Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System Process Bogged Down OTL text

Started by sheck910 , Jan 30 2011 09:01 AM

  • Please log in to reply

#1
sheck910
Posted 30 January 2011 - 09:01 AM

sheck910

    Member

  • Member
  • PipPip
  • 17 posts
Hello,
I know I run an old system but fear I may have too many running processes and malware bogging down the system. Any help would be greatly appreciated.

Here is the OTL text run scan:

OTL logfile created on: 1/30/2011 9:49:03 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jamie\Desktop\02-09
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 170.00 Mb Available Physical Memory | 33.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 149.03 Gb Total Space | 34.71 Gb Free Space | 23.29% Space Free | Partition Type: NTFS

Computer Name: SAM-HNBJAEE2RL8 | User Name: Jamie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/30 09:48:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jamie\Desktop\02-09\OTL.com
PRC - [2011/01/20 07:02:24 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/12/12 01:00:39 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/12 01:00:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/01/23 17:27:33 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
PRC - [2003/09/04 13:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe
PRC - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) -- C:\WINNT\system32\HPZipm12.exe
PRC - [2002/12/02 20:08:34 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2002/12/02 19:56:10 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2002/12/02 19:41:48 | 000,307,200 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2002/12/02 19:30:02 | 000,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
PRC - [2002/09/04 17:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) -- C:\Program Files\Iomega\System32\AppServices.exe


========== Modules (SafeList) ==========

MOD - [2011/01/30 09:48:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jamie\Desktop\02-09\OTL.com
MOD - [2011/01/20 07:02:55 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2009/06/26 18:07:54 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcr90.dll
MOD - [2009/06/26 18:07:52 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcp90.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Iomega Activity Disk2)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008/09/19 08:39:42 | 000,355,584 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINNT\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/05/29 08:28:54 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINNT\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/01/23 17:27:33 | 001,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe -- (sprtsvc_medicsp2) SupportSoft Sprocket Service (medicsp2)
SRV - [2004/08/04 01:56:58 | 000,050,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [2004/08/04 01:56:58 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\skeys.exe -- (SerialKeys)
SRV - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Running] -- C:\WINNT\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/09/04 17:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) [Auto | Running] -- C:\Program Files\Iomega\System32\AppServices.exe -- (Iomega App Services)


========== Driver Services (SafeList) ==========

DRV - [2010/04/02 19:12:41 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINNT\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2010/01/10 14:53:08 | 000,018,816 | ---- | M] (RIF) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2010/01/08 08:13:12 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/12/18 15:02:26 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\epfw.sys -- (epfw)
DRV - [2009/11/16 09:06:48 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINNT\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINNT\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINNT\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motport.sys -- (motport)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009/06/19 15:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009/05/08 10:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009/01/31 12:57:54 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\giveio.sys -- (giveio)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2007/12/05 01:41:00 | 007,435,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/09/21 17:49:10 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2007/04/04 03:00:00 | 000,389,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/01/21 10:29:49 | 000,015,440 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006/12/26 07:54:35 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/11/04 14:01:15 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/10/19 18:22:00 | 000,051,584 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mamoveu.sys -- (mamoveu)
DRV - [2006/01/07 11:09:50 | 000,007,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\Samhid.sys -- (samhid)
DRV - [2005/11/25 14:39:06 | 000,203,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2005/08/18 11:44:44 | 000,011,473 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2005/08/04 16:52:00 | 000,026,112 | R--- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\iteraid.sys -- (iteraid)
DRV - [2005/06/16 00:00:00 | 000,025,044 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mamovem.sys -- (mamovem)
DRV - [2005/06/16 00:00:00 | 000,024,784 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mamovec.sys -- (mamovec)
DRV - [2004/08/04 02:05:44 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/08/04 02:05:44 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/04 01:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/04 00:59:12 | 000,079,104 | ---- | M] (Comtrol Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rocket.sys -- (RocketPort)
DRV - [2004/08/04 00:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 22:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004/04/30 08:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004/04/30 08:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINNT\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2003/09/04 13:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)
DRV - [2003/06/19 14:05:04 | 000,049,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\usbhub20.sys -- (usbhub20)
DRV - [2003/06/18 19:48:00 | 000,009,038 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\System32\Drivers\viausb.sys -- (viafilter)
DRV - [2003/06/12 22:50:34 | 000,013,459 | ---- | M] (George E. Breese) [Kernel | System | Running] -- C:\WINNT\System32\Drivers\vlatency.sys -- (VLATENCY)
DRV - [2002/12/27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/09/04 17:11:08 | 000,030,258 | ---- | M] (Iomega Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\DRIVERS\iomdisk.sys -- (iomdisk)
DRV - [2001/10/18 15:00:00 | 000,006,234 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2001/08/17 16:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/05/04 18:24:52 | 000,003,033 | ---- | M] (VIA Technologies. Inc.) [Kernel | System | Running] -- C:\WINNT\System32\Drivers\viapfd.sys -- (VIAPFD)
DRV - [2001/02/23 14:12:10 | 000,035,013 | ---- | M] (Network Everywhere) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\NC100A.sys -- (NC100) Network Everywhere Fast Ethernet Adapter(NC100 v2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...F&PC=VIATDF&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.cbssports.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {552f5201-4f53-47ea-bc05-5cce5423cd79}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.76
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.8.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2d}:1.2.4
FF - prefs.js..extensions.enabledItems: {DB390D2E-0FB4-413F-B039-AE342D1D40BA}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.95.20100933
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.67
FF - prefs.js..keyword.URL: "http://www.bing.com/...F&PC=VIATDF&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/20 07:02:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/20 07:02:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/20 07:03:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/02/07 13:06:57 | 000,000,000 | ---D | M]

[2010/05/04 21:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Extensions
[2010/05/04 21:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Extensions\[email protected]
[2011/01/30 09:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions
[2009/10/17 14:16:38 | 000,000,000 | ---D | M] (NY Yankees) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{0502c898-4754-11dc-8314-0800200c9a66}
[2010/12/24 15:48:14 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/04/05 07:22:54 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2010/07/27 19:58:18 | 000,000,000 | ---D | M] (PopupMaster) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2d}
[2010/07/27 19:57:43 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2007/10/27 14:35:09 | 000,000,000 | ---D | M] ("tuxof") -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{410a8100-164a-11db-ac5d-0800200c9a66}
[2010/09/30 20:56:17 | 000,000,000 | ---D | M] (AzTec Toolbar) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{552f5201-4f53-47ea-bc05-5cce5423cd79}
[2010/12/24 15:48:03 | 000,000,000 | ---D | M] ("Walnut for Firefox") -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2010/11/14 11:08:32 | 000,000,000 | ---D | M] (Aero Fox XL) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2007/10/27 14:35:09 | 000,000,000 | ---D | M] ("BlueQute") -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{69574B2C-CFBB-469f-9E09-90DCEEBAAC9D}
[2010/12/15 06:38:12 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/07/27 19:58:11 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/07/27 19:57:43 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2008/04/16 11:20:08 | 000,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2007/10/27 14:35:09 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2010/12/24 15:48:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/21 02:22:36 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2007/10/27 14:35:09 | 000,000,000 | ---D | M] ("Enhanced Bookmark Search") -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{DA92B0E0-6CB4-11d9-941A-444553540001}
[2010/07/27 19:57:46 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/04/14 10:33:03 | 000,000,000 | ---D | M] (Download Embedded) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/11/21 02:22:40 | 000,000,000 | ---D | M] (Virtus Search Opt-in) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/11/30 05:24:10 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/07/27 19:57:44 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/07/27 19:57:37 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/09/30 20:56:19 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/10/03 16:45:38 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]
[2010/11/21 02:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\[email protected]\chrome
[2010/11/14 11:08:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2010/04/22 19:17:00 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\searchplugins\bing.xml
[2010/07/25 17:03:52 | 000,005,500 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\searchplugins\food-network-recipes.xml
[2010/06/13 16:34:49 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\searchplugins\stmusic-search.xml
[2008/06/18 19:23:12 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\searchplugins\wikipedia-en.xml
[2006/11/04 21:03:03 | 000,001,437 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x15huwm9.default\searchplugins\yanswers.xml
[2011/01/27 08:59:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/04/12 20:12:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/27 06:56:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/01/07 08:11:21 | 000,000,000 | ---D | M] (Seekeen) -- C:\Program Files\Mozilla Firefox\extensions\{DB390D2E-0FB4-413F-B039-AE342D1D40BA}
[2011/01/20 07:02:56 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/01/07 09:05:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\components\np32asw.dll
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32asw.dll
[2007/12/13 09:55:00 | 000,437,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npagent.dll
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/08/18 22:11:35 | 000,053,248 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Mozilla Firefox\plugins\NPPGWrap.dll
[2005/04/27 15:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll

O1 HOSTS File: ([2009/05/28 12:07:53 | 000,236,601 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8284 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINNT\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [EPSON Artisan 50 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_FATIFFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_22.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macr...are/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8656.2256597222 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jamie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jamie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/03 00:34:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/10/31 11:03:06 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.VIA -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/27 07:37:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jamie\Recent
[2011/01/22 07:36:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jamie\Application Data\Hardcore
[2011/01/20 07:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jamie\Local Settings\Application Data\Real
[2011/01/20 07:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/01/20 07:02:42 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- C:\WINNT\System32\rmoc3260.dll
[2011/01/20 07:02:28 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINNT\System32\pndx5016.dll
[2011/01/20 07:02:28 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINNT\System32\pndx5032.dll
[2011/01/20 07:02:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2007/04/28 17:29:53 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2007/02/14 12:08:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jamie\Application Data\pcouffin.sys
[2006/10/06 20:40:29 | 000,160,640 | ---- | C] ( ) -- C:\WINNT\System32\drivers\a347bus.sys
[2006/10/06 20:40:29 | 000,005,248 | ---- | C] ( ) -- C:\WINNT\System32\drivers\a347scsi.sys
[2005/02/16 10:06:16 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\HijackThis.exe
[9 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/30 09:40:48 | 000,000,525 | ---- | M] () -- C:\hpfr3420.xml
[2011/01/30 09:28:09 | 000,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2011/01/30 09:27:02 | 000,000,278 | ---- | M] () -- C:\WINNT\tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1275210071-839522115-1008.job
[2011/01/30 09:27:01 | 000,000,486 | ---- | M] () -- C:\WINNT\tasks\1-Click Maintenance.job
[2011/01/30 09:26:20 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2011/01/30 09:24:19 | 000,000,390 | ---- | M] () -- C:\WINNT\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1270263173.job
[2011/01/30 09:24:19 | 000,000,390 | ---- | M] () -- C:\WINNT\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1270253584.job
[2011/01/28 20:44:39 | 000,000,286 | ---- | M] () -- C:\WINNT\tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1275210071-839522115-1008.job
[2011/01/27 12:21:08 | 000,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2011/01/22 07:43:51 | 000,000,000 | ---- | M] () -- C:\WINNT\System32\TuneUpDefragService_20110122-124351.dmp
[2011/01/20 07:03:12 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/01/20 07:02:42 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- C:\WINNT\System32\rmoc3260.dll
[2011/01/20 07:02:28 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINNT\System32\pndx5016.dll
[2011/01/20 07:02:28 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINNT\System32\pndx5032.dll
[2011/01/03 06:44:56 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Jamie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/02 08:41:38 | 000,000,228 | ---- | M] () -- C:\WINNT\System32\spupdsvc.inf
[9 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/22 07:43:51 | 000,000,000 | ---- | C] () -- C:\WINNT\System32\TuneUpDefragService_20110122-124351.dmp
[2011/01/20 07:04:03 | 000,000,278 | ---- | C] () -- C:\WINNT\tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1275210071-839522115-1008.job
[2011/01/20 07:04:02 | 000,000,286 | ---- | C] () -- C:\WINNT\tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1275210071-839522115-1008.job
[2011/01/20 07:03:12 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/01/02 08:44:19 | 000,022,486 | ---- | C] () -- C:\WINNT\System32\msu.ico
[2011/01/02 08:41:38 | 000,000,228 | ---- | C] () -- C:\WINNT\System32\spupdsvc.inf
[2009/12/26 07:38:36 | 000,000,044 | ---- | C] () -- C:\WINNT\EPART50.ini
[2009/01/31 12:57:54 | 000,005,248 | ---- | C] () -- C:\WINNT\System32\giveio.sys
[2009/01/05 14:00:47 | 000,000,085 | ---- | C] () -- C:\WINNT\Sierra.ini
[2008/09/06 07:05:27 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\vso_ts_preview.xml
[2008/09/05 16:06:56 | 000,000,067 | ---- | C] () -- C:\WINNT\Easy DVD Creator.INI
[2008/09/05 07:50:56 | 000,000,069 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2008/09/05 07:50:00 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\default.pls
[2008/08/26 20:03:19 | 000,186,504 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/05/08 08:49:36 | 000,000,009 | ---- | C] () -- C:\WINNT\kodakPS.Jamie.ini
[2007/12/30 22:33:33 | 000,073,839 | ---- | C] () -- C:\WINNT\System32\KodakOneTouch.dll
[2007/10/27 14:44:11 | 000,000,097 | ---- | C] () -- C:\WINNT\System32\PICSDK.ini
[2007/07/11 19:22:50 | 000,000,430 | ---- | C] () -- C:\WINNT\MP3trt.ini
[2007/07/11 19:22:47 | 000,278,528 | ---- | C] () -- C:\WINNT\System32\ammpp.dll
[2007/07/11 19:22:47 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\a1.dll
[2007/04/09 18:02:53 | 000,001,045 | ---- | C] () -- C:\WINNT\System32\iconcfg.ini
[2007/04/07 17:16:19 | 000,000,058 | ---- | C] () -- C:\WINNT\System32\EAL32.INI
[2007/02/14 12:08:20 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\pcouffin.log
[2007/02/14 12:08:18 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\ezpinst.exe
[2007/02/14 12:08:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\pcouffin.inf
[2007/02/14 12:08:18 | 000,001,074 | ---- | C] () -- C:\Documents and Settings\Jamie\Application Data\pcouffin.cat
[2006/12/23 20:35:00 | 000,000,081 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2006/12/03 10:04:27 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\Jamie\Application Data\.zreglib
[2006/11/21 21:23:20 | 000,120,832 | ---- | C] () -- C:\WINNT\System32\ShnDll32.dll
[2006/10/21 17:19:15 | 000,000,180 | ---- | C] () -- C:\WINNT\System32\sam.ini
[2006/10/21 10:26:29 | 000,007,548 | ---- | C] () -- C:\WINNT\System32\drivers\Samhid.sys
[2006/10/21 10:22:03 | 000,487,424 | ---- | C] () -- C:\WINNT\System32\FDRpage.dll
[2006/10/21 09:07:49 | 000,008,484 | ---- | C] () -- C:\Program Files\hijackthis.log
[2006/10/14 07:40:05 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/10/12 19:19:36 | 000,168,448 | ---- | C] () -- C:\Documents and Settings\Jamie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/11 22:47:31 | 000,001,793 | ---- | C] () -- C:\WINNT\System32\fxsperf.ini
[2006/04/11 22:44:48 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/03 22:25:34 | 000,000,024 | ---- | C] () -- C:\WINNT\clofghls.dll
[2006/04/02 01:00:59 | 000,000,052 | ---- | C] () -- C:\WINNT\mafosav.INI
[2006/03/18 23:09:32 | 000,000,398 | ---- | C] () -- C:\WINNT\dellstat.ini
[2005/12/10 17:04:23 | 000,000,701 | ---- | C] () -- C:\WINNT\ODBC.INI
[2005/11/16 02:05:02 | 000,000,033 | ---- | C] () -- C:\WINNT\logimail.INI
[2005/11/03 03:08:51 | 000,000,574 | ---- | C] () -- C:\WINNT\cdplayer.ini
[2005/11/03 02:39:03 | 000,015,387 | ---- | C] () -- C:\WINNT\System32\lvcoinst.ini
[2005/11/02 23:40:44 | 000,045,056 | ---- | C] () -- C:\WINNT\System32\vusetup.dll
[2005/11/01 01:17:01 | 000,353,381 | ---- | C] () -- C:\Program Files\LimeWireWin.exe
[2005/10/31 22:54:08 | 000,000,567 | ---- | C] () -- C:\WINNT\imaginationx.ini
[2005/10/31 22:51:48 | 000,000,034 | ---- | C] () -- C:\WINNT\winreg.ini
[2005/10/31 11:02:34 | 000,021,952 | -H-- | C] () -- C:\Program Files\folder.htt
[2005/10/30 20:46:27 | 000,004,073 | ---- | C] () -- C:\WINNT\ODBCINST.INI
[2005/02/24 10:32:00 | 001,703,936 | ---- | C] () -- C:\WINNT\System32\nvwdmcpl.dll
[2005/02/24 10:32:00 | 001,474,560 | ---- | C] () -- C:\WINNT\System32\nview.dll
[2005/02/24 10:32:00 | 001,019,904 | ---- | C] () -- C:\WINNT\System32\nvwimg.dll
[2005/02/24 10:32:00 | 000,540,672 | ---- | C] () -- C:\WINNT\System32\nvhwvid.dll
[2005/02/24 10:32:00 | 000,466,944 | ---- | C] () -- C:\WINNT\System32\nvshell.dll
[2005/02/24 10:32:00 | 000,286,720 | ---- | C] () -- C:\WINNT\System32\nvnt4cpl.dll
[2004/09/17 16:37:42 | 000,069,632 | ---- | C] () -- C:\WINNT\System32\vuins32.dll
[2004/08/04 01:56:44 | 000,081,920 | ---- | C] () -- C:\WINNT\System32\ieencode.dll
[2004/08/03 23:59:44 | 000,095,360 | ---- | C] () -- C:\WINNT\System32\drivers\atapi.sys
[2004/08/03 19:56:46 | 000,363,520 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2003/03/09 20:31:04 | 000,561,152 | ---- | C] () -- C:\WINNT\System32\hpotscl.dll
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/05/08 07:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[1999/09/25 05:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 05:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:889A0437
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F69BB936
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C5ABDC7
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A0EFE63
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E26A1EF1

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP