 13:58:01 | 000,008,819 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p6mh8mw2.default\searchplugins\qbyrd.xml
O1 HOSTS File: ([2001/08/24 01:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - Startup: C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1274126443093 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1274126402718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.78.97.41 210.4.2.61
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/06 08:01:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/16 10:41:42 | 000,000,000 | R--D | M] - F:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2006/10/27 14:22:12 | 002,351,104 | R--- | M] () - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/10/27 14:22:12 | 000,000,029 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/03/05 23:44:18 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16620634377289728)
========== Files/Folders - Created Within 90 Days ==========
[2010/06/08 12:53:39 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/08 12:48:36 | 000,000,000 | ---D | C] -- C:\Program Files\6-8-2010
[2010/06/08 12:44:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/08 11:28:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/08 11:28:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/08 11:20:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/06/07 17:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Plans
[2010/06/07 09:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\3D Live Pool PC Game Setup
[2010/06/05 19:57:36 | 003,438,068 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des
[2010/06/05 19:56:17 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2010/06/05 19:56:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/06/02 11:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Simple-Orange
[2010/06/01 13:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/06/01 13:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/06/01 13:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/01 12:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ManyCam
[2010/05/31 09:33:33 | 000,053,921 | ---- | C] (Compuware Corporation) -- C:\WINDOWS\System32\drivers\hid7906.sys
[2010/05/31 09:33:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\USB Vibration
[2010/05/31 09:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\USB Vibration
[2010/05/30 10:13:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/05/30 04:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Output
[2010/05/30 04:11:09 | 000,000,000 | ---D | C] -- C:\ImageOutput
[2010/05/28 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/05/28 18:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2010/05/27 11:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files
[2010/05/27 11:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/05/27 11:13:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/05/25 23:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Yahoo
[2010/05/25 23:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2010/05/25 23:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/05/25 23:23:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/05/25 23:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/05/25 11:35:23 | 000,000,000 | ---D | C] -- C:\Screen Recordings
[2010/05/23 15:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities
[2010/05/23 15:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2010/05/23 12:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\RenPy
[2010/05/23 10:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/05/23 10:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/22 10:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010/05/22 10:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010/05/22 10:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010/05/22 10:12:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\gegl-0.0
[2010/05/19 00:14:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/05/19 00:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/05/19 00:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/05/19 00:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/05/18 04:06:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/05/18 04:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/05/18 03:38:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/05/18 02:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Brother
[2010/05/17 07:13:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2010/05/17 07:12:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010/05/17 07:10:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2010/05/17 07:10:14 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/05/17 07:10:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2010/05/17 07:09:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/05/17 06:45:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/17 06:45:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/05/17 06:43:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/17 06:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/05/17 06:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/05/17 06:06:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/05/17 04:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/05/16 09:46:50 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start
[2010/05/12 06:59:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/10 13:25:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/05/10 13:18:03 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/10 08:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My PaperPort Documents
[2010/05/10 08:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2010/05/09 21:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2010/05/09 06:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
[2010/05/09 03:02:10 | 000,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010/05/08 22:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Scansoft
[2010/05/08 07:57:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/05/08 07:57:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2010/05/08 07:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/05/08 06:09:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2010/05/08 05:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/05/08 05:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/05/08 05:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2010/05/08 05:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010/05/08 05:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/05/08 05:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/05/08 05:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/05/08 05:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/08 05:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/06/08 13:27:27 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job
[2010/06/08 13:16:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/08 13:16:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/08 12:52:59 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/08 12:41:52 | 002,621,440 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/08 12:41:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/08 12:38:17 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk
[2010/06/08 12:38:07 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\NTREGOPT.lnk
[2010/06/08 12:38:07 | 000,000,498 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ERUNT.lnk
[2010/06/08 11:28:31 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/08 11:21:00 | 003,735,868 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/08 11:16:56 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/08 10:55:50 | 000,029,110 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\9606-490q_super.jpg
[2010/06/08 10:38:26 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/08 10:38:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/08 10:38:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/06/08 09:32:37 | 060,811,867 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/08 01:51:24 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Frozen Throne.lnk
[2010/06/07 09:23:08 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\3D Live Pool.lnk
[2010/06/07 04:54:21 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Weapons of War.lnk
[2010/06/07 00:32:53 | 000,155,051 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Hachune.jpg
[2010/06/06 13:00:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/06 04:02:54 | 000,331,657 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/04 10:29:46 | 000,015,752 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\chibi-tomoya.jpg
[2010/06/03 15:58:13 | 000,181,158 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Lasagna.jpg
[2010/06/02 12:50:41 | 000,079,835 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Poster.jpg
[2010/06/02 12:38:48 | 000,003,031 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_site_title_bar_bg.jpg
[2010/06/02 12:19:24 | 000,004,940 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_menu_bar_bg.jpg
[2010/06/01 12:43:23 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ManyCam 2.4.lnk
[2010/06/01 05:58:54 | 000,080,274 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\31379_131605773521196_100000153229642_386103_4431211_n.jpg
[2010/06/01 05:39:29 | 000,511,323 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\toy-con.jpg
[2010/05/30 08:34:49 | 000,129,857 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\2.jpg
[2010/05/30 05:01:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Flash.lnk
[2010/05/30 04:11:10 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Easy Graphic Converter 1.2.lnk
[2010/05/28 19:48:33 | 000,051,664 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi.JPG
[2010/05/28 19:46:46 | 000,064,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa.JPG
[2010/05/28 19:45:17 | 000,048,095 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sunohara.JPG
[2010/05/28 19:43:27 | 000,050,265 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-Date.JPG
[2010/05/28 19:39:14 | 000,041,545 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-Storage.JPG
[2010/05/28 19:34:55 | 000,054,060 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-Kiss.JPG
[2010/05/28 19:29:45 | 000,065,183 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-Kiss.JPG
[2010/05/28 19:25:13 | 000,017,341 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Click-Dango.JPG
[2010/05/28 19:23:02 | 000,025,338 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Day-1.JPG
[2010/05/28 19:22:34 | 000,020,171 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\First-Conv.JPG
[2010/05/28 19:21:56 | 000,039,052 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Char-Screen.JPG
[2010/05/28 19:21:14 | 000,059,667 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Game-Menu.JPG
[2010/05/28 19:18:12 | 000,069,886 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\no-picture yet.JPG
[2010/05/28 19:15:32 | 000,006,592 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\6.jpg
[2010/05/28 19:15:26 | 000,007,530 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\t55.jpg
[2010/05/28 19:11:31 | 000,055,539 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\4th.jpg
[2010/05/28 19:08:16 | 000,048,876 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\3rd.jpg
[2010/05/28 19:08:09 | 000,019,982 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\2nd.jpg
[2010/05/28 19:03:40 | 000,027,065 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\First Photo.jpg
[2010/05/28 05:07:23 | 000,056,254 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\spotlogo.jpg
[2010/05/27 11:11:32 | 000,489,604 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Sim-Date-RPG.png
[2010/05/27 10:36:37 | 043,130,880 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-New-Intro.avi
[2010/05/27 10:19:52 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Free Screen Recorder.lnk
[2010/05/27 06:02:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/25 23:25:14 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/05/23 18:41:15 | 000,114,243 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-2.jpg
[2010/05/23 18:41:11 | 000,103,871 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-1.jpg
[2010/05/23 15:07:12 | 000,122,162 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Dunno-3.jpg
[2010/05/23 15:06:57 | 000,150,119 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-1.jpg
[2010/05/23 15:06:32 | 000,103,416 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\[bleep].jpg
[2010/05/23 15:06:16 | 000,092,222 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sakit-sakitan.jpg
[2010/05/23 15:05:59 | 000,036,278 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Death=.jpg
[2010/05/23 15:05:56 | 000,159,799 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Mei c=3.jpg
[2010/05/23 15:05:50 | 000,120,625 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Misae.jpg
[2010/05/23 15:05:40 | 000,131,326 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nanay c=3.jpg
[2010/05/23 15:05:35 | 000,136,990 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Tatay.jpg
[2010/05/23 15:04:49 | 000,092,912 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Sunoobhara.jpg
[2010/05/23 15:04:07 | 000,145,152 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-2.jpg
[2010/05/23 15:04:02 | 000,112,718 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-1.jpg
[2010/05/23 15:03:58 | 000,084,504 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi-1.jpg
[2010/05/23 15:03:51 | 000,163,199 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-1.jpg
[2010/05/23 15:03:41 | 000,029,606 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-End.jpg
[2010/05/23 15:00:12 | 000,176,516 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-1.jpg
[2010/05/23 12:00:46 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RE Alistair++.lnk
[2010/05/23 10:52:51 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Malwarebytes' Anti-Malware.lnk
[2010/05/23 10:14:00 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/23 05:50:01 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\PAG.doc
[2010/05/21 23:22:07 | 000,484,336 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/21 23:22:07 | 000,430,176 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/21 23:22:07 | 000,066,246 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/21 14:09:38 | 000,065,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/21 12:51:59 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/19 09:40:31 | 001,039,850 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\K_on2.png
[2010/05/19 09:38:18 | 000,097,281 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1121.jpg
[2010/05/19 00:43:50 | 000,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/18 02:49:38 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\palabok.doc
[2010/05/18 02:03:37 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Pancit Luglog.doc
[2010/05/18 02:00:05 | 000,004,269 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\pansit malabon.rtf
[2010/05/18 01:15:23 | 000,214,671 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Miku_InVitroVoicePV.jpg
[2010/05/17 20:19:44 | 000,056,223 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Imba Farmville.jpg
[2010/05/17 07:05:31 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/17 07:05:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/17 07:00:20 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\bridf08b.dat
[2010/05/17 06:00:17 | 000,009,826 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20100517_0600.reg
[2010/05/17 05:02:41 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Brother DCP-165C Printer.lnk
[2010/05/15 00:22:14 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 3 Twilight- noel.bmp
[2010/05/14 21:11:44 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 2 Twilight - noel.bmp
[2010/05/14 19:32:15 | 000,085,783 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\DOUBLE TROUBLE.JPG
[2010/05/14 19:10:34 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/05/14 19:10:34 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/05/14 19:10:34 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/05/14 02:12:24 | 000,007,855 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\hikariairien.gif
[2010/05/13 22:42:23 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\What the....bmp
[2010/05/13 08:42:52 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Save 1 Twilight- noel.bmp
[2010/05/12 09:27:27 | 000,000,319 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\My Documents.lnk
[2010/05/12 08:39:07 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\KAIBIGAN.doc
[2010/05/12 08:08:35 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30004.mdi
[2010/05/12 08:06:48 | 000,037,744 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document3000300010001.mdi
[2010/05/12 08:06:32 | 000,035,768 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document300030001.mdi
[2010/05/12 08:06:20 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30003.mdi
[2010/05/12 08:05:05 | 000,030,514 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30002.mdi
[2010/05/12 07:34:18 | 000,030,662 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document30001.mdi
[2010/05/12 07:27:49 | 000,031,168 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document3.mdi
[2010/05/11 00:06:54 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Garena.lnk
[2010/05/10 23:08:31 | 000,280,505 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1280x1024.exe
[2010/05/10 23:08:18 | 000,280,501 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1024x768.exe
[2010/05/10 00:36:54 | 000,001,951 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\14632_1195639572720_1280387839_30706585_2310597_n.jpg
[2010/05/08 07:56:38 | 023,965,696 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Y-tube.avi
[2010/05/08 07:17:56 | 004,700,401 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Clannad After Story Op (Full).mp3
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/06/08 12:38:17 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Start\ERUNT AutoBackup.lnk
[2010/06/08 12:38:07 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\NTREGOPT.lnk
[2010/06/08 12:38:07 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ERUNT.lnk
[2010/06/08 11:28:31 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/08 10:55:49 | 000,029,110 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\9606-490q_super.jpg
[2010/06/08 01:51:37 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Frozen Throne.lnk
[2010/06/07 09:23:07 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\3D Live Pool.lnk
[2010/06/07 00:32:46 | 000,155,051 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Hachune.jpg
[2010/06/06 04:02:54 | 000,331,657 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/05 19:56:17 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2010/06/04 10:29:45 | 000,015,752 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\chibi-tomoya.jpg
[2010/06/03 15:53:13 | 000,181,158 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Lasagna.jpg
[2010/06/02 12:50:41 | 000,079,835 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Poster.jpg
[2010/06/02 12:38:47 | 000,003,031 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_site_title_bar_bg.jpg
[2010/06/02 12:19:22 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\templatemo_menu_bar_bg.jpg
[2010/06/01 12:43:23 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ManyCam 2.4.lnk
[2010/06/01 05:58:53 | 000,080,274 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\31379_131605773521196_100000153229642_386103_4431211_n.jpg
[2010/06/01 05:39:20 | 000,511,323 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\toy-con.jpg
[2010/05/30 08:34:42 | 000,129,857 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\2.jpg
[2010/05/30 05:01:50 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Flash.lnk
[2010/05/30 04:11:10 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Easy Graphic Converter 1.2.lnk
[2010/05/28 19:48:33 | 000,051,664 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi.JPG
[2010/05/28 19:46:46 | 000,064,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa.JPG
[2010/05/28 19:45:17 | 000,048,095 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sunohara.JPG
[2010/05/28 19:43:27 | 000,050,265 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-Date.JPG
[2010/05/28 19:39:14 | 000,041,545 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-Storage.JPG
[2010/05/28 19:34:55 | 000,054,060 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-Kiss.JPG
[2010/05/28 19:29:45 | 000,065,183 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-Kiss.JPG
[2010/05/28 19:25:13 | 000,017,341 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Click-Dango.JPG
[2010/05/28 19:23:02 | 000,025,338 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Day-1.JPG
[2010/05/28 19:22:34 | 000,020,171 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\First-Conv.JPG
[2010/05/28 19:21:56 | 000,039,052 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Char-Screen.JPG
[2010/05/28 19:21:14 | 000,059,667 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Game-Menu.JPG
[2010/05/28 19:17:59 | 000,069,886 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\no-picture yet.JPG
[2010/05/28 19:15:31 | 000,006,592 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\6.jpg
[2010/05/28 19:15:26 | 000,007,530 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\t55.jpg
[2010/05/28 19:11:31 | 000,055,539 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\4th.jpg
[2010/05/28 19:08:16 | 000,048,876 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\3rd.jpg
[2010/05/28 19:08:09 | 000,019,982 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\2nd.jpg
[2010/05/28 19:03:38 | 000,027,065 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\First Photo.jpg
[2010/05/28 05:07:19 | 000,056,254 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\spotlogo.jpg
[2010/05/27 11:11:30 | 000,489,604 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-Sim-Date-RPG.png
[2010/05/27 10:36:49 | 043,130,880 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad-New-Intro.avi
[2010/05/27 10:19:52 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Free Screen Recorder.lnk
[2010/05/26 08:00:57 | 000,280,501 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1024x768.exe
[2010/05/26 07:53:32 | 000,280,505 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MeepoBot.1280x1024.exe
[2010/05/25 23:25:14 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/05/23 18:41:15 | 000,114,243 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-2.jpg
[2010/05/23 18:41:09 | 000,103,871 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Ryou-1.jpg
[2010/05/23 15:07:12 | 000,122,162 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Dunno-3.jpg
[2010/05/23 15:06:31 | 000,103,416 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\[bleep].jpg
[2010/05/23 15:06:15 | 000,092,222 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sakit-sakitan.jpg
[2010/05/23 15:05:59 | 000,036,278 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Death=.jpg
[2010/05/23 15:05:55 | 000,159,799 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Mei c=3.jpg
[2010/05/23 15:05:49 | 000,120,625 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Misae.jpg
[2010/05/23 15:05:39 | 000,131,326 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nanay c=3.jpg
[2010/05/23 15:05:34 | 000,136,990 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tatay.jpg
[2010/05/23 15:04:49 | 000,092,912 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Sunoobhara.jpg
[2010/05/23 15:04:33 | 000,150,119 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Tomoyo-1.jpg
[2010/05/23 15:04:06 | 000,145,152 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-2.jpg
[2010/05/23 15:04:01 | 000,112,718 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Fuuko-1.jpg
[2010/05/23 15:03:57 | 000,084,504 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kotomi-1.jpg
[2010/05/23 15:03:51 | 000,163,199 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Kyou-1.jpg
[2010/05/23 15:03:41 | 000,029,606 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-End.jpg
[2010/05/23 15:00:11 | 000,176,516 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Nagisa-1.jpg
[2010/05/23 12:00:46 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RE Alistair++.lnk
[2010/05/23 10:52:51 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Malwarebytes' Anti-Malware.lnk
[2010/05/23 10:14:00 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/23 05:19:49 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\PAG.doc
[2010/05/21 12:51:59 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/19 09:40:31 | 001,039,850 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\K_on2.png
[2010/05/19 09:38:14 | 000,097,281 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1121.jpg
[2010/05/18 02:49:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\palabok.doc
[2010/05/18 02:09:30 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/18 02:09:30 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/18 02:03:36 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Pancit Luglog.doc
[2010/05/18 02:00:05 | 000,004,269 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\pansit malabon.rtf
[2010/05/18 01:15:20 | 000,214,671 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Miku_InVitroVoicePV.jpg
[2010/05/17 20:19:43 | 000,056,223 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Imba Farmville.jpg
[2010/05/17 07:13:03 | 000,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job
[2010/05/17 06:00:12 | 000,009,826 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20100517_0600.reg
[2010/05/17 05:02:41 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Brother DCP-165C Printer.lnk
[2010/05/17 04:47:06 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/05/14 22:15:20 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 3 Twilight- noel.bmp
[2010/05/14 19:32:15 | 000,085,783 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\DOUBLE TROUBLE.JPG
[2010/05/14 02:14:42 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/14 02:12:23 | 000,007,855 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\hikariairien.gif
[2010/05/13 22:42:22 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\What the....bmp
[2010/05/13 10:44:23 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 2 Twilight - noel.bmp
[2010/05/12 09:27:26 | 000,000,319 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\My Documents.lnk
[2010/05/12 08:31:36 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\KAIBIGAN.doc
[2010/05/12 08:08:33 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30004.mdi
[2010/05/12 08:06:47 | 000,037,744 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document3000300010001.mdi
[2010/05/12 08:06:32 | 000,035,768 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document300030001.mdi
[2010/05/12 08:06:20 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30003.mdi
[2010/05/12 08:05:04 | 000,030,514 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30002.mdi
[2010/05/12 07:34:18 | 000,030,662 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document30001.mdi
[2010/05/12 07:27:47 | 000,031,168 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document3.mdi
[2010/05/11 00:06:57 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Garena.lnk
[2010/05/09 21:52:05 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\IntegerManager.dll
[2010/05/09 21:52:00 | 000,446,464 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\TEvE Item Codegen.exe
[2010/05/09 07:34:55 | 000,001,951 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\14632_1195639572720_1280387839_30706585_2310597_n.jpg
[2010/05/08 19:24:01 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Save 1 Twilight- noel.bmp
[2010/05/08 07:37:36 | 023,965,696 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Y-tube.avi
[2010/05/08 07:14:46 | 004,700,401 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Clannad After Story Op (Full).mp3
[2010/05/08 05:59:42 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2010/05/08 05:58:14 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/03/06 09:30:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/08 05:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/10/08 05:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/10/08 05:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/10/08 05:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/08 05:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/01 21:26:21 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/22 15:49:22 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/24 01:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll
========== LOP Check ==========
[2010/05/17 07:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acronis
[2010/06/06 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
[2010/06/04 11:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010/06/01 12:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ManyCam
[2010/05/23 12:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RenPy
[2010/05/10 08:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2010/03/06 09:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/05/17 07:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/05/08 05:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/06/08 13:27:27 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{48971F8F-51E8-45EC-B110-428EE37930C9}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/03/06 08:01:25 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/08 10:38:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/06 08:01:25 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/06 08:01:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/06 08:01:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:08:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 07:29:34 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/06/08 13:15:45 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/03/05 23:46:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/05 23:46:22 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/05 23:46:22 | 000,868,352 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2005/10/14 05:36:14 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1800F293BCCC8EDE8A70E12B88D80036 -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2004/08/04 09:26:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll
< End of report >
OTL Extras logfile created on: 6/8/2010 1:22:51 PM - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
759.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.42 Gb Total Space | 5.00 Gb Free Space | 27.15% Space Free | Partition Type: NTFS
Drive D: | 50.11 Gb Total Space | 34.30 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 20.23 Gb Free Space | 27.14% Space Free | Partition Type: NTFS
Drive F: | 16.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 996.19 Mb Total Space | 988.58 Mb Free Space | 99.24% Space Free | Partition Type: NTFS
Drive H: | 5.03 Gb Total Space | 3.05 Gb Free Space | 60.53% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1.91 Gb Total Space | 1.26 Gb Free Space | 66.00% Space Free | Partition Type: FAT32
Computer Name: LEOPOGI
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD2.EXE ()
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
batfile [open] -- "%1" %*
cmdfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found
inffile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
inifile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
jsfile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
jsefile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- C:\WINDOWS\system32\NOTEPAD2.EXE %1 ()
vbefile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
vbsfile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
wsffile [edit] -- C:\WINDOWS\system32\Notepad2.exe %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{36177F72-8181-45D7-95D1-EA5B008A4DC9}" = Macro Vibration Joystick
"{48530DE6-19F9-489D-809E-AFAA8AACC6DF}" = SplitMediaLabs VH Screen Capture Driver (x86)
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{BBD9FAD7-F782-4548-B00F-E612322950F6}" = GameClub Launcher (Remove only)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis True Image Home
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Attribute Changer" = Attribute Changer 5.23
"AVG8Uninstall" = AVG Free 8.5
"Easy Graphic Converter 1.2_is1" = Easy Graphic Converter 1.2
"Easy Graphic Converter_is1" = Easy Graphic Converter 3.0
"ERUNT_is1" = ERUNT 1.1j
"Free Download Manager_is1" = Free Download Manager 2.1
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.3
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mozilla Thunderbird (1.5)" = Mozilla Thunderbird (1.5)
"NVIDIA Drivers" = NVIDIA Drivers
"RE: Alistair++" = RE: Alistair++ 1
"RealAlt_is1" = Real Alternative 1.45
"RegShot" = RegShot 1.7
"TaskSwitchXP" = TaskSwitchXP
"WIC" = Windows Imaging Component
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR archiver
"WOW" = Weapons of War(Remove only)
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/12/2010 9:36:37 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module shlwapi.dll, version 6.0.2900.2753, fault address 0x00009534.
Error - 5/12/2010 9:39:57 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module shlwapi.dll, version 6.0.2900.2753, fault address 0x00009534.
Error - 5/12/2010 8:40:48 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.
Error - 5/14/2010 12:19:23 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2649, faulting
module wintrust.dll, version 5.131.2600.2180, fault address 0x00003d9f.
Error - 5/14/2010 12:24:16 PM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application notepad2.exe, version 1.0.12.0, faulting module
notepad2.exe, version 1.0.12.0, fault address 0x00050c4c.
Error - 5/17/2010 12:03:27 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application avgcsrvx.exe, version 8.5.0.401, faulting module
avgcorex.dll, version 8.5.0.437, fault address 0x000371af.
Error - 5/21/2010 2:10:47 AM | Computer Name = LEOPOGI | Source = Application Error | ID = 1000
Description = Faulting application flash.exe, version 9.0.0.494, faulting module
unknown, version 0.0.0.0, fault address 0x00000001.
[ System Events ]
Error - 6/8/2010 1:30:10 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:12 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:14 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:16 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:37 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:39 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:41 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:43 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:45 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 6/8/2010 1:30:47 AM | Computer Name = LEOPOGI | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >