Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows XP Unbearably Slow (OT LOG)

Started by sheppardzwc , Apr 27 2010 06:40 PM

  • Please log in to reply

#1
sheppardzwc
Posted 27 April 2010 - 06:40 PM

sheppardzwc

    New Member

  • Member
  • Pip
  • 7 posts
Hi all,

I posted before in the general forum (http://www.geekstogo...ow-t275401.html) and by guide of Rorschach I went through the guide and did the first 3 steps into malware removal. (MWB, avast, and rebooting) All of this helped to no avail.

OS: Windows XP Pro SP3
RAM: 3GB

Hey all,

When I recently started my computer this afternoon it booted fine until I reached my desktop, where the computer's processor light was fully bright and I could hear the drive cranking. I saw no processes being started (I only have 4 when the computer is booted) and a virus and malware scan in Safe Mode came up with a few things, but even after scanning and rebooting to normal mode, nothing was changed. The computer is unresponsive after a few minutes of being on the Desktop and I have to hard-shutdown.


Here is my OTL log(s):

OTL.txt

OTL logfile created on: 4/27/2010 8:31:06 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.57 Gb Total Space | 92.19 Gb Free Space | 62.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANONYMOUS
Current User Name: Zach
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/10/20 01:11:52 | 000,616,712 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/07/19 12:00:44 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2009/07/19 11:59:05 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/09 20:05:47 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/15 06:56:43 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/09/15 06:56:28 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/09/15 06:54:13 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/09/15 06:49:40 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/04/14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)


========== Driver Services (SafeList) ==========

DRV - [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/11/09 13:12:42 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009/09/15 06:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/09/15 06:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/09/15 06:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/15 06:54:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/09/15 06:54:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/09/15 06:53:24 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/07/26 22:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/19 12:48:36 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iastor86.sys -- (iastor86)
DRV - [2009/06/04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009/03/27 14:23:12 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/02/13 18:00:02 | 001,503,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/01/30 17:13:20 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/05/21 12:48:46 | 006,018,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 06:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\pciide.sys -- (PCIIde)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/09 18:01:16 | 004,703,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/12/06 17:41:42 | 000,220,032 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {210249CE-F888-11DD-B868-4CB456D89593}:2.1.2
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.1
FF - prefs.js..network.proxy.backup.ftp: "128.151.65.101"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "128.151.65.101"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "128.151.65.101"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "128.151.65.101"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "66.76.90.0"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "66.76.90.0"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "66.76.90.0"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "66.76.90.0"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "66.76.90.0"
FF - prefs.js..network.proxy.ssl_port: 8080


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/21 16:24:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 09:33:25 | 000,000,000 | ---D | M]

[2009/10/29 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/02/09 18:38:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/10/29 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2010/04/27 20:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions
[2009/10/28 22:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions\{210249CE-F888-11DD-B868-4CB456D89593}
[2010/03/16 22:32:54 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\eqlxto9l.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010/04/27 20:25:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/01/07 23:41:53 | 000,000,796 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.2 vb
O1 - Hosts: 127.0.0.3 pma
O1 - Hosts: 127.0.0.4 vb4
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PC Health.lnk = C:\Program Files\TOSHIBA\TOSHIBA Management Console\TOSHealthLocalS.vbs ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.148 24.25.5.147
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/29 00:04:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/11/10 23:07:40 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 90 Days ==========

[2010/04/27 20:29:32 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/04/27 19:52:30 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/04/27 19:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/27 18:13:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/04/25 22:37:45 | 000,000,000 | ---D | C] -- C:\ade
[2010/04/22 18:27:12 | 000,000,000 | ---D | C] -- C:\maps
[2010/04/08 19:40:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2010/04/08 19:28:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2010/04/08 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010/04/07 17:27:29 | 000,000,000 | ---D | C] -- C:\sb
[2010/03/25 16:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/03/16 18:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/03/16 18:13:33 | 003,341,149 | ---- | C] (Web Solution Mart ) -- C:\setup.exe
[2010/02/28 16:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.sshterm
[2010/02/28 16:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.ssh
[2010/02/28 15:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IDMComp
[2010/02/28 15:58:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\UltraEdit
[2010/02/28 15:57:44 | 000,000,000 | ---D | C] -- C:\ue_english
[2010/02/18 20:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/02/18 20:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/02/09 18:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Thunderbird
[2010/02/09 18:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Thunderbird
[2010/02/08 19:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/02/08 19:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010/02/07 15:27:02 | 000,000,000 | ---D | C] -- C:\Program Files\nMP3amp
[2010/02/01 17:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/10/30 19:14:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

========== Files - Modified Within 90 Days ==========

[2010/04/27 20:29:33 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/04/27 20:14:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/27 20:10:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7A906E8E-E9E6-4F3D-BE23-CC6847C173F5}.job
[2010/04/27 20:09:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/27 20:07:07 | 003,712,656 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/04/27 19:57:23 | 000,699,904 | ---- | M] () -- C:\WINDOWS\is-DP2L3.exe
[2010/04/27 19:57:23 | 000,010,498 | ---- | M] () -- C:\WINDOWS\is-DP2L3.msg
[2010/04/27 19:57:23 | 000,000,399 | ---- | M] () -- C:\WINDOWS\is-DP2L3.lst
[2010/04/27 19:53:29 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/04/27 19:52:31 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/04/27 19:49:27 | 000,000,550 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/27 19:49:27 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/27 19:49:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/04/27 19:28:33 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/04/27 19:28:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/04/27 16:34:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/26 22:41:57 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\PUTTY.RND
[2010/04/25 18:09:24 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/17 17:47:38 | 000,030,916 | ---- | M] () -- C:\gs.png
[2010/04/17 14:40:26 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/14 16:29:42 | 000,030,792 | ---- | M] () -- C:\apr-14-vps.pdf
[2010/04/13 22:13:05 | 000,045,229 | ---- | M] () -- C:\book.jpg
[2010/04/11 22:53:28 | 000,232,699 | ---- | M] () -- C:\seatbelt.png
[2010/04/11 22:52:56 | 000,028,686 | ---- | M] () -- C:\car.jpg
[2010/04/08 19:56:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 18:00:42 | 000,095,669 | ---- | M] () -- C:\nicks.png
[2010/04/06 15:29:52 | 001,296,041 | ---- | M] () -- C:\IMG_2702.JPG
[2010/04/06 15:06:50 | 001,372,314 | ---- | M] () -- C:\IMG_2700.JPG
[2010/04/06 10:51:13 | 001,503,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/05 20:19:58 | 000,040,920 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/04 15:47:13 | 000,087,442 | ---- | M] () -- C:\colors.png
[2010/04/02 21:32:54 | 000,113,122 | ---- | M] () -- C:\desirawr.png
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/28 18:04:06 | 000,000,525 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2010/03/24 21:24:59 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HALF-LIFE 2 SMOD.lnk
[2010/03/24 21:24:35 | 000,002,207 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2010/03/23 17:58:28 | 000,125,567 | ---- | M] () -- C:\screen.png
[2010/03/20 10:54:38 | 000,036,241 | ---- | M] () -- C:\camels.jpg
[2010/03/19 17:37:01 | 000,001,879 | ---- | M] () -- C:\ud.ini
[2010/03/16 18:14:14 | 003,341,149 | ---- | M] (Web Solution Mart ) -- C:\setup.exe
[2010/03/14 12:07:17 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/14 12:07:17 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 12:07:17 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 17:33:51 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\ban.bat
[2010/03/09 21:38:08 | 001,208,546 | ---- | M] () -- C:\sugar2.jpg
[2010/03/09 21:33:20 | 001,257,041 | ---- | M] () -- C:\sugar.jpg
[2010/03/07 23:10:15 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Portal Prelude.lnk
[2010/03/05 23:15:07 | 000,137,145 | ---- | M] () -- C:\utorrent.png
[2010/03/03 19:06:38 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Hitman 2 Silent Assassin.lnk
[2010/03/02 20:25:56 | 000,707,637 | ---- | M] () -- C:\bamboo.jpg
[2010/03/01 18:25:54 | 000,180,979 | ---- | M] () -- C:\duck.jpg
[2010/02/27 18:46:18 | 000,004,425 | ---- | M] () -- C:\vizio.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | M] () -- C:\explosion.png
[2010/02/27 16:12:29 | 000,044,155 | ---- | M] () -- C:\ircd.png
[2010/02/24 21:26:05 | 000,163,902 | ---- | M] () -- C:\mockup.jpg
[2010/02/21 18:15:58 | 000,055,825 | ---- | M] () -- C:\comic.jpg
[2010/02/21 18:14:00 | 000,028,346 | ---- | M] () -- C:\WINDOWS\comic.png
[2010/02/21 18:13:08 | 000,028,346 | ---- | M] () -- C:\WINDOWS\comic.jpg
[2010/02/21 12:18:14 | 000,109,175 | ---- | M] () -- C:\WINDOWS\1241099397.jpg
[2010/02/18 23:55:08 | 000,042,508 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\NCIS Season 1 Episodes (1-23) Complete.torrent
[2010/02/18 20:57:49 | 000,310,895 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\House MD Season 1.torrent
[2010/02/07 19:12:13 | 000,086,809 | ---- | M] () -- C:\woah.png
[2010/02/01 21:28:25 | 000,000,039 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences.dat
[2010/01/30 01:40:32 | 000,544,264 | ---- | M] () -- C:\AMIP-2.67.exe

========== Files Created - No Company Name ==========

[2010/04/27 19:57:23 | 000,699,904 | ---- | C] () -- C:\WINDOWS\is-DP2L3.exe
[2010/04/27 19:57:23 | 000,010,498 | ---- | C] () -- C:\WINDOWS\is-DP2L3.msg
[2010/04/27 19:57:23 | 000,000,399 | ---- | C] () -- C:\WINDOWS\is-DP2L3.lst
[2010/04/27 19:54:40 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2010/04/27 19:53:28 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/04/17 17:47:38 | 000,030,916 | ---- | C] () -- C:\gs.png
[2010/04/14 16:29:42 | 000,030,792 | ---- | C] () -- C:\apr-14-vps.pdf
[2010/04/13 22:13:05 | 000,045,229 | ---- | C] () -- C:\book.jpg
[2010/04/11 22:53:28 | 000,232,699 | ---- | C] () -- C:\seatbelt.png
[2010/04/11 22:52:56 | 000,028,686 | ---- | C] () -- C:\car.jpg
[2010/04/08 18:00:42 | 000,095,669 | ---- | C] () -- C:\nicks.png
[2010/04/06 15:19:40 | 001,296,041 | ---- | C] () -- C:\IMG_2702.JPG
[2010/04/06 14:57:11 | 001,372,314 | ---- | C] () -- C:\IMG_2700.JPG
[2010/04/04 15:46:49 | 000,087,442 | ---- | C] () -- C:\colors.png
[2010/04/02 21:31:43 | 000,113,122 | ---- | C] () -- C:\desirawr.png
[2010/03/28 18:01:13 | 000,000,525 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2010/03/28 17:58:26 | 000,001,879 | ---- | C] () -- C:\ud.ini
[2010/03/24 21:24:59 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HALF-LIFE 2 SMOD.lnk
[2010/03/23 17:58:28 | 000,125,567 | ---- | C] () -- C:\screen.png
[2010/03/20 10:54:37 | 000,036,241 | ---- | C] () -- C:\camels.jpg
[2010/03/12 17:33:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\ban.bat
[2010/03/09 21:38:07 | 001,208,546 | ---- | C] () -- C:\sugar2.jpg
[2010/03/09 21:33:19 | 001,257,041 | ---- | C] () -- C:\sugar.jpg
[2010/03/07 23:10:15 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Portal Prelude.lnk
[2010/03/05 23:15:07 | 000,137,145 | ---- | C] () -- C:\utorrent.png
[2010/03/03 18:23:52 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Hitman 2 Silent Assassin.lnk
[2010/03/02 20:24:19 | 000,707,637 | ---- | C] () -- C:\bamboo.jpg
[2010/03/01 18:25:54 | 000,180,979 | ---- | C] () -- C:\duck.jpg
[2010/02/27 18:34:18 | 000,004,425 | ---- | C] () -- C:\vizio.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | C] () -- C:\explosion.png
[2010/02/27 16:12:29 | 000,044,155 | ---- | C] () -- C:\ircd.png
[2010/02/24 21:24:58 | 000,163,902 | ---- | C] () -- C:\mockup.jpg
[2010/02/21 18:14:22 | 000,055,825 | ---- | C] () -- C:\comic.jpg
[2010/02/21 18:14:00 | 000,028,346 | ---- | C] () -- C:\WINDOWS\comic.png
[2010/02/21 18:13:08 | 000,028,346 | ---- | C] () -- C:\WINDOWS\comic.jpg
[2010/02/21 12:18:14 | 000,109,175 | ---- | C] () -- C:\WINDOWS\1241099397.jpg
[2010/02/20 00:16:09 | 000,042,508 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\NCIS Season 1 Episodes (1-23) Complete.torrent
[2010/02/19 23:31:13 | 000,544,264 | ---- | C] () -- C:\AMIP-2.67.exe
[2010/02/18 20:58:16 | 000,310,895 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\House MD Season 1.torrent
[2010/02/07 19:12:13 | 000,086,809 | ---- | C] () -- C:\woah.png
[2009/12/01 22:10:41 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009/11/26 09:55:55 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/11/11 19:04:57 | 000,000,275 | ---- | C] () -- C:\WINDOWS\pwc61su.INI
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/10/31 11:57:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TOSMgmt.dll
[2009/10/30 19:14:52 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2009/10/29 18:39:39 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2009/10/29 18:12:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/29 00:12:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/29 00:12:32 | 002,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/10/29 00:12:32 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/10/29 00:12:32 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/10/29 00:12:31 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/29 00:12:30 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/29 00:12:30 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/07/19 12:11:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/11/20 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2010/02/08 19:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/11/15 22:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/11/22 17:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/12/01 00:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010/01/24 21:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2010/01/12 19:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 09:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/04/05 17:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dev-Cpp
[2010/04/26 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FileZilla
[2009/10/29 00:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Foxit
[2009/11/20 20:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\My Games
[2009/11/15 22:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2009/11/10 20:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nexon
[2009/10/29 17:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Publish Providers
[2009/11/22 17:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sandlot Games
[2009/12/01 00:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Screaming Bee
[2009/10/29 16:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Songbird2
[2009/10/30 20:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony
[2009/11/04 09:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Subversion
[2010/01/05 21:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2009/12/05 19:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2010/02/09 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird
[2010/04/26 17:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2009/10/29 17:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinBatch
[2010/04/27 20:10:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7A906E8E-E9E6-4F3D-BE23-CC6847C173F5}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/12/09 08:24:01 | 000,000,960 | ---- | M] () -- C:\aaw7boot.log
[2009/12/08 17:29:19 | 077,086,488 | ---- | M] (Lavasoft ) -- C:\Ad-AwareInstallation.exe
[2010/01/30 01:40:32 | 000,544,264 | ---- | M] () -- C:\AMIP-2.67.exe
[2010/04/14 16:29:42 | 000,030,792 | ---- | M] () -- C:\apr-14-vps.pdf
[2009/10/29 00:04:59 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/02 20:25:56 | 000,707,637 | ---- | M] () -- C:\bamboo.jpg
[2010/01/15 01:09:51 | 000,000,324 | ---- | M] () -- C:\bar1.png
[2010/01/15 01:10:23 | 000,000,393 | ---- | M] () -- C:\bar2.png
[2009/12/25 10:22:24 | 000,608,256 | ---- | M] () -- C:\blackra1n.exe
[2010/01/22 20:02:01 | 000,003,324 | ---- | M] () -- C:\blackra1n.log
[2010/04/13 22:13:05 | 000,045,229 | ---- | M] () -- C:\book.jpg
[2010/04/27 19:49:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/20 10:54:38 | 000,036,241 | ---- | M] () -- C:\camels.jpg
[2010/04/11 22:52:56 | 000,028,686 | ---- | M] () -- C:\car.jpg
[2010/01/14 23:27:35 | 000,301,238 | ---- | M] () -- C:\classic.png
[2010/01/03 02:22:16 | 000,025,952 | ---- | M] () -- C:\clouds.png
[2010/04/04 15:47:13 | 000,087,442 | ---- | M] () -- C:\colors.png
[2010/02/21 18:15:58 | 000,055,825 | ---- | M] () -- C:\comic.jpg
[2009/10/29 00:04:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/02 01:28:37 | 000,040,832 | ---- | M] () -- C:\debug.png
[2010/04/02 21:32:54 | 000,113,122 | ---- | M] () -- C:\desirawr.png
[2009/12/29 17:22:36 | 000,420,019 | ---- | M] () -- C:\desktop.png
[2010/01/09 23:46:17 | 001,204,767 | ---- | M] () -- C:\Difuse.mp3
[2010/03/01 18:25:54 | 000,180,979 | ---- | M] () -- C:\duck.jpg
[2010/01/02 02:43:33 | 000,248,591 | ---- | M] () -- C:\dxdiag.png
[2010/02/27 18:33:21 | 000,761,161 | ---- | M] () -- C:\explosion.png
[2010/04/17 17:47:38 | 000,030,916 | ---- | M] () -- C:\gs.png
[2010/04/27 19:37:40 | 000,006,361 | ---- | M] () -- C:\hijackthis.log
[2010/04/06 15:06:50 | 001,372,314 | ---- | M] () -- C:\IMG_2700.JPG
[2010/04/06 15:29:52 | 001,296,041 | ---- | M] () -- C:\IMG_2702.JPG
[2010/01/03 11:46:02 | 000,000,238 | ---- | M] () -- C:\index.html
[2009/10/29 00:04:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/13 19:09:27 | 000,000,754 | -H-- | M] () -- C:\IPH.PH
[2010/02/27 16:12:29 | 000,044,155 | ---- | M] () -- C:\ircd.png
[2010/02/24 21:26:05 | 000,163,902 | ---- | M] () -- C:\mockup.jpg
[2009/10/29 00:04:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/08 18:00:42 | 000,095,669 | ---- | M] () -- C:\nicks.png
[2009/12/29 17:18:22 | 000,124,477 | ---- | M] () -- C:\nplus.png
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/27 20:14:06 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/11/25 13:54:46 | 000,454,656 | ---- | M] (Simon Tatham) -- C:\putty.exe
[2010/03/23 17:58:28 | 000,125,567 | ---- | M] () -- C:\screen.png
[2010/04/11 22:53:28 | 000,232,699 | ---- | M] () -- C:\seatbelt.png
[2010/03/16 18:14:14 | 003,341,149 | ---- | M] (Web Solution Mart ) -- C:\setup.exe
[2009/12/29 17:37:59 | 000,013,869 | ---- | M] () -- C:\side.png
[2009/12/29 17:20:30 | 000,407,929 | ---- | M] () -- C:\ss.png
[2010/01/13 20:45:39 | 000,176,184 | ---- | M] () -- C:\stars.jpg
[2010/03/09 21:33:20 | 001,257,041 | ---- | M] () -- C:\sugar.jpg
[2010/03/09 21:38:08 | 001,208,546 | ---- | M] () -- C:\sugar2.jpg
[2010/01/03 02:30:10 | 000,046,037 | ---- | M] () -- C:\think.png
[2010/03/19 17:37:01 | 000,001,879 | ---- | M] () -- C:\ud.ini
[2010/03/05 23:15:07 | 000,137,145 | ---- | M] () -- C:\utorrent.png
[2010/02/27 18:46:18 | 000,004,425 | ---- | M] () -- C:\vizio.png
[2010/02/07 19:12:13 | 000,086,809 | ---- | M] () -- C:\woah.png

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/11/10 17:50:17 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/11/09 23:57:26 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009/11/10 17:50:17 | 021,757,952 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/11/10 17:50:17 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >

Extras.txt

OTL Extras logfile created on: 4/27/2010 8:31:06 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.57 Gb Total Space | 92.19 Gb Free Space | 62.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANONYMOUS
Current User Name: Zach
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3306:TCP" = 3306:TCP:*:Enabled:MySQL Server
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\OpinionSquare\opnsqr.exe" = C:\Program Files\OpinionSquare\opnsqr.exe:*:Enabled:opnsqr.exe -- File not found
"C:\hl2\hl2.exe" = C:\hl2\hl2.exe:*:Enabled:Half-Life_2 -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- File not found
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Valve\Garry's Mod\hl2.exe" = C:\Program Files\Valve\Garry's Mod\hl2.exe:*:Enabled:Garry's_Mod -- ()
"C:\Program Files\Valve\Garry's Mod\srcds.exe" = C:\Program Files\Valve\Garry's Mod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\hitman2.exe" = C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\hitman2.exe:*:Enabled:Hitman 2: Silent Assassin -- (IO Interactive)
"C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\config.exe" = C:\Program Files\Steam\steamapps\common\hitman 2 silent assassin\config.exe:*:Enabled:Hitman 2: Silent Assassin -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07F58BB0-50D4-4477-B491-A97B2AD059B6}" = TOSHIBA Hotkey Utility
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19AFC1C2-B11B-3FFF-9C9F-05761BC244D9}" = Windows SDK Intellidocs
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java™ 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java™ SE Development Kit 6 Update 16
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{44D9A2CB-0692-3180-B5E2-26F4E807D067}" = Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48FE73F3-4C3A-4871-BCD0-A7726A08BD64}" = Hex Workshop v6
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C518CC0-5CF1-481B-AB35-9BE5024DC106}" = Microsoft Windows SDK MDAC Headers and Libraries (6001.18000.367)
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6ED32BB5-56B6-4317-A2D1-98A8313C3BAF}" = Microsoft Windows SDK for Windows Server 2008 (6001.18000.367)
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E5B3FDE-62E1-4391-BBA0-0E4242AD9577}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (6001.18000.367)
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9BAED673-5D51-481E-B1E0-FB2E5039260B}" = Microsoft Windows SDK Intellisense and Reference Assemblies (6001.18000.367)
"{9C19FFB1-25FC-43FC-AC78-919E5E2A6DD0}" = TortoiseSVN 1.6.6.17493 (32 bit)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}" = Microsoft Speech SDK 5.1
"{A431744A-553F-4FC0-AF91-BCA47C7E0949}" = Microsoft Windows SDK for Windows Server 2008 Headers and Libraries (6001.18000.367)
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B46C272F-8B7A-402A-9915-8B0463F035DC}" = Microsoft Windows SDK for Windows Server 2008 Utilities for Win32 Development (6001.18000.367)
"{B7EC89B3-2B8C-44A9-815C-135F391068B0}" = Microsoft Windows SDK for Windows Server 2008 Common Utilities (6001.18000.367)
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBCBA2A0-F0E5-4EA8-AAC0-CF1DC592221E}" = Microsoft VC Redist 2008 (6001.18000.367)
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C02A6D5F-0FE1-46DE-B483-2BD33A226BCF}" = TOSHIBA TouchPad ON/Off Utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CD590618-36BD-0710-AC86-F3B3C4AF201E}" = Microsoft Windows SDK .NET Framework Tools
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2CBF3FE-A24F-40DF-B25D-8C9E05F0CD63}" = UltraEdit 15.20
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AMIP" = AMIP (remove only)
"AMIPConfigurator" = AMIPConfigurator (remove only)
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FileZilla Client" = FileZilla Client 3.2.8.1
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Silverlight" = Microsoft Silverlight
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"mIRC" = mIRC
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"nMP3amp" = nMP3amp (remove only)
"Notepad++" = Notepad++
"PowerISO" = PowerISO
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.0
"SDKSetup_6.0.6001.18000" = Microsoft Windows SDK for Windows Server 2008 (6001.18000.367)
"Steam App 211" = Source SDK
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 6850" = Hitman 2: Silent Assassin
"Steam App 70" = Half-Life
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"TOSHIBA Management Console" = TOSHIBA Management Console Version 3.5 (3.5.2)
"uTorrent" = µTorrent
"WavePad" = WavePad Sound Editor
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Half-Life 2" = Half-Life 2
"MLQTSource" = MediaLooks QuickTime Source 1.7.0.13 (DirectShow Filter)

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/4/2009 9:51:38 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestquerie...te/...k al&cp=7
failed, 0000A413.

Error - 11/9/2009 9:31:11 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://clients1.goog...h...gener&cp=18
failed, 0000A413.

Error - 11/10/2009 5:17:39 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://gmx.com/callg...e=1257887859707
failed, 0000A413.

Error - 4/27/2010 6:52:22 PM | Computer Name = ANONYMOUS | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

[ Application Events ]
Error - 4/6/2010 10:51:19 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/7/2010 10:02:33 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/8/2010 10:44:01 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/8/2010 8:00:20 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/9/2010 9:31:48 AM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/9/2010 1:05:30 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/10/2010 3:08:41 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/12/2010 4:13:00 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/13/2010 4:23:33 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

Error - 4/14/2010 4:18:42 PM | Computer Name = ANONYMOUS | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.100
for ServerName .

[ System Events ]
Error - 4/27/2010 7:37:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 4/27/2010 7:37:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 4/27/2010 7:41:00 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 4/27/2010 7:46:22 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 4/27/2010 7:46:34 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 4/27/2010 7:46:40 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 4/27/2010 7:49:12 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 4/27/2010 7:54:31 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 4/27/2010 8:14:43 PM | Computer Name = ANONYMOUS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 4/27/2010 8:15:57 PM | Computer Name = ANONYMOUS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSP atapi Fips intelppm PCIIde SCDEmu


< End of report >

Edited by sheppardzwc, 27 April 2010 - 07:42 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP